Søg
Avatar billede kim-h Novice
17. maj 2006 - 20:08 Der er 6 kommentarer og
1 løsning

Kan i tjekke hijackthis logfil

Jeg er begynd at få problemer med min pc. Nogle gange vil den ikke starte rigtigt op, den står bare og arbejder helt vildt. Andre gange kan jeg ikke skifte bruger, eller lukke ned, sammen bruger bliver ved med at være aktiv. Der står også tit at der er ulæst mail under en bruger , selvom alle mails er læst.
Har kørt Ad-Aware SE Personal og har Kaspersky antivirus program , som køre skanning en gang om ugen.
Så nu syntes jeg det er tid til et tjeck af en hijackthis logfil.

Logfile of HijackThis v1.99.1
Scan saved at 20:08:05, on 17-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Analog Devices\Core\smax4pnp.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Dell\Media Experience\DMXLauncher.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\NetLimiter\NetLimiter.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\FÆLLES~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\ATI Technologies\ATI.ACE\CLI.exe
C:\Programmer\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Programmer\Google\Gmail Notifier\gnotify.exe
C:\Programmer\SpywareGuard\sgmain.exe
C:\Programmer\SpywareGuard\sgbhp.exe
C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Kim\Skrivebord\Spy\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ka-net.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Idea2 SidebarBrowserMonitor Class - {45AD732C-2CE2-4666-B366-B2214AD57A49} - C:\Programmer\Desktop Sidebar\sbhelp.dll (file missing)
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmer\SpywareGuard\dlprotect.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Programmer\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [DMXLauncher] C:\Programmer\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Programmer\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 - HKLM\..\Run: [NetLimiter] C:\Programmer\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [KAVPersonal50] "C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmer\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Gmail Notifier.lnk = C:\Programmer\Google\Gmail Notifier\gnotify.exe
O4 - Startup: SpywareGuard.lnk = C:\Programmer\SpywareGuard\sgmain.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Programmer\ATI Technologies\ATI.ACE\CLI.exe
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\programmer\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\npjpi150_06.dll
O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programmer\Desktop Sidebar\sbhelp.dll (file missing)
O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - C:\Programmer\Desktop Sidebar\sbhelp.dll (file missing)
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O15 - Trusted Zone: *.sputnik.dk
O15 - Trusted Zone: *.tv2.dk
O16 - DPF: Nordea Online investering - https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/platypus/miniclipGameLoader.dll
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1120165337000
O16 - DPF: {90A29DA5-D020-4B18-8660-6689520C7CD7} (DmiReader Class) - http://support.euro.dell.com/global/apps/systemprofiler/PROFILER.CAB
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.5 Control) - http://light.gabs.dk/imageuploader/ImageUploader3.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://fotomail.billedbutikken.dk/upload/xupload/XUpload2101.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{CE624C37-E23A-4A1D-A87B-866CE2EA5CB9}: NameServer = 192.168.1.3,192.168.1.9
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - D:\Player\__CDS2.dll (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O20 - Winlogon Notify: winbjt32 - winbjt32.dll (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Programmer\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\SYSTEM32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: kavsvc - Kaspersky Lab - C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
O23 - Service: Norton AntiVirus Auto Protect (navapsvc) - Unknown owner - C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
Avatar billede ejvindh Ekspert
17. maj 2006 - 20:29 #1
Der er en enkelt rest fra en tidligere infektion, som du bør fixe med Hijackthis:
O20 - Winlogon Notify: winbjt32 - winbjt32.dll (file missing)

Genstart og check at linien er forsvundet fra loggen. Hvis den er det, er loggen ren.

For at checke om der ligger noget, som ikke kan ses i loggen, kan du efterfølgende køre disse 2 scannere:
Hent Dr. Web, og gem det på skrivebordet:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Genstart til fejlsikret tilstand (tryk F8 under opstarten)

Kør en fuld scanning med Ewido. Programmet laver en lille log, som du skal kopiere herind i dit næste svar.

Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til.
Når den skriver "Select object for Scanning" nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Rename.
Klik så på OK, for at komme ud til hovedmenuen igen.
Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.

Klik så på den grønne pil ovre til højre på siden, så starter scanningen.
Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.
Klik så på Start->Søg, find filen CureIt.log kopier det nederste af teksten herind, startende med:
Scan statistics.
Avatar billede kim-h Novice
18. maj 2006 - 00:56 #2
Det tog sin tid, men her er resultaterne.

Først O20 - Winlogon Notify: winbjt32 - winbjt32.dll (file missing) var forsvundet.
Ewido log:
---------------------------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------

+ Oprettet den:            21:46:46, 17-05-2006
+ Rapport-Checksum:        C4354322

+ Scanningsresultat:
    :mozilla.16:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.Adtech : Renset med backup
    :mozilla.17:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.Adtech : Renset med backup
    :mozilla.18:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.Mediaplex : Renset med backup
    :mozilla.31:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.32:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.33:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.34:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.35:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.36:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.2o7 : Renset med backup
    :mozilla.40:C:\Documents and Settings\Familien\Application Data\Mozilla\Firefox\Profiles\gwm2my0x.default\cookies.txt -> TrackingCookie.Atdmt : Renset med backup
    C:\Documents and Settings\Familien\Cookies\familien@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Renset med backup
    C:\Documents and Settings\Familien\Cookies\familien@ad1.clickhype[2].txt -> TrackingCookie.Clickhype : Renset med backup
    :mozilla.6:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Statcounter : Renset med backup
    :mozilla.7:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Adbrite : Renset med backup
    :mozilla.8:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Statcounter : Renset med backup
    :mozilla.9:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Statcounter : Renset med backup
    :mozilla.10:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Adbrite : Renset med backup
    :mozilla.11:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Adbrite : Renset med backup
    :mozilla.12:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.13:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.14:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.15:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.16:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.17:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.18:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.19:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.20:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yieldmanager : Renset med backup
    :mozilla.27:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Falkag : Renset med backup
    :mozilla.28:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Falkag : Renset med backup
    :mozilla.29:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Falkag : Renset med backup
    :mozilla.75:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Zedo : Renset med backup
    :mozilla.76:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Zedo : Renset med backup
    :mozilla.77:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Zedo : Renset med backup
    :mozilla.116:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Falkag : Renset med backup
    :mozilla.121:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Serving-sys : Renset med backup
    :mozilla.122:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Serving-sys : Renset med backup
    :mozilla.123:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Serving-sys : Renset med backup
    :mozilla.124:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Serving-sys : Renset med backup
    :mozilla.125:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Adjuggler : Renset med backup
    :mozilla.126:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Adjuggler : Renset med backup
    :mozilla.138:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Reliablestats : Renset med backup
    :mozilla.139:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Reliablestats : Renset med backup
    :mozilla.140:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Reliablestats : Renset med backup
    :mozilla.141:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Reliablestats : Renset med backup
    :mozilla.142:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Reliablestats : Renset med backup
    :mozilla.171:C:\Documents and Settings\Kim\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\cookies.txt -> TrackingCookie.Yadro : Renset med backup
    C:\Documents and Settings\Kim\Cookies\kim@217.73.66[2].txt -> TrackingCookie.217.73.66.16 : Renset med backup
    C:\Documents and Settings\Kim\Cookies\kim@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Renset med backup
    C:\Documents and Settings\Kim\Cookies\kim@adbrite[1].txt -> TrackingCookie.Adbrite : Renset med backup
    C:\Documents and Settings\Kim\Cookies\kim@com[1].txt -> TrackingCookie.Com : Renset med backup
    C:\Documents and Settings\Kim\Lokale indstillinger\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\Cache\71888828d01 -> Not-A-Virus.Downloader.Win32.WinFixer.d : Renset med backup
    C:\Documents and Settings\Kim\Lokale indstillinger\Application Data\Mozilla\Firefox\Profiles\w5g738ca.default\Cache\F498AD79d01 -> Heuristic.Win32.Dialer : Renset med backup
    C:\Documents and Settings\Spil\Cookies\spil@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Renset med backup
    C:\Programmer\KKeeper\KKeeper.exe -> Not-A-Virus.Monitor.Win32.StonsKeyKeeper : Renset med backup


::Rapport slut

drweb log:

Scan statistics

Objects scanned: 0
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 0 Kb/s
Scan time: 00:00:00


[Scan path] C:\WINDOWS\System32\smss.exe
[Scan path] C:\WINDOWS\system32\csrss.exe
[Scan path] C:\WINDOWS\system32\winlogon.exe
[Scan path] C:\WINDOWS\system32\services.exe
[Scan path] C:\WINDOWS\system32\lsass.exe
[Scan path] C:\WINDOWS\system32\svchost.exe
[Scan path] C:\WINDOWS\explorer.exe
[Scan path] C:\DOCUME~1\Kim\LOKALE~1\Temp\RarSFX0\_start.exe
[Scan path] C:\DOCUME~1\Kim\LOKALE~1\Temp\RarSFX0\cureit.exe
[Scan path] C:\Programmer\Analog Devices\Core\smax4pnp.exe
[Scan path] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
[Scan path] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
[Scan path] C:\WINDOWS\system32\dla\tfswctrl.exe
[Scan path] C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
[Scan path] C:\Programmer\Dell\Media Experience\DMXLauncher.exe
[Scan path] C:\Programmer\ATI Technologies\ATI.ACE\cli.exe
[Scan path] C:\Programmer\NetLimiter\NetLimiter.exe
[Scan path] C:\WINDOWS\Logi_MwX.Exe
[Scan path] C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
[Scan path] C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe
[Scan path] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
[Scan path] C:\Programmer\Adobe\Photoshop Elements 4.0\apdproxy.exe
[Scan path] C:\WINDOWS\system32\ctfmon.exe
[Scan path] C:\Programmer\MSN Messenger\msnmsgr.exe
[Scan path] C:\Programmer\Skype\Phone\Skype.exe
[Scan path] C:\Documents and Settings\Kim\Menuen Start\Programmer\Start\DESKTOP.INI
[Scan path] C:\Programmer\Google\Gmail Notifier\gnotify.exe
[Scan path] C:\Programmer\SpywareGuard\sgmain.exe
[Scan path] C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\DESKTOP.INI
[Scan path] C:\WINDOWS\system32\mmsys.cpl
[Scan path] C:\WINDOWS\system32\icmui.dll
[Scan path] C:\WINDOWS\system32\rshx32.dll
[Scan path] C:\WINDOWS\system32\docprop.dll
[Scan path] C:\WINDOWS\system32\ntshrui.dll
[Scan path] C:\WINDOWS\system32\themeui.dll
[Scan path] C:\WINDOWS\system32\deskadp.dll
[Scan path] C:\WINDOWS\system32\deskmon.dll
[Scan path] C:\WINDOWS\system32\dssec.dll
[Scan path] C:\WINDOWS\system32\SlayerXP.dll
[Scan path] C:\WINDOWS\system32\shscrap.dll
[Scan path] C:\WINDOWS\system32\diskcopy.dll
[Scan path] C:\WINDOWS\system32\ntlanui2.dll
[Scan path] C:\WINDOWS\system32\printui.dll
[Scan path] C:\WINDOWS\system32\dskquoui.dll
[Scan path] C:\WINDOWS\system32\syncui.dll
[Scan path] C:\WINDOWS\system32\hticons.dll
[Scan path] C:\WINDOWS\system32\fontext.dll
[Scan path] C:\WINDOWS\system32\deskperf.dll
[Scan path] C:\WINDOWS\system32\cryptext.dll
[Scan path] C:\WINDOWS\system32\NETSHELL.dll
[Scan path] C:\WINDOWS\system32\wiashext.dll
[Scan path] C:\WINDOWS\system32\remotepg.dll
[Scan path] C:\WINDOWS\system32\wshext.dll
[Scan path] C:\Programmer\Fælles filer\System\Ole DB\oledb32.dll
[Scan path] C:\WINDOWS\system32\mstask.dll
[Scan path] C:\WINDOWS\system32\shdocvw.dll
[Scan path] C:\WINDOWS\system32\wuaucpl.cpl
[Scan path] C:\WINDOWS\system32\twext.dll
[Scan path] C:\WINDOWS\system32\shmedia.dll
[Scan path] C:\WINDOWS\system32\browseui.dll
[Scan path] C:\WINDOWS\system32\sendmail.dll
[Scan path] C:\WINDOWS\system32\occache.dll
[Scan path] C:\WINDOWS\system32\webcheck.dll
[Scan path] C:\WINDOWS\system32\appwiz.cpl
[Scan path] C:\WINDOWS\system32\shimgvw.dll
[Scan path] C:\WINDOWS\system32\netplwiz.dll
[Scan path] C:\WINDOWS\system32\zipfldr.dll
[Scan path] C:\WINDOWS\system32\extmgr.dll
[Scan path] C:\WINDOWS\system32\msieftp.dll
[Scan path] C:\WINDOWS\system32\docprop2.dll
[Scan path] C:\WINDOWS\system32\dsquery.dll
[Scan path] C:\WINDOWS\system32\dsuiext.dll
[Scan path] C:\WINDOWS\system32\mydocs.dll
[Scan path] C:\WINDOWS\System32\cscui.dll
[Scan path] C:\WINDOWS\msagent\agentpsh.dll
[Scan path] C:\WINDOWS\system32\dfsshlex.dll
[Scan path] C:\WINDOWS\system32\photowiz.dll
[Scan path] C:\WINDOWS\System32\mmcshext.dll
[Scan path] C:\WINDOWS\system32\cabview.dll
[Scan path] C:\Programmer\Outlook Express\wabfind.dll
[Scan path] C:\WINDOWS\system32\wmpshell.dll
[Scan path] C:\WINDOWS\system32\mscoree.dll
[Scan path] C:\WINDOWS\system32\dla\tfswshx.dll
[Scan path] C:\Programmer\Sonic\RecordNow!\shlext.dll
[Scan path] C:\Programmer\Logitech\Video\Namespc2.dll
[Scan path] C:\Programmer\SpywareGuard\spywareguard.dll
[Scan path] C:\WINDOWS\system32\Audiodev.dll
[Scan path] C:\Programmer\Fælles filer\Ahead\Lib\NeroDigitalExt.dll
[Scan path] C:\Programmer\WinRAR\rarext.dll
[Scan path] C:\Programmer\GlobalSCAPE\CuteFTP\Cuteshell.dll
[Scan path] C:\Programmer\iTunes\iTunesMiniPlayer.dll
[Scan path] C:\PROGRA~1\FÆLLES~1\MICROS~1\WEBFOL~1\MSONSEXT.DLL
[Scan path] C:\Programmer\Microsoft Office\OFFICE11\msohev.dll
[Scan path] C:\WINDOWS\system32\cdfview.dll
[Scan path] C:\Programmer\ATI Technologies\ATI.ACE\atiacmxx.dll
[Scan path] C:\Programmer\Real\RealPlayer\rpshell.dll
[Scan path] C:\Programmer\Nokia\Nokia PC Suite 6\PhoneBrowser.dll
[Scan path] C:\Programmer\Nokia\Nokia PC Suite 6\MessageView.dll
[Scan path] C:\PROGRA~1\MICROS~4\OFFICE11\MLSHEXT.DLL
[Scan path] C:\PROGRA~1\MICROS~4\OFFICE11\OLKFSTUB.DLL
[Scan path] C:\Programmer\PowerISO\PWRISOSH.DLL
[Scan path] C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
[Scan path] C:\Programmer\SpywareGuard\dlprotect.dll
[Scan path] C:\WINDOWS\system32\SHELL32.dll
[Scan path] C:\WINDOWS\system32\stobject.dll
[Scan path] C:\WINDOWS\system32\Ati2evxx.dll
[Scan path] C:\WINDOWS\system32\crypt32.dll
[Scan path] C:\WINDOWS\system32\cryptnet.dll
[Scan path] C:\WINDOWS\system32\cscdll.dll
[Scan path] C:\WINDOWS\system32\wlnotify.dll
[Scan path] C:\WINDOWS\system32\sclgntfy.dll
[Scan path] C:\WINDOWS\system32\WgaLogon.dll
[Scan path] C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
[Scan path] C:\WINDOWS\system32\DRIVERS\ACPI.sys
[Scan path] C:\Programmer\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\adpu160m.sys
[Scan path] C:\WINDOWS\system32\drivers\aec.sys
[Scan path] C:\WINDOWS\System32\drivers\afd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\agp440.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\aha154x.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\aic78u2.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\aic78xx.sys
[Scan path] C:\WINDOWS\System32\alg.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\aliide.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\alim1541.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\amdagp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\amsint.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\asc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\asc3350p.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\asc3550.sys
[Scan path] C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\asyncmac.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atapi.sys
[Scan path] C:\WINDOWS\system32\Ati2evxx.exe
[Scan path] C:\WINDOWS\SYSTEM32\ati2sgag.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ati2mtag.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\atmarpc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\audstub.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\cdrom.sys
[Scan path] C:\WINDOWS\system32\cisvc.exe
[Scan path] C:\WINDOWS\system32\clipsrv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\cmdide.sys
[Scan path] C:\WINDOWS\system32\dllhost.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\cpqarray.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\dac960nt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\disk.sys
[Scan path] C:\WINDOWS\System32\dmadmin.exe
[Scan path] C:\WINDOWS\System32\drivers\dmboot.sys
[Scan path] C:\WINDOWS\system32\drivers\DMusic.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\dpti2o.sys
[Scan path] C:\WINDOWS\system32\drivers\drmkaud.sys
[Scan path] C:\WINDOWS\system32\drivers\drvmcdb.sys
[Scan path] C:\WINDOWS\system32\drivers\drvnddm.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\e100b325.sys
[Scan path] C:\WINDOWS\System32\Drivers\ElbyCDFL.sys
[Scan path] C:\WINDOWS\System32\Drivers\ElbyCDIO.sys
[Scan path] C:\WINDOWS\System32\Drivers\ElbyDelay.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ENTECH.SYS
[Scan path] C:\Programmer\ewido\security suite\ewidoctrl.exe
[Scan path] C:\Programmer\ewido\security suite\guard.sys
[Scan path] C:\Programmer\ewido\security suite\ewidoguard.exe
[Scan path] C:\WINDOWS\system32\fxssvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\fdc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\flpydisk.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\fltMgr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ftdisk.sys
[Scan path] C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\msgpc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\hidusb.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\hpn.sys
[Scan path] C:\WINDOWS\System32\Drivers\HTTP.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\i2omp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\i8042prt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\imapi.sys
[Scan path] C:\WINDOWS\system32\imapi.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ini910u.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\intelide.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\intelppm.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipinip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ipnat.sys
[Scan path] C:\Programmer\iPod\bin\iPodService.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\ipsec.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\irda.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\irenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\isapnp.sys
[Scan path] C:\Programmer\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\kbdclass.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\kbdhid.sys
[Scan path] C:\WINDOWS\System32\drivers\kl1.sys
[Scan path] C:\WINDOWS\System32\drivers\klif.sys
[Scan path] C:\WINDOWS\System32\drivers\klmc.sys
[Scan path] C:\WINDOWS\system32\drivers\kmixer.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LHidFlt2.Sys
[Scan path] C:\WINDOWS\System32\Drivers\LHidUsb.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LMouFlt2.Sys
[Scan path] C:\WINDOWS\system32\DRIVERS\MA-620.sys
[Scan path] C:\WINDOWS\system32\mnmsrvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\mouclass.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mouhid.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mraid35x.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxdav.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
[Scan path] C:\WINDOWS\system32\msdtc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\MSIRCOMM.sys
[Scan path] C:\WINDOWS\system32\msiexec.exe
[Scan path] C:\WINDOWS\system32\drivers\MSKSSRV.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPCLOCK.sys
[Scan path] C:\WINDOWS\system32\drivers\MSPQM.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\mssmbios.sys
[Scan path] C:\WINDOWS\system32\drivers\MSTEE.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\NdisIP.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndistapi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndisuio.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ndiswan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbios.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\netbt.sys
[Scan path] C:\WINDOWS\system32\netdde.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkipx.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnknb.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\nwlnkspx.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\omci.sys
[Scan path] C:\Programmer\Fælles filer\Microsoft Shared\Source Engine\OSE.EXE
[Scan path] C:\WINDOWS\system32\DRIVERS\parport.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\pci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\pciide.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\perc2.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\perc2hib.sys
[Scan path] C:\WINDOWS\system32\drivers\pfc.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\LV532AV.SYS
[Scan path] C:\WINDOWS\system32\DRIVERS\pnpshark.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspptp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\psched.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ptilink.sys
[Scan path] C:\WINDOWS\System32\Drivers\PxHelp20.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ql1080.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ql12160.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ql1240.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ql1280.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasacd.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasirda.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspppoe.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\raspti.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rdbss.sys
[Scan path] C:\WINDOWS\System32\DRIVERS\RDPCDD.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\rdpdr.sys
[Scan path] C:\WINDOWS\system32\sessmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\redbook.sys
[Scan path] C:\WINDOWS\system32\locator.exe
[Scan path] C:\WINDOWS\system32\rsvp.exe
[Scan path] C:\WINDOWS\System32\SCardSvr.exe
[Scan path] C:\WINDOWS\System32\drivers\sdcplh.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\secdrv.sys
[Scan path] C:\WINDOWS\system32\drivers\senfilt.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serenum.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\serial.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sisagp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\SLIP.sys
[Scan path] C:\WINDOWS\system32\drivers\smwdm.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sparrow.sys
[Scan path] C:\WINDOWS\system32\drivers\splitter.sys
[Scan path] C:\WINDOWS\system32\spoolsv.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\sr.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\srv.sys
[Scan path] C:\WINDOWS\system32\drivers\sscdbhk5.sys
[Scan path] C:\WINDOWS\system32\drivers\ssrtln.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\st3shark.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\StreamIP.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\swenum.sys
[Scan path] C:\WINDOWS\system32\drivers\swmidi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\symc810.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\symc8xx.sys
[Scan path] C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\sym_hi.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\sym_u3.sys
[Scan path] C:\WINDOWS\system32\drivers\sysaudio.sys
[Scan path] C:\WINDOWS\system32\smlogsvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\tcpip.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\termdd.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnboio.sys
[Scan path] C:\WINDOWS\system32\dla\tfsncofs.sys
[Scan path] C:\WINDOWS\system32\dla\tfsndrct.sys
[Scan path] C:\WINDOWS\system32\dla\tfsndres.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnifs.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnopio.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnpool.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnudf.sys
[Scan path] C:\WINDOWS\system32\dla\tfsnudfa.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\toside.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\ultra.sys
[Scan path] C:\WINDOWS\system32\wdfmgr.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\update.sys
[Scan path] C:\WINDOWS\System32\ups.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\usbccgp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbehci.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbhub.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\usbscan.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
[Scan path] C:\WINDOWS\system32\DRIVERS\usbuhci.sys
[Scan path] C:\WINDOWS\System32\drivers\vga.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\viaagp.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\viaide.sys
[Scan path] C:\WINDOWS\System32\vsdatant.sys
[Scan path] C:\WINDOWS\SYSTEM32\ZoneLabs\vsmon.exe
[Scan path] C:\WINDOWS\System32\vssvc.exe
[Scan path] C:\WINDOWS\system32\DRIVERS\wanarp.sys
[Scan path] C:\WINDOWS\system32\drivers\wdmaud.sys
[Scan path] C:\WINDOWS\system32\wbem\wmiapsrv.exe
[Scan path] C:\WINDOWS\System32\drivers\ws2ifsl.sys
[Scan path] C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
[Scan path] C:\Documents and Settings\Kim\Menuen Start\Programmer\Start\Gmail Notifier.lnk
[Scan path] C:\Documents and Settings\Kim\Menuen Start\Programmer\Start\SpywareGuard.lnk
[Scan path] C:\Documents and Settings\All Users\Menuen Start\Programmer\Start\ATI CATALYST System Tray.lnk

Scan statistics

Objects scanned: 649
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 0
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 0
Objects moved: 0
Objects ignored: 0
Scan speed: 5570 Kb/s
Scan time: 00:00:15


[Scan path] C:\
C:\Documents and Settings\All Users\Dokumenter\Hijack\backups\backup-20050115-201040-984.dll is adware program Adware.SpywareStorm - renamed
C:\Documents and Settings\All Users\Dokumenter\Programmer\vncviewer.exe is riskware program Program.RemoteAdmin - renamed
C:\Documents and Settings\All Users\Dokumenter\Programmer\winvnc.exe is riskware program Program.RemoteAdmin - renamed
C:\Documents and Settings\Kim\NTUSER.DAT - read error
C:\Documents and Settings\Kim\NTUSER~1.LOG - read error
C:\Documents and Settings\Kim\Lokale indstillinger\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\Kim\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\LocalService\NTUSER.DAT - read error
C:\Documents and Settings\LocalService\NTUSER~1.LOG - read error
C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\LocalService\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Documents and Settings\NetworkService\NTUSER.DAT - read error
C:\Documents and Settings\NetworkService\NTUSER~1.LOG - read error
C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\Microsoft\Windows\UsrClass.dat - read error
C:\Documents and Settings\NetworkService\Lokale indstillinger\Application Data\Microsoft\Windows\USRCLA~1.LOG - read error
C:\Programmer\Fælles filer\Real\WeatherBug\MiniBugTransporter.dll is adware program Adware.Minibug - renamed
C:\Programmer\Mozilla Firefox\plugins\npclntax.dll is adware program Adware.Zango - renamed
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT - read error
C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG - read error
C:\WINDOWS\SYSTEM32\CONFIG\SAM - read error
C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG - read error
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY - read error
C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG - read error
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE - read error
C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG - read error
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM - read error
C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG - read error


Scan statistics

Objects scanned: 418516
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 2
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 5
Objects moved: 0
Objects ignored: 0
Scan speed: 265 Kb/s
Scan time: 01:32:46



Total session statistics

Objects scanned: 419165
Infected objects found: 0
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 2
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 0
Objects renamed: 5
Objects moved: 0
Objects ignored: 0
Scan speed: 280 Kb/s
Scan time: 01:33:01
Avatar billede ejvindh Ekspert
18. maj 2006 - 10:22 #3
Både Ewido go Dr.Web fandt lidt forskelligt. Har det hjulpet på dit problem?
Avatar billede kim-h Novice
18. maj 2006 - 15:34 #4
Nu skal jeg lige benytte computeren lidt og logge af og på på de forskellige brugere.
Så jeg acceptere dit svar om et par dage, hvis der ikke opstår flere problemer.
Men Tak for hjælpen indtil videre. :-)
Avatar billede ejvindh Ekspert
18. maj 2006 - 15:52 #5
Alt i orden :-)
Avatar billede kim-h Novice
03. juni 2006 - 09:33 #6
Undskyld at der gik så lang tid, men det ser ud til at virike nu.
Avatar billede ejvindh Ekspert
03. juni 2006 - 14:24 #7
Alt i orden. Jeg takker for point :-)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 17:23 PLEX Media Server : Har Orange Trekanter Af Ikke-ekspert i Fri debat
I dag 16:33 OneDrive kan ikke tilgås Af Perba i Office & Kontorpakker
I dag 14:32 Træk data fra ny lokation ved måneds skift Af Hezo i Excel
I dag 13:54 Uønsket "tekst TV" på Denver 24" LED TV MPEG4 DVBT/C TV Af ole falsted i Fjernsyn & projektorer
I dag 10:54 PDF app til Android - Samsung Galaxy XCover 5 Af ErikHg i Andet software
White papers
Flere white papers »