Søg
Avatar billede grantun Praktikant
21. maj 2006 - 09:08 Der er 10 kommentarer og
1 løsning

guardservice,hvad er det for virus?

En af mine venner får op en side som siger at man kan få virushjælp fra "guardservice" jeg udgår fra det er en virus,har set lignende før.
Er det en virus de kender?
Hviken?
Og hvordan bliver man af med den?
Avatar billede arlet Juniormester
21. maj 2006 - 09:09 #1
Lad os se en hijackthis log www.arlet.dk/hjt.htm
Avatar billede grantun Praktikant
21. maj 2006 - 09:20 #2
ser, unskyld-men svaren kommer langsamt da computern sår et andet sted....skriver når jeg har logfilen tak!
Avatar billede grantun Praktikant
21. maj 2006 - 09:39 #3
her er den:
Logfile of HijackThis v1.99.1
Scan saved at 09:33:40, on 21-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\ATKKBService.exe
D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuardUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoctrl.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\nvctrl.exe
D:\WINDOWS\SOUNDMAN.EXE
D:\Programmer\HP\HP Software Update\HPWuSchd.exe
D:\Programmer\HP\hpcoretech\hpcmpmgr.exe
D:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmer\MSN Messenger\MsnMsgr.Exe
D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuard.exe
D:\Programmer\Skype\Phone\Skype.exe
D:\Programmer\Java\jre1.5.0_01\bin\jucheck.exe
D:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Documents and Settings\Tor\Skrivebord\hjt.exe
D:\Programmer\HP\hpcoretech\comp\hpdarc.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Nothing - {edbf1bc8-39ab-48eb-a0a9-c75078eb7c8e} - D:\WINDOWS\system32\hpAEDD.tmp
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll (file missing)
O4 - HKLM\..\Run: [nTrayFw] D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] "D:\Programmer\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "D:\Programmer\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BullGuard] "D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BGNewsAgent] "D:\Documents and Settings\Tor\Skrivebord\BullGuard\BgNewsUI.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: app_filter - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard, Ltd. - D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuardUpdate.exe
O23 - Service: ewido security suite control - ewido networks - D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoctrl.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
Avatar billede grantun Praktikant
21. maj 2006 - 09:46 #4
siger det noget?
Avatar billede arlet Juniormester
21. maj 2006 - 11:42 #5
Ja*S*

Hent S!Ri's SmitfraudFix.zip og pak det ud til dit Skrivebord.
http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Programmet pakker sig ud i en mappe, der hedder SmitfraudFix.

-- Hent Ewido herfra (14 dages version af plus-versionen)
http://www.spywarefri.dk/downloads1/ewido-setup.exe
Installer og opdater programmet, men vent med at scanne.

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Åbn mappen SmitfraudFix som du fik på Skrivebordet, og dobbeltklik på SmitfraudFix.cmd og tast 2 - svar ja til at rense (y=yes). Lad programmet gennemføre en rensning. Det vil også checke om systemfilen wininet.dll er inficeret. Hvis den er det, vil du blive bedt om tilladelse til at erstatte den med en anden. Her skal du vælge "Yes", ved at taste "y".

Programmet bliver muligvis nødt til at genstarte undervejs. Herefter vil der dukke en liste med resultaterne af rensningen op . Kopiér denne liste ind i tråden.

-- Kør en fuld scanning med Ewido, og tillad programmet at fixe de ting, som det finder. Programmet laver en lille log, som du skal kopiere herind.

-- Genstart og læg en frisk Hijackthislog herind, sammen med loggen fra Ewido og loggen fra SmitfraudFix (C:\rapport.txt).

NB: Filen "process.exe" som ligger i dette værktøj bliver af visse antivirus-programmer identificeret som "RiskTool". Det har dog ikke noget på sig!
Avatar billede grantun Praktikant
21. maj 2006 - 11:57 #6
fint testar, har for øvrigt også en lille irreterande en-men ganske ofarlig på min dator,återkommer med den senere, så kan det bli en smule fler poäng...

det er vist den samme de haft før kan jeg se......jeg återkommer når computern blivit tested ,tak........
Avatar billede grantun Praktikant
21. maj 2006 - 23:06 #7
Logfile of HijackThis v1.99.1
Scan saved at 21:40:42, on 21-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\ATKKBService.exe
D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuardUpdate.exe
D:\WINDOWS\System32\svchost.exe
D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoctrl.exe
D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoguard.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
D:\WINDOWS\system32\nvsvc32.exe
D:\WINDOWS\system32\svchost.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Programmer\HP\HP Software Update\HPWuSchd.exe
D:\Programmer\HP\hpcoretech\hpcmpmgr.exe
D:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Programmer\Java\jre1.5.0_01\bin\jucheck.exe
D:\Programmer\MSN Messenger\MsnMsgr.Exe
D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuard.exe
D:\Programmer\Skype\Phone\Skype.exe
D:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
D:\WINDOWS\system32\wuauclt.exe
D:\WINDOWS\system32\HPZipm12.exe
D:\Documents and Settings\Tor\Skrivebord\Ny mappe\hjt.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll (file missing)
O4 - HKLM\..\Run: [nTrayFw] D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [HP Software Update] "D:\Programmer\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "D:\Programmer\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DXDllRegExe] dxdllreg.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmer\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [BullGuard] "D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuard.exe"
O4 - HKCU\..\Run: [BGNewsAgent] "D:\Documents and Settings\Tor\Skrivebord\BullGuard\BgNewsUI.exe"
O4 - HKCU\..\Run: [Skype] "D:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: d:\windows\system32\nvappfilter.dll
O12 - Plugin for .spop: D:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - D:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: app_filter - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe
O23 - Service: BullGuard LiveUpdate (BGLiveSvc) - BullGuard, Ltd. - D:\Documents and Settings\Tor\Skrivebord\BullGuard\BullGuardUpdate.exe
O23 - Service: ewido security suite control - ewido networks - D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - D:\Documents and Settings\Tor\Skrivebord\ewido anti-malware\ewidoguard.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: ForceWare IP service (nSvcIp) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - D:\Programmer\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\system32\HPZipm12.exe
**********
-----------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------

+ Oprettet den:            21:29:58, 21-05-2006
+ Rapport-Checksum:        2996FCEA

+ Scanningsresultat:
    D:\Documents and Settings\Tor\Cookies\tor@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@adtech[2].txt -> TrackingCookie.Adtech : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@advertising[2].txt -> TrackingCookie.Advertising : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@data.coremetrics[1].txt -> TrackingCookie.Coremetrics : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@doubleclick[2].txt -> TrackingCookie.Doubleclick : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@ehg-baa.hitbox[2].txt -> TrackingCookie.Hitbox : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@ehg-legonewyorkinc.hitbox[2].txt -> TrackingCookie.Hitbox : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@ehg-penguingroupusa.hitbox[1].txt -> TrackingCookie.Hitbox : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@hitbox[2].txt -> TrackingCookie.Hitbox : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@image.masterstats[1].txt -> TrackingCookie.Masterstats : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@impse.tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@mediaplex[1].txt -> TrackingCookie.Mediaplex : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@overture[1].txt -> TrackingCookie.Overture : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@paycounter[2].txt -> TrackingCookie.Paycounter : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@serving-sys[2].txt -> TrackingCookie.Serving-sys : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@sextracker[1].txt -> TrackingCookie.Sextracker : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@statcounter[1].txt -> TrackingCookie.Statcounter : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@statse.webtrendslive[1].txt -> TrackingCookie.Webtrendslive : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@web-stat[2].txt -> TrackingCookie.Web-stat : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@webstat[2].txt -> TrackingCookie.Web-stat : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@www.smartadserver[1].txt -> TrackingCookie.Smartadserver : Renset med backup
    D:\Documents and Settings\Tor\Cookies\tor@zedo[2].txt -> TrackingCookie.Zedo : Renset med backup
+++++++++
SmitFraudFix v2.45

Scan done at 20:57:49,79, 21-05-2006
Run from D:\Documents and Settings\Tor\Skrivebord\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [version 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

D:\WINDOWS\system32\dfrgsrv.exe Deleted
D:\WINDOWS\system32\hp????.tmp Deleted
D:\WINDOWS\system32\interf.tlb Deleted
D:\WINDOWS\system32\ld????.tmp Deleted
D:\WINDOWS\system32\ncompat.tlb Deleted
D:\WINDOWS\system32\nvctrl.exe Deleted
D:\WINDOWS\system32\ot.ico Deleted
D:\WINDOWS\system32\sivudro.dll Deleted
D:\WINDOWS\system32\ts.ico Deleted
D:\WINDOWS\system32\1024\ Deleted
D:\DOCUME~1\Tor\FORETR~1\Antivirus Test Online.url Deleted
D:\DOCUME~1\Tor\MENUEN~1\SpyFalcon 2.0.lnk Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» End
Avatar billede grantun Praktikant
23. maj 2006 - 07:33 #8
væk?
Avatar billede ejvindh Ekspert
23. maj 2006 - 10:07 #9
Ja, Arlet har vist overset denne tråd. Men loggen er ren nu *S*
Avatar billede grantun Praktikant
23. maj 2006 - 13:10 #10
Fint tak for svar :-)
Avatar billede ejvindh Ekspert
23. maj 2006 - 13:14 #11
Det var så lidt :-)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
54 min siden PLEX Media Server : Har Orange Trekanter Af Ikke-ekspert i Fri debat
I dag 16:33 OneDrive kan ikke tilgås Af Perba i Office & Kontorpakker
I dag 14:32 Træk data fra ny lokation ved måneds skift Af Hezo i Excel
I dag 13:54 Uønsket "tekst TV" på Denver 24" LED TV MPEG4 DVBT/C TV Af ole falsted i Fjernsyn & projektorer
I dag 10:54 PDF app til Android - Samsung Galaxy XCover 5 Af ErikHg i Andet software
White papers
Flere white papers »