Notifikationer

Markér alle som læst Log ud

riverhorse555 Nybegynder

26. juni 2006 - 21:19 Der er 6 kommentarer

Hijacked - hjælp ønskes

Tror muligvis min computer er fyldt med lort, men ka ik finde ud af hva der ska gøres?

Har lavet en hijackthis log, her er den:

Logfile of HijackThis v1.99.1
Scan saved at 21:13:07, on 26-06-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmer\Winamp\winampa.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\iexplorer.exe
C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Programmer\BearShare\BearShare.exe
C:\Programmer\outlook\outlook.exe
C:\WINDOWS\system32\winlog.exe
C:\WINDOWS\System32\WScript.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmer\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\FLLESF~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\regsrv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\Steam\Steam.exe
c:\programmer\steam\steamapps\riverhorse555\counter-strike source\hl2.exe
C:\Programmer\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
D:\Musik\Ny musik\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F0 - system.ini: Shell=Explorer.exe C:\WINDOWS\system32\winmgd.win
F1 - win.ini: run=C:\WINDOWS\system32\mouse_configurator.win
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Iexplorer] C:\WINDOWS\iexplorer.exe
O4 - HKLM\..\Run: [DataLayer] C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [BearShare] "D:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [outlook] C:\Programmer\outlook\outlook.exe /auto
O4 - HKLM\..\Run: [winlog] winlog.exe
O4 - HKLM\..\Run: [Kernel32] C:\WINDOWS\system32\Kernel32.win
O4 - HKLM\..\Run: [Israfel] C:\WINDOWS\system32\Israfel.vbs
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\RunServices: [winlog] winlog.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Programmer\Save\Save.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Steam] "C:\Programmer\Steam\Steam.exe" -silent
O4 - Startup: ubisoft register.lnk = C:\Programmer\Ubi Soft\Register\schedule.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Programmer\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programmer\bet365MPP\MPPoker.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

På forhånd tak

Synes godt om

arlet Juniormester

26. juni 2006 - 21:50 #1

Du skal hente 2 scannere..

Først Dr.Web:
Hent denne scanner.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
(men lad være med at scanne endnu).

-----

Derefter SAS:
Hent og installer denne scanner:
http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe
Start programmet, klik på Check for updates, når det er opdateret, luk programmet
(men lad være med at scanne endnu).

-----

Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)

-----

Scan med Dr.web:
Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til.
Når den skriver Done nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Rename.
Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.

Klik så på den grønne pil ovre til højre på siden, så starter scanningen.
Første gang Dr.Web finder noget, klik "Yes to All", så fjerner den hvad den finder.
Klik så på Start->Søg, find filen drweb32w.log kopier det nederste af teksten herind, startende med:
Scan statistics.

-----

Scan med SAS:
Start programmet, klik på Scan your Computer, sæt flueben i de drev der skal scannes.
(Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.

Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet.

Start SuperAntiSpyware igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, den åbner i notesblok, kopier resultatet herind.

Kom også med en frisk hijackthislog samt logsne fra dr.web og SAS

Synes godt om

riverhorse555 Nybegynder

26. juni 2006 - 22:11 #2

okay mange tak!

kommer med de logs om lidt!

Synes godt om

Computer Hjælp (Gratis) Mester

26. juni 2006 - 22:38 #3

Fy for 'pokker' - nå men SAS/Dr.Web tar' vel det meste...

Sådan går det når du får alverdens skrammel via:
O4 - HKLM\..\Run: [BearShare] "D:\Programmer\BearShare\BearShare.exe" /pause
???

Synes godt om

riverhorse555 Nybegynder

26. juni 2006 - 22:48 #4

@dr1

ja jeg ved det godt. det jeg døjer mest med for tiden er en hel masse popups der kommer selv om jeg ikke har en web browser åben. og det er virkelig irriterende når man fx sidder og spiller et spil.

Synes godt om

riverhorse555 Nybegynder

27. juni 2006 - 00:10 #5

Dr. web log:

den der .log fil kan jeg ikke finde !?

SAS log:

SUPERAntiSpyware Scan Log
Generated 06/26/2006 at 11:59 PM

Core Rules Database Version : 2991
Trace Rules Database Version: 1078

Memory threats detected : 0
Registry threats detected : 107
File threats detected : 200

BearShare File Sharing Client
[BearShare] D:\Programmer\BearShare\BearShare.exe
D:\Programmer\BearShare\BearShare.exe
C:\Documents and Settings\Administrator\Skrivebord\BearShare.lnk
C:\Documents and Settings\All Users\Menuen Start\Programmer\BearShare.lnk
C:\WINDOWS\Prefetch\BEARSHARE.EXE-03D151AA.pf

Trojan.WinUpdate
[WinUpdate.exe] C:\Programmer\Windows\WinUpdate.exe
C:\Programmer\Windows\WinUpdate.exe
HKU\S-1-5-21-1614895754-2111687655-839522115-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run#WinUpdate.exe [ C:\Programmer\Windows\WinUpdate.exe ]

Adware.Tracking Cookie
C:\Documents and Settings\Administrator\Cookies\administrator@www.webstat[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.realtechnetwork[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dist.belnk[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bluestreak[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.i-am-bored[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@a[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bugs[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xiti[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bannere.fyens[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@webpower[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.dgm2[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revsci[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.zanox[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@e2.emediate[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@yadro[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dk.winantivirus[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.guardian.co[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1072538269[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats1.reliablestats[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@banner.monacogoldcasino[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xxx-porno-young[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads2.drivelinemedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@112.2o7[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atwola[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@54687191[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@interclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.adtoma[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@image.masterstats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@bannerspace[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.hbmediapro[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@doubleclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.888[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@burstnet[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@belnk[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clicktorrent[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.perfion[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad1.emediate[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adknowledge[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@toplist[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.yieldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads2.jubii[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@targetnet[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sitestats.tiscali.co[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@yieldmanager[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tacoda[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@track.adform[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.lycos-europe[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.ofir[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@server.cpmstar[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@vip2.clickzs[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.cnn[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clicksor[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1068142437[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@79963123[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partypoker[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hurricanedigitalmedia[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@azjmp[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample196mop[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.cdfreaks[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.as4x.tmcs[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1068257222[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.incentaclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.mystats[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@wrigley.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.adocean[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@49917998[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@kanoodle[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@komtrack[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@e-2dj6wfk4smdpkfo.stats.esomniture[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@S154230[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@banner.cdpoker[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@flashstat.jubii[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@exitexchange[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@888[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@m15rc[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@free.weloveanimalsex[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@clickability[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@20060329_e550[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cassava[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads1.revenue[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@fcstats.bcentral[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cz7.clickzs[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@st[9].txt
C:\Documents and Settings\Administrator\Cookies\administrator@4stats[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@skynet[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.0stats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad.adition[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sonycorporate.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dcsrmr37800000oa4l7kolkck_1h9k[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1072623259[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071663508[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@mediaplex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@winfixer[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.banner-farm[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats.adbrite[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.realcastmedia[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stat.dealtime[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tracker.affistats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@st[8].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.allsex4you[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.popcounter[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adv.webmd[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adopt.euroclick[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.enterfreesex[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@animal-sex-library[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cz11.clickzs[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.neowin[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stimorolsex[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@007[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dealtime.co[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@i[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@av.clicktracks[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample208anal[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@indexstats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@c.enhance[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hit.stat[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partners[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adtech[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@cnn.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xxxteenbox[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@amsterdamlivexxx[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample206jet[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@extremesex365[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@winantivirus[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.clicktorrent[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@34292599[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071802871[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@optimost[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@36566978[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@webstats.thefa[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tgp.xxxkey[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@creative.paypopup[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@globalstat[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adecn[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@vip.clickzs[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@76743627[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample191ful[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@revenue[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sapphic-erotica.amateur-lesbian-xxx[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@rotator.adjuggler[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@indextools[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@1071402858[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sexnoveller[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.beamfile[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@pagead[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@stats.channel4[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@tdstats[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ad2.adecn[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.zoosex4free[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample201jop[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@partygaming.122.2o7[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.winfixer[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@zanox[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.sextasya[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ads.monster[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@24894229[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@http.edge.vru4[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@hardcore[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@ilead.itrack[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sexmix[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@dogsex.you-like[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@popularscreensavers[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@creative.adsrevenue[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@adsrevenue[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@s[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.hardsextacy[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@new-pcp[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.hqzoosex[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sample192gov[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@smileycentral[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@www.belstat[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@sex-main[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@click.zoopartners[1].txt
C:\Documents and Settings\Administrator\Cookies\administrator@xxxpower[2].txt
C:\Documents and Settings\Administrator\Cookies\administrator@counter[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@ad.adocean[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@ad.zanox[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@adopt.hbmediapro[2].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@cassava[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@clicksor[2].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@m1.webstats4u[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@partypoker[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@paypopup[2].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@rotator.adjuggler[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@stats1.reliablestats[1].txt
C:\Documents and Settings\Administrator\Lokale indstillinger\Temp\Cookies\administrator@www.clicktorrent[1].txt

Adware.WhenU
HKCR\WUSN.1
HKCR\WUSN.1#WUSN_Id
HKCR\ACM.ACMFactory
HKCR\ACM.ACMFactory\CLSID
HKCR\ACM.ACMFactory\CurVer
HKCR\ACM.ACMFactory.1
HKCR\ACM.ACMFactory.1\CLSID
HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}
HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid
HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid32
HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib
HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\TypeLib#Version
HKCR\AppId\{127DF9B4-D75D-44A6-AF78-8C3A8CEB03DB}
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}#AppID
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\InprocServer32
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\InprocServer32#ThreadingModel
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\ProgID
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\Programmable
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\TypeLib
HKCR\CLSID\{A9AAE1AB-9688-42C5-86F5-C12F6B9015AD}\VersionIndependentProgID
HKCR\AppId\ACM.DLL
HKCR\AppId\ACM.DLL#AppID
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\0
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\0\win32
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\FLAGS
HKCR\TypeLib\{DF901432-1B9F-4F5B-9E56-301C553F9095}\1.0\HELPDIR
HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}
HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid
HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid32
HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib
HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\TypeLib#Version
HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}
HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid
HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid32
HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib
HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\TypeLib#Version
HKLM\Software\WhenUSave
HKLM\Software\WhenUSave#db_script_update
HKLM\Software\WhenUSave#InstallDir
HKLM\Software\WhenUSave#pats_url
HKLM\Software\WhenUSave#pat_chunks_url
HKLM\Software\WhenUSave#script_url
HKLM\Software\WhenUSave#update_url
HKLM\Software\WhenUSave#ver_url
HKLM\Software\WhenUSave#Version
HKLM\Software\WhenUSave#timedDBUpdate_rs
HKLM\Software\WhenUSave#SystemParam_rs
HKLM\Software\WhenUSave#extra_url
HKLM\Software\WhenUSave#extraver_url
HKLM\Software\WhenUSave#ziptomsa_url
HKLM\Software\WhenUSave#InstallTime
HKLM\Software\WhenUSave#LastPartner
HKLM\Software\WhenUSave#zip
HKLM\Software\WhenUSave#acm_rs
HKLM\Software\WhenUSave#TotalPartner
HKLM\Software\WhenUSave#newuser_rs
HKLM\Software\WhenUSave#Partner
HKLM\Software\WhenUSave#PartnerB
HKLM\Software\WhenUSave#PartnerDesc
HKLM\Software\WhenUSave#HeartbeatTime
HKLM\Software\WhenUSave#FullDBTime
HKLM\Software\WhenUSave#brandskin_url
HKLM\Software\WhenUSave#brandstrip_rs
HKLM\Software\WhenUSave#brandstrip_url
HKLM\Software\WhenUSave#bstat_rs
HKLM\Software\WhenUSave#himp_url
HKLM\Software\WhenUSave#iptomsa_url
HKLM\Software\WhenUSave#maxPopups_rs
HKLM\Software\WhenUSave#uninstalltag_rs
HKLM\Software\WhenUSave#MSA
HKLM\Software\WhenUSave#TotalPopup
HKLM\Software\WhenUSave#HeartbeatCount
HKLM\Software\WhenUSave#PartnerParam
HKLM\Software\WhenUSave#UrlChangeCount
HKLM\Software\WhenUSave#redir3p_url
HKLM\Software\WhenUSave#src_url
HKLM\Software\WhenUSave#db_stamp_rs
HKLM\Software\WhenUSave#db_server_update
HKLM\Software\WhenUSave#IPToMsaTime_rs
HKLM\Software\WhenUSave#IPToMsaFail_rs
HKLM\Software\WhenUSave#db_fail_cnt
HKLM\Software\WhenUSave#db_ver_update
HKLM\Software\WhenUSave\Partners
HKLM\Software\WhenUSave\Partners\EEPE
HKLM\Software\WhenUSave\Partners\EEPE#Partner
HKLM\Software\WhenUSave\Partners\EEPE#InstallTime
HKLM\Software\WhenUSave\Partners\EEPE#PartnerDesc
HKLM\Software\WhenUSave\Partners\EEPE#PartnerFile
HKLM\Software\WhenUSave\Partners\WUSV
HKLM\Software\WhenUSave\Partners\WUSV#Partner
HKLM\Software\WhenUSave\Partners\WUSV#PartnerDesc
HKLM\Software\WhenUSave\Partners\WUSV#PartnerParam
HKLM\Software\WhenUSave\Partners\WUSV#InstallTime
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#DisplayIcon
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#DisplayName
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#DisplayVersion
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#HelpLink
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#Publisher
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#UninstallString
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow#UrlInfoAbout

Adware.Toolbar888
C:\Programmer\Toolbar888\MyToolBar.dll
C:\Programmer\Toolbar888\Uninst.exe
C:\Programmer\Toolbar888

Trojan.MC Downloader Variant
C:\Documents and Settings\Administrator\DoctorWeb\Quarantine\A0042623.EXE

----

Hijackthis log:

Logfile of HijackThis v1.99.1
Scan saved at 00:09:44, on 27-06-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Winamp\winampa.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe
D:\Programmer\BearShare\BearShare.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmer\Steam\Steam.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\FLLESF~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\System32\svchost.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\WIDCOMM\Bluetooth Software\BTTray.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmer\VIA\RAID\raid_tool.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
D:\Musik\Ny musik\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F0 - system.ini: Shell=Explorer.exe C:\WINDOWS\system32\winmgd.win
F1 - win.ini: run=C:\WINDOWS\system32\mouse_configurator.win
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] C:\Programmer\Fælles filer\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Programmer\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [BearShare] "D:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhenUSave] "C:\Programmer\Save\Save.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PcSync] C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [Steam] "C:\Programmer\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: ubisoft register.lnk = C:\Programmer\Ubi Soft\Register\schedule.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: raid_tool.exe.lnk = C:\Programmer\VIA\RAID\raid_tool.exe
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &MyToolBar Search - res://C:\Programmer\ToolBar888\MyToolBar.dll/MENUSEARCH.HTM
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: bet365 Poker - {B1BA4A3F-1C95-497b-9F82-F8DA4A5C89DD} - C:\Programmer\bet365MPP\MPPoker.exe
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyGaming\PartyPoker\RunApp.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth Software\btsendto_ie.htm (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmer\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Synes godt om

Computer Hjælp (Gratis) Mester

27. juni 2006 - 07:01 #6

PS: Skal du absolut have
O4 - HKLM\..\Run: [BearShare] "D:\Programmer\BearShare\BearShare.exe" /pause
???
kørende aktivt HELE tiden - også når du spiller eller andet ...

PS(2): Der er stadig 'snavs'/virus tilbage - <arlet> følger op...

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Andet sikkerhed kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Er det sandsynligt, at jeg har været udsat for phishing Af Slettet bruger i Andet sikkerhed	4	13/11/202515:09	14/11/202510:45
Google fake Af johp i Andet sikkerhed	3	27/10/202516:31	28/10/202506:52
Generator til strømafbrydelse Af arnepedersen i Andet sikkerhed	11	06/10/202510:26	07/10/202516:37
Sophus Scan og Clean på USB- samler den "snavs" op? Af Uvanga i Andet sikkerhed	7	24/09/202522:06	25/09/202518:27
synology surveillance Af johnnylassen i Andet sikkerhed	2	09/06/202514:49	09/06/202518:18

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS