CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg
Cookie ikon
Avatar billede supermehl Nybegynder
25. januar 2007 - 18:10 Der er 8 kommentarer og
2 løsninger

Kan ikke ændre min startside - Hijack this log

Hey! Nogen har bestemt, at min computers startside skal være www.sex.com og jeg kan ikke ændre det! Ydermere er computeren blevet langsom og slukker af og til.
Så hvis nogen vil kigge nedenstående log i gennem ville det være godt.

Mvh Mehl :P


Logfile of HijackThis v1.99.1
Scan saved at 18:06:20, on 25-01-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\secures2.exe
C:\PROGRA~2\Grisoft\AVG7\avgcc.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\ctpmon.exe
C:\WINDOWS\system32\ctpmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINDOWS\winhlp32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\TEMP\9B4.tmp
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sex.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: CDLPObj Object - {BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} - C:\WINDOWS\DLP.dll
O3 - Toolbar: HP-visning - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AutoTBar] C:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SvcManager] secures2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~2\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ctpmon] ctpmon.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {197F8FE3-8DF6-4755-B925-B94A1FF2F58E} (OSAKit2.OSA_Kit) - http://www.newstarsoccer.com/OSAKit2.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
Avatar billede ejvindh Ekspert
25. januar 2007 - 19:15 #1
-- Hent S!Ri's SmitfraudFix.zip og gem det på dit Skrivebord.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

NB: Filen "process.exe" som ligger i dette værktøj bliver af visse antivirus-programmer identificeret som "RiskTool". Det har dog ikke noget på sig!

-- Hent AVG Anti-Spyware herfra (14 dages version af plus-versionen)
http://www.spywarefri.dk/downloads1.htm
Installer og opdater programmet, men vent med at scanne.

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Kør SmitfraudFix. Tast 2 - svar ja til at rense (y=yes). Lad programmet gennemføre en rensning. Det vil også checke om systemfilen wininet.dll er inficeret. Hvis den er det, vil du blive bedt om tilladelse til at erstatte den med en anden. Her skal du vælge "Yes", ved at taste "y".

Programmet bliver muligvis nødt til at genstarte undervejs. Herefter vil der dukke en liste med resultaterne af rensningen op . Kopiér denne liste ind i tråden.

-- Kør en fuld scanning med AVG Anti-Spyware, og tillad programmet at fixe de ting, som det finder. Programmet laver en lille log, som du skal kopiere herind.

-- Genstart og læg en frisk Hijackthislog herind, sammen med loggen fra AVG Anti-Spyware og loggen fra SmitfraudFix (C:\rapport.txt).
Avatar billede supermehl Nybegynder
25. januar 2007 - 19:18 #2
-- Hent S!Ri's SmitfraudFix.zip og gem det på dit Skrivebord.
http://siri.urz.free.fr/Fix/SmitfraudFix.exe


Linket virker ikke? :\
Avatar billede supermehl Nybegynder
25. januar 2007 - 19:22 #3
Rettelse, har fået fat i S!Ri's SmitfraudFix og følger din vejledning nu
Avatar billede supermehl Nybegynder
25. januar 2007 - 19:52 #4
De tre log filer bliver postet her i tråden i morgen. :)
Avatar billede supermehl Nybegynder
26. januar 2007 - 09:57 #5
Hijack log:

Logfile of HijackThis v1.99.1
Scan saved at 21:31:56, on 25-01-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\secures2.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Desktop\hijackthis.exe

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GRA8E1~1.DLL
O3 - Toolbar: HP-visning - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program Files\HPQ\Quick Launch Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Program Files\hpq\HP Wireless Assistant\HP Wireless Assistant.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AutoTBar] C:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [SvcManager] secures2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~2\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [kav] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {197F8FE3-8DF6-4755-B925-B94A1FF2F58E} (OSAKit2.OSA_Kit) - http://www.newstarsoccer.com/OSAKit2.CAB
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~2\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~2\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Program Files\HPQ\shared\hpqwmi.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing)
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Smitfraud log:

SmitFraudFix v2.135

Scan done at 19:33:50,45, 25-01-2007
Run from C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\autosys.exe Deleted
C:\WINDOWS\system32\ctpmon.exe Deleted
C:\WINDOWS\system32\RegistryCleanerSetup.exe Deleted
C:\DOCUME~1\KRISTI~1.KRI\STARTM~1\Programs\Registry Cleaner Deleted
C:\Program Files\RegistryCleaner\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End


AVG log:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at:    21:21:08 25-01-2007

+ Scan result:   



C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057019.exe -> Adware.MediaTicket : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP146\A0058028.exe -> Adware.MediaTicket : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057186.dll -> Adware.TargetServer : Cleaned.
HKU\S-1-5-21-1659004503-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{590FFB84-6A29-4797-9C0E-B15DF2C4CDCB} -> Adware.TrustCleaner : Cleaned.
C:\WINDOWS\DLP.dll -> Adware.Webdir : Cleaned.
HKLM\SOFTWARE\Classes\CLSID\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} -> Adware.WebDir : Cleaned.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} -> Adware.WebDir : Cleaned.
HKU\S-1-5-21-1659004503-1284227242-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BE2ED590-CA49-46B5-8CCE-244FB2E0D1AA} -> Adware.WebDir : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057018.exe -> Backdoor.VB.ary : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057016.exe -> Downloader.Adload.bq : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057015.exe -> Downloader.Adload.bt : Cleaned.
C:\Documents and Settings\Kristian\Application Data\АрpPatch\cmd.exe -> Downloader.PurityScan.cl : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057020.exe -> Downloader.Small.buy : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057022.exe -> Downloader.TSUpdate.o : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057021.exe -> Downloader.VB.adw : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057024.exe -> Dropper.VB.lu : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057187.exe -> Not-A-Virus.Monitor.Win32.NetMon.a : Cleaned.
:mozilla.885:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.197:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.198:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.199:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.200:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.201:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.202:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.203:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.204:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.205:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.206:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.207:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.208:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.209:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.210:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.211:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.875:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Cookies\kristian@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@metacafe.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.40:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.41:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.637:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.641:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.87:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.88:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.89:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.798:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.799:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.800:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.801:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.802:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.358:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.359:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.360:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.361:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.362:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.363:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.10:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.12:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.13:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Local Settings\Temp\Cookies\kristian@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@adtech[1].txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.22:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.23:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.24:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.25:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.26:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.113:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@bfast[2].txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.442:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.598:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.599:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.857:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@as.casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.554:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.109:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.111:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@com[1].txt -> TrackingCookie.Com : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@cpvfeed[1].txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.122:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.9:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.807:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@adopt.euroclick[2].txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.339:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.340:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.341:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.522:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.523:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.524:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.525:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.526:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.527:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@as-us.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@as1.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@sel.as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.317:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.320:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.322:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.35:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.36:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.37:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@media.fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.165:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.698:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.550:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.551:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.823:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.832:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.881:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@ehg-bskyb.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.584:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.712:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
:mozilla.713:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Komtrack : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned.
:mozilla.429:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.430:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.431:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.890:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.891:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.892:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
:mozilla.14:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.125:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Myaffiliateprogram : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@oewabox[1].txt -> TrackingCookie.Oewabox : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@stat.onestat[2].txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.563:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.630:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@overture[1].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.528:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.529:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.530:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.531:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@ads.pointroll[1].txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.714:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Quarterserver : Cleaned.
:mozilla.8:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.562:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@web4.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@project2.realtracker[1].txt -> TrackingCookie.Realtracker : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@stats1.reliablestats[1].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@revenue[1].txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.699:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.700:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.701:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.702:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.228:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.229:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.230:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.231:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.232:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.233:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.43:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.44:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.45:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.46:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.763:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.764:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.790:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.792:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.793:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.794:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.616:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.39:C:\Documents and Settings\Kristian\Application Data\Mozilla\Firefox\Profiles\na0cl76e.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.720:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.721:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.722:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.723:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.724:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.725:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.726:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.727:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.728:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.730:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.731:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.732:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.733:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.734:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.913:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.914:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned.
:mozilla.100:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.99:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned.
:mozilla.321:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned.
:mozilla.889:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
:mozilla.908:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.909:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.215:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.218:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.219:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.220:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.223:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.224:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.225:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.226:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.194:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.195:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.196:C:\Documents and Settings\Kristian.KRISTIAN-BF5E8B\Application Data\Mozilla\Firefox\Profiles\px81gbw3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Kristian\Cookies\kristian@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Kristian\Lokale indstillinger\Temp\Cookies\kristian@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{11A8A579-9461-4047-89C5-D27788D2DE72}\RP145\A0057017.exe -> Trojan.ProcKill.DJ : Cleaned.


::Report end
Avatar billede ejvindh Ekspert
26. januar 2007 - 10:06 #6
Nå, det skulle gerne have hjulpet en del allerede. Men der mangler lidt endnu:

-- Hent denne fil, og pak den ud til en mappe på skrivebordet:
http://downloads.andymanchesta.com/RemovalTools/SDFix.exe
Dobbeltklik på filen, og lad den pakke sig ud til en mappe i roden af din harddisk (typisk: c:\SDfix)

-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.
O4 - HKLM\..\Run: [SvcManager] secures2.exe
O23 - Service: Microsoft authenticate service (MsaSvc) - Unknown owner - C:\WINDOWS\system32\msasvc.exe (file missing)

-- Genstart i fejlsikret, hvis du ikke ved hvordan så kig her:
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1

-- Du skal nu til at slette. Som indledning hertil skal du have slået "Udvidet filvisning" til:
Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

-- Slet herefter følgende (hvis du kan finde dem):
C:\WINDOWS\system32\secures2.exe

-- Gå så ind i mappen SDFix, som du fik oprettet tidligere. Dobbeltklik på filen RunThis.bat, for at starte værktøjet. Tryk "y" for at bekræfte, at du kører værktøjet på egen risiko. Så vil værktøjet gå i gang med at fjerne trojanservicen, og lave et par reparationer af registreringsdatabasen. På et tidspunkt vil det bede dig om at trykke en taste for at genstarte computeren. Det skal du gøre, hvorefter computeren vil genstarte efter 15 sekunder.

Genstarten vil tage lidt længere end sædvanligt, idet værktøjet skal have tid til at udføre sit arbejde. Når skrivebordet dukker op, vil værktøjet skrive "Finished". Tryk herefter en taste for at indlæse dine skrivebordsikoner igen.

-- Åben så SDFix-mappen, find filen Report.txt, og kopier indholdet af denne fil herind.

-- Lav også en ny log med Hijackthis, som du lægger herind.
Avatar billede supermehl Nybegynder
26. januar 2007 - 12:14 #7
Nu vil computeren ikke starte i safe mode? Skærmen bliver blå med noget tekst og så genstarter den
Avatar billede ejvindh Ekspert
26. januar 2007 - 12:19 #8
Kan du nå at se, hvad den skriver, når den går blå? Og evt skrive det herind? Nævnes der nogle filer?
Avatar billede supermehl Nybegynder
26. januar 2007 - 12:23 #9
Ja, der nævnes filer. Der står så mange ting at jeg ikke kan nå, at se hvad der står! Skærmen er på i ca 2 sekunder og så genstarter den.
Avatar billede ejvindh Ekspert
26. januar 2007 - 12:28 #10
SDfix vil desværre ikke køre fra normal tilstand. Jeg synes derfor du skal prøve at køre en allround-scanning med Dr.Web først -- og se om den finder noget, der forhindrer fejlsikret tilstand:

-- Hent Dr. Web, og gem det på skrivebordet:
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

-- Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til. Lad den slette hvad den finder (say Yes to all). Undervejs i scanningen vil der dukke en grøn popup som tilbyder dig at købe Dr.Web, hvor du får mulighederne "Buy" eller "50% discount". Her skal du bare lukke popuppen, ved at klikke på krydset øverst til højre.

Når den skriver "Select object for Scanning" nederst til venstre, skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet - File Types, prik i - All Files
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Move.
Fjern flueben ved "Prompt on action"
Ved "Move path", skriver du i tekstboksen "c:\" Så der kommer til at stå "c:\infected".
Skift til fanbladet Log File. Der fjerner du flueben ved: "Scanned objects" og "Archivers name".
Tryk på Anvend

Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.
Tryk så på den grønne pil nederst til højre, så scanner den.
Lad den slette/move hvad den finder (Say yes to all)

Når scanningen er færdig, gå op i file – Tryk på- Save Report list. Så ligger der en en fil der her hedder "drweb.csv" på skrivebordet. Kopier indholdet af denne log herind.

-- Prøv derefter om du kan genstarte til fejlsikret tilstand, og hvis ja, så kør SDFix-proceduren.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
trusler Af gerhardpet i Virus 4 26/01/202410:02 27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus 16 09/01/202416:37 10/01/202419:59
virusscanning Af JetteD i Virus 2 10/11/202312:55 10/11/202316:36
Google ser ud til at være malware, lyder advarsel på alle vore mobiler! Af vbr i Virus 9 30/10/202312:12 15/12/202310:17
Jeg får en fejl på Enhedssikkerhed Af pouls i Virus 8 04/06/202321:28 05/06/202316:28
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester



Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 18:19 Fjerne adgangskode Af Geo" søster i Andet sikkerhed
I går 16:44 sletning af en årgang billeder i dropbox Af valsbol i Cloudtjenester
I går 14:54 Skrive tekst fra celle i formel Af SFrede i Excel
I går 14:48 skanner Af Dittelit i Andet hardware
I går 14:26 Opdatering af SAPgrid værdi Af dane022 i Visual Basic
White papers
Flere white papers »


Premium
Teaser billede
Om få måneder lægger Microsoft det klassiske Teams i graven
Læs mere »
Danske myndigheder skal slippe alt, hvad de har i hænderne og patche nu: Hackere udnytter alvorlige sårbarheder i Ciscos firewalls
Sådan vil Niras anvende medarbejder-data og AI til løn-regulering og stress-håndtering
BEC varsler prisstigninger for sine kunder: Medarbejderne skal have mere i løn
Se alle »
Computerworld
Teaser billede
På tur i BMW's mægtigste elbil: Sådan er livet ombord i en monumental million-ellert
Læs mere »
Porno-giganterne Pornhub og XVideos skal indlevere materiale til EU
En hyldest til klodens snedigste tablet-design: Nu er fremtiden for Microsofts hardware endnu mere uvis
Nørgaard: Som jeg altid har sagt: Man ansætter altid nye folk på udseendet, for det er det eneste, som en kandidat ikke kan fuske med
Se alle »
CIO
Teaser billede
Nu kan mange flere opgradere deres gamle Windows 10-pc'er til Windows 11: Se om du kan opgradere
Læs mere »
På denne dato er det slut med udbredte versioner af Office: Microsoft vil have dig over på de dyrere E3-licenser
Tidligere Chr. Hansen-CIO Jens Rasmussen løfter sløret efter exit: Her er mit næste skridt i karrieren
Besvarer forsikringsspørgsmål på 20 sekunder: Sådan er Topdanmarks nye generative AI-chatbot blevet udviklet på et halvt år
Se alle »
Job & Karriere
Teaser billede
NNIT flytter til det centrale København: Her er selskabets nye hovedkvarter
Læs mere »
Knap 40 procent af disse it-folk tjener tjener mindst 57.000 kroner om måneden
Så meget tjener dine kollegaer: Her er alle data fra Computerworlds store it-lønstatistik for 2024
Medarbejderne fik udleveret badetøfler ved indflytningen: Kom med inden for i IBM Danmarks nye topmoderne hovedkontor
Se alle »
White paper
Teaser billede
Cybersikkerhed: Skær antallet af alarmer ned fra tusindvis til blot en håndfuld
Læs mere »
Sæt turbo på din cloudperformance og minimér risikoen for DDoS-angreb
Guide: Sådan udvikler du en moderne netværksstrategi
Få mere ud af din cloudinfrastruktur og gør op med de konstant stigende omkostninger
Se alle »

Events
Flere events »
White papers
Flere white papers »
IT-Kurser
Se alle vores it-kurser »