/ Forside/ Teknologi / Operativsystemer / MS Windows / Spørgsmål
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
MS Windows
#NavnPoint
Klaudi 76474
o.v.n. 67550
refi 58409
tedd 45557
Manse9933 45149
molokyle 40687
miritdk 38357
briani 27239
BjarneD 26414
10  pallebhan.. 24310
Spyware/virus halløj fra msn
Fra : angelic
Vist : 1374 gange
60 point
Dato : 01-12-06 21:45

HJÆLP.....
Ja fik en eller anden møg irriterende Virus idag, via msn... Øv hvor føler man sig dum

Men nu kan jeg ikke fjerne den og den laver hele tiden toolbar, selvom jeg fjerner den.

Den hedder noget med winstall.exe, tror jeg!

er der ikke nogen der kan hjælpe en forvirret pige i nød?

 
 
Kommentar
Fra : molokyle


Dato : 01-12-06 21:52
Kommentar
Fra : stl_s


Dato : 01-12-06 21:58

Lad os tage et kig på hvor galt det er:

Hent HijackThis her http://www.sitecenter.dk/secure/nss-folder/mappe/hjtspecial.exe Opret en selvstændig mappe til HijackThis, kald den f,eks HJT. Kør Hijackthis, klik "Do a systemscan and save a logfile". Kopier loggen og sæt den her ind i tråden, så kigger jeg på den. Du må ikke slette noget selv med HijackThis. Jeg skal nok give dig en vejledning til hvad du skal gøre.




Kommentar
Fra : pømske


Dato : 01-12-06 22:01

http:// www.avast.com (gratis) Downlaod programma .

Kommentar
Fra : miritdk


Dato : 01-12-06 22:04

davs stl_s - så er du i gode hænder angelic

Kommentar
Fra : angelic


Dato : 01-12-06 22:08

Logfile of HijackThis v1.99.1
Scan saved at 21:55:47, on 01-12-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\D-Tools\daemon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Dell Photo AIO Printer 944\memcard.exe
C:\Documents and Settings\Alissa\Skrivebord\winstall.exe
C:\Programmer\Fælles filer\{98C41CE7-0AE9-1030-0223-04120503002d}\Update.exe
C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\dlcdcoms.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Alissa\Skrivebord\HTJ.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.qqncgptgowsreviknnfnsgko.com/4t4AmqItf7/jCVgpUhOk9vzwl98v1lvlOZdeSGFIK7AOp2ZAgZRePY1BbjefotJv.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Peak meet 64 - {5056DB67-CF57-806B-B81D-76BE1ADCC37B} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O2 - BHO: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FÆLLES~1\{38C41~1\888Bar.dll
O3 - Toolbar: date remote title - {7B299F3F-F7E4-7F84-DF3A-65216A8307FF} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: 888Bar - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\PROGRA~1\FÆLLES~1\{38C41~1\888Bar.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PicasaNet] "C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DLCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcdmon.exe] "C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Programmer\Dell Photo AIO Printer 944\memcard.exe"
O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\Alissa\Skrivebord\winstall.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Programmer\Uniblue\Registry Booster\RegistryBooster.exe /S
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://217.157.233.54:8082/activex/AxisCamControl.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcd_device - Unknown owner - C:\WINDOWS\system32\dlcdcoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe


er det dette jeg skal sende?

Kommentar
Fra : angelic


Dato : 01-12-06 22:13

Synes det ser lidt uoverskueligt ud!!!!????

Kommentar
Fra : miritdk


Dato : 01-12-06 22:15

det er godt nok det du sendte - nu skal du bare lige vente for næste råd fra stl_s

Kommentar
Fra : stl_s


Dato : 01-12-06 22:30

Det ser ud til at du er sluppet relativt heldigt fra den MSN orm. Gør dette:

1. Hent og pak SmitfraudFix.zip ud til dit Skrivebord.

http://siri.urz.free.fr/Fix/SmitfraudFix.zip

Programmet pakker sig ud i en mappe, der hedder SmitfraudFix.(Hvis dit antivirus reagerer på en fil i fixet, så lad antivirus ignorere den. Den er nødvendig, og ikke farlig)


2. Hent denne scanner http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

Installer scanneren, og opdater den manuelt. OBS, ved installationen bliver det foreslået at du registrerer med din email. Det behøver du ikke at gøre.

Du skal ikke scanne endnu.


3. Genstart i fejlsikret (tast f8 flere gange under opstart), hvis du ikke kan, så kig her:

http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=23&PN=1


4. Åbn mappen SmitfraudFix som du fik på Skrivebordet, og dobbeltklik på SmitfraudFix.cmd og tast 2 - svar ja til at rense (y=yes). Lad programmet gennemføre en rensning. Hvis fixet genstarter computeren, så skal du bagefter starte op i fejlsikret igen, og fortsætte proceduren med SuperAntiSpyware.


5. Start SuperantiSpyware, og klik "Scan your computer". Sæt flueben i dine drev, ovre til venstre i vinduet. Ovre til højre i vinduet, sætter du prik i "Perform Complete Scan". Klik "næste", nu scanner den. Når den er færdig, så markerer du det den finder, og lader scanneren fjerne det.

Genstart til normal tilstand (scanneren tilbyder måske at gøre det).


6. Åbn scanneren igen, og klik "preferences"-> "stastics/logs". Marker loggen, og klik "View log". Kopier loggen her ind i tråden, sammen med en frisk HijackThis log. SmitfraudFix laver også en lille tekstfil (log). Kopier også denne log ind.

Kommentar
Fra : stl_s


Dato : 01-12-06 22:38

Bare følg vejledningen stille og roligt, trin for trin, så skal det nok gå.

Kommentar
Fra : angelic


Dato : 01-12-06 22:57

altså jeg kom til at scanne først... den fandt en masse....
men skal jeg nu åbne den mappe så??

Kommentar
Fra : stl_s


Dato : 01-12-06 23:09

Rækkefølgen betyder ikke noget, så kør du bare Smitfraudfixet nu.

Kommentar
Fra : angelic


Dato : 01-12-06 23:22

Det hele er altså stadig dumt... den bliver ved med at starte op hver gang jeg genstarter... altså det der Virus halløj

Kommentar
Fra : angelic


Dato : 01-12-06 23:22

Det hele er altså stadig dumt... den bliver ved med at starte op hver gang jeg genstarter... altså det der Virus halløj

Kommentar
Fra : stl_s


Dato : 01-12-06 23:24

Har du kørt smitfraudfix ? Ellers gør det.

Kommentar
Fra : angelic


Dato : 01-12-06 23:25

nu har jeg startet op i fejlsikret, kørt først SmitfraudFix og derefter SuperantiSpyware. genstartet og det første der sker, er at min avg antivirus ting, siger Antivirus detectet og så åbner den en browser op på en eller anden underlig side. winstall.exe er fortsat på mit skrivebord.

Kommentar
Fra : angelic


Dato : 01-12-06 23:26

den siger ikke Antivirus detected, men virus detected.... ups

Kommentar
Fra : angelic


Dato : 01-12-06 23:26

den siger ikke Antivirus detected, men virus detected.... ups

Kommentar
Fra : stl_s


Dato : 01-12-06 23:29

Det lyder mærkeligt. Kom lige med logsene fra smitfraud fix og SuperAntiSpyware.

Kommentar
Fra : angelic


Dato : 01-12-06 23:32

SUPERAntiSpyware Scan Log
Generated 12/01/2006 at 10:38 PM

Application Version : 3.3.1020

Core Rules Database Version : 3140
Trace Rules Database Version: 1157

Scan type : Complete Scan
Total Scan Time : 00:08:55

Memory items scanned : 164
Memory threats detected : 0
Registry items scanned : 5266
Registry threats detected : 41
File items scanned : 4191
File threats detected : 227

Trojan.Update-Mcboo
   [{98C41CE7-0AE9-1030-0223-04120503002d}] C:\PROGRAMMER\FæLLES FILER\{98C41CE7-0AE9-1030-0223-04120503002D}\UPDATE.EXE
   C:\PROGRAMMER\FæLLES FILER\{98C41CE7-0AE9-1030-0223-04120503002D}\UPDATE.EXE
   C:\WINDOWS\Prefetch\UPDATE.EXE-179B575C.pf

Adware.ToolBar888
   HKLM\Software\Classes\CLSID\{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\InprocServer32
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\InprocServer32#ThreadingModel
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\ProgID
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\Programmable
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\TypeLib
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\VersionIndependentProgID
   C:\PROGRA~1\FÆLLES~1\{38C41~1\888BAR.DLL
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKLM\Software\Microsoft\Internet Explorer\Toolbar#{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKCR\LuckyToolBar.LuckyToolBarObj.1
   HKCR\LuckyToolBar.LuckyToolBarObj.1\CLSID
   HKCR\LuckyToolBar.LuckyToolBarObj
   HKCR\LuckyToolBar.LuckyToolBarObj\CLSID
   HKCR\LuckyToolBar.LuckyToolBarObj\CurVer
   HKCR\TypeLib\{ED0FB633-C311-4bcd-824A-4D345386BE64}
   HKU\S-1-5-21-657328351-2793455824-2359648261-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0\win32
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\FLAGS
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\HELPDIR
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid32
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib#Version

Adware.Tracking Cookie
   C:\Documents and Settings\Alissa\Cookies\alissa@ad-logics[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cfusion[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adbrite[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@doubleclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@trafficmp[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@winfixer[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adopt.euroclick[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@webstat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tripod.lycos[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@project2.realtracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.macromedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@image.masterstats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tracker.krudtting[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@438[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@serviceswitching[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@revenue[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@statcounter[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.dealtime[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@statse.webtrendslive[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@toplist[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.0stats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@bluestreak[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@atwola[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.monster[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.yieldmanager[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@4[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ebookers[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@z1.adserver[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats1.reliablestats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@fastclick[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@S129102[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.ofir[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@advertising[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@web4.realtracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adtech[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.onestat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@euros4click[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@focalex[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@windowsmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad1.emediate[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.tripod.spray[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.us.e-planning[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@005.free-counter.co[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.mediaturf[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@casalemedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mediaplex[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.cibleclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@maxserving[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@partners.webmasterplan[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@belnk[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@e2.emediate[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.commissionpartner[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nextag[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071183736[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@findwhat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1.primaryads[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@zedo[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.burstbeacon[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@edge.ru4[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.sexlinien[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@3[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@server.iad.liveperson[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@xiti[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@atdmt[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hg1.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-dig.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tribalfusion[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.adform[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@rightmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats.ilsemedia[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.dgm2[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@globalstat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@den[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@serving-sys[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.winfixer[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clicktorrent[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.gametrust[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071921625[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-randomhouse.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@interclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dynamicsitestats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tracker.toptensites[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tacoda[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads2.jubii[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dcsu6l8hzhr53dm4881fz8oao_2e5h[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@counter.hitslink[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adopt.hbmediapro[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cz7.clickzs[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@creativeby.viewpoint[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cs.sexcounter[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@efashionsolutions.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clickertraining[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@yieldmanager[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adserver[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@media.hotels[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@m1.webstats4u[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nissan-nordics[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@metacafe.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@812[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-svt.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-nestlepurinapetcare.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clkhype.adbureau[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@18766632[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clickbank[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@43035569[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adserver.banneradministration[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@fortunecity[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@azjmp[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@rotator.adjuggler[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@82743606[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@82763522[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@winantivirus[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@602[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@indextools[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.tripod.lycos[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@superstats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@sextracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nissan[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@713[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dist.belnk[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@etype.adbureau[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad1.hardware[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tradedoubler[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@4[3].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.pointroll[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@counter1.sextracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adtoma[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@web-stat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@commission-junction[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@paycounter[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069746926[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.wz[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats2.clicktracks[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@0[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@media.putfile[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@valueclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dyre-sex[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@realmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@pphlogger[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1068980416[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.counter-gratis[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adocean[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.realcounters[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.ssl.jubii[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tdstats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mediametrics.mpsa[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clicksor[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.webstat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dk.winantivirus[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@estat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.miarroba[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@c1.zedo[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.zanox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@vhost.oddcast[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@16847762[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@admarketplace[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adition[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[3].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.realtechnetwork[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.addynamix[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.vg.basefarm[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.effiliation[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adfair[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1068349472[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@as1.falkag[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@indexstats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@revsci[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.estart[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hotelscom.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@apmebf[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@partner2profit[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dealtime.co[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-ignitemedia.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@msnportal.112.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@oddcast[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@citi.bridgetrack[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069183853[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hit.stat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[6].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@52412438[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.postdanmark[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069336987[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@169841[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.wanadooregie[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mb[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@list[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@questionmarket[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tripod[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071712319[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071436441[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@xml.bravenetmedianetwork[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@targetnet[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@anad.tacoda[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.winantivirus[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1062345369[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@centrebet.advertserve[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1070148968[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mfunweb[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@toplist_demo[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@005.free-counter.co[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@ad1.emediate[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@adfair[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@adserver.banneradministration[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@advertising[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@atdmt[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@banneradministration[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@doubleclick[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@track.adform[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@tradedoubler[2].txt

Registry Cleaner Trial
   HKCR\Install.Install
   HKCR\Install.Install\CLSID
   HKCR\Install.Install\CurVer
   HKCR\Install.Install.1
   HKCR\Install.Install.1\CLSID
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\Install.dll [  ]

Adware.ClickSpring/Yazzle
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString

Adware.IPWins
   HKU\S-1-5-21-657328351-2793455824-2359648261-1006\Software\IpWins
   C:\Programmer\ipwins\ipwins.exe
   C:\Programmer\ipwins\Services.dll
   C:\Programmer\ipwins
   C:\WINDOWS\Prefetch\IPWINS.EXE-00C7ACB0.pf

Adware.IST/ISTBar (Slotch Bar)
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Unclassified.Unknown Origin/System
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\B116.EXE
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\B122.EXE

Adware.Lop
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\JOKEENRX.EXE

Trojan.Freeprod
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\MC-110-12-0001411.EXE
   C:\DOCUMENTS AND SETTINGS\ALISSA\MCNEW.EXE
   C:\WINDOWS\Prefetch\MCNEW.EXE-061432A5.pf


Kommentar
Fra : angelic


Dato : 01-12-06 23:32

SUPERAntiSpyware Scan Log
Generated 12/01/2006 at 10:38 PM

Application Version : 3.3.1020

Core Rules Database Version : 3140
Trace Rules Database Version: 1157

Scan type : Complete Scan
Total Scan Time : 00:08:55

Memory items scanned : 164
Memory threats detected : 0
Registry items scanned : 5266
Registry threats detected : 41
File items scanned : 4191
File threats detected : 227

Trojan.Update-Mcboo
   [{98C41CE7-0AE9-1030-0223-04120503002d}] C:\PROGRAMMER\FæLLES FILER\{98C41CE7-0AE9-1030-0223-04120503002D}\UPDATE.EXE
   C:\PROGRAMMER\FæLLES FILER\{98C41CE7-0AE9-1030-0223-04120503002D}\UPDATE.EXE
   C:\WINDOWS\Prefetch\UPDATE.EXE-179B575C.pf

Adware.ToolBar888
   HKLM\Software\Classes\CLSID\{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\InprocServer32
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\InprocServer32#ThreadingModel
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\ProgID
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\Programmable
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\TypeLib
   HKCR\CLSID\{C004DEC2-2623-438E-9CA2-C9043AB28508}\VersionIndependentProgID
   C:\PROGRA~1\FÆLLES~1\{38C41~1\888BAR.DLL
   HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKLM\Software\Microsoft\Internet Explorer\Toolbar#{C004DEC2-2623-438e-9CA2-C9043AB28508}
   HKCR\LuckyToolBar.LuckyToolBarObj.1
   HKCR\LuckyToolBar.LuckyToolBarObj.1\CLSID
   HKCR\LuckyToolBar.LuckyToolBarObj
   HKCR\LuckyToolBar.LuckyToolBarObj\CLSID
   HKCR\LuckyToolBar.LuckyToolBarObj\CurVer
   HKCR\TypeLib\{ED0FB633-C311-4bcd-824A-4D345386BE64}
   HKU\S-1-5-21-657328351-2793455824-2359648261-1006\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser#{C004DEC2-2623-438E-9CA2-C9043AB28508}
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\0\win32
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\FLAGS
   HKCR\TypeLib\{569304BA-83ED-4CFF-AC26-BE3E482F7208}\1.0\HELPDIR
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\ProxyStubClsid32
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib
   HKCR\Interface\{C6F2214E-0B54-45A9-B90D-7DD4BA45ED0B}\TypeLib#Version

Adware.Tracking Cookie
   C:\Documents and Settings\Alissa\Cookies\alissa@ad-logics[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cfusion[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adbrite[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@doubleclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@trafficmp[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@winfixer[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adopt.euroclick[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@webstat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tripod.lycos[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@project2.realtracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.macromedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@image.masterstats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tracker.krudtting[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@438[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@serviceswitching[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@revenue[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@statcounter[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.dealtime[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@statse.webtrendslive[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@toplist[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.0stats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@bluestreak[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@atwola[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.monster[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.yieldmanager[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@4[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ebookers[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@z1.adserver[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats1.reliablestats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@fastclick[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@S129102[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.ofir[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@advertising[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@web4.realtracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adtech[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.onestat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@euros4click[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@focalex[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@windowsmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad1.emediate[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.tripod.spray[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.us.e-planning[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@005.free-counter.co[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.mediaturf[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@casalemedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mediaplex[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.cibleclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@maxserving[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@partners.webmasterplan[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@belnk[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@e2.emediate[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.commissionpartner[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nextag[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071183736[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@findwhat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1.primaryads[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@zedo[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.burstbeacon[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@edge.ru4[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.sexlinien[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@3[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@server.iad.liveperson[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@xiti[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@atdmt[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hg1.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-dig.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tribalfusion[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.adform[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@rightmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats.ilsemedia[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.dgm2[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@globalstat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@den[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@serving-sys[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.winfixer[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clicktorrent[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.gametrust[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071921625[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-randomhouse.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@interclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dynamicsitestats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tracker.toptensites[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tacoda[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads2.jubii[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dcsu6l8hzhr53dm4881fz8oao_2e5h[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@counter.hitslink[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adopt.hbmediapro[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cz7.clickzs[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@creativeby.viewpoint[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cs.sexcounter[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@efashionsolutions.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clickertraining[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@yieldmanager[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adserver[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@media.hotels[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@m1.webstats4u[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nissan-nordics[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@metacafe.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@812[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-svt.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-nestlepurinapetcare.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clkhype.adbureau[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@18766632[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clickbank[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@43035569[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adserver.banneradministration[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@fortunecity[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@azjmp[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@rotator.adjuggler[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@82743606[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@82763522[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@winantivirus[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@602[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@indextools[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.tripod.lycos[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@superstats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@sextracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@nissan[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@713[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dist.belnk[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@etype.adbureau[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad1.hardware[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tradedoubler[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@4[3].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.pointroll[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@counter1.sextracker[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adtoma[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@web-stat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@commission-junction[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@paycounter[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069746926[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.wz[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stats2.clicktracks[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@0[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@media.putfile[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@valueclick[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dyre-sex[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@realmedia[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@pphlogger[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1068980416[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.counter-gratis[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adocean[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.realcounters[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.ssl.jubii[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tdstats[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mediametrics.mpsa[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@clicksor[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.webstat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dk.winantivirus[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@estat[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.miarroba[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@c1.zedo[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.zanox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@vhost.oddcast[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@16847762[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@admarketplace[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad.adition[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[3].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.realtechnetwork[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.addynamix[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.vg.basefarm[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@track.effiliation[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@adfair[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1068349472[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@as1.falkag[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@indexstats[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@revsci[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.estart[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hotelscom.122.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@apmebf[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@partner2profit[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@dealtime.co[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg-ignitemedia.hitbox[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@msnportal.112.2o7[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ehg.hitbox[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@oddcast[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@citi.bridgetrack[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069183853[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@hit.stat[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@cgi-bin[6].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@52412438[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@stat.postdanmark[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1069336987[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@169841[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ad[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@ads.wanadooregie[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mb[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@list[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@questionmarket[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@tripod[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071712319[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1071436441[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@xml.bravenetmedianetwork[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@targetnet[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@anad.tacoda[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@www.winantivirus[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1062345369[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@centrebet.advertserve[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@1070148968[2].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@mfunweb[1].txt
   C:\Documents and Settings\Alissa\Cookies\alissa@toplist_demo[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@005.free-counter.co[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@ad1.emediate[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@adfair[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@adserver.banneradministration[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@advertising[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@atdmt[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@banneradministration[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@doubleclick[1].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@track.adform[2].txt
   C:\Documents and Settings\Alissa\Lokale indstillinger\Temp\Cookies\alissa@tradedoubler[2].txt

Registry Cleaner Trial
   HKCR\Install.Install
   HKCR\Install.Install\CLSID
   HKCR\Install.Install\CurVer
   HKCR\Install.Install.1
   HKCR\Install.Install.1\CLSID
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\Install.dll [  ]

Adware.ClickSpring/Yazzle
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#DisplayName
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yazzle1122Oin#UninstallString

Adware.IPWins
   HKU\S-1-5-21-657328351-2793455824-2359648261-1006\Software\IpWins
   C:\Programmer\ipwins\ipwins.exe
   C:\Programmer\ipwins\Services.dll
   C:\Programmer\ipwins
   C:\WINDOWS\Prefetch\IPWINS.EXE-00C7ACB0.pf

Adware.IST/ISTBar (Slotch Bar)
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest [ Never ]

Unclassified.Unknown Origin/System
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\B116.EXE
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\B122.EXE

Adware.Lop
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\JOKEENRX.EXE

Trojan.Freeprod
   C:\DOCUMENTS AND SETTINGS\ALISSA\LOKALE INDSTILLINGER\TEMP\MC-110-12-0001411.EXE
   C:\DOCUMENTS AND SETTINGS\ALISSA\MCNEW.EXE
   C:\WINDOWS\Prefetch\MCNEW.EXE-061432A5.pf


Kommentar
Fra : angelic


Dato : 01-12-06 23:34

hvordan finder jeg log for smitfraud fix??

Kommentar
Fra : pømske


Dato : 01-12-06 23:37
Kommentar
Fra : angelic


Dato : 01-12-06 23:39

tror den hedder Winstall.exe Det er der ihvertfald et ikon på mit skrivebord der hedder, som jeg ikke kan fjerne!

Kommentar
Fra : miritdk


Dato : 01-12-06 23:41

stl_s dit link er hermed rettet http://www.avast.com/eng/avast-virus-cleaner.html

Kommentar
Fra : miritdk


Dato : 01-12-06 23:43

sorry navneforvirring - den var til pømske

Kommentar
Fra : stl_s


Dato : 01-12-06 23:54

Smitfraud fix log hedder log. Åbn stifinder og klik på C drevet, så ser du den. Ellers søg på log.txt.

Når du har kopieret den ind, så gør dette:

Hent denne scanner ned til skrivebordet ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe Vent med at køre den.


Start op i fejlsikret tilstand (tast f8 flere gange under opstart). Hvis du ikke kan det, så se her
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1


Vejledning her http://fromsej.dk/Vejledninger/html/drweb.html


Kopier loggen her ind.

Kommentar
Fra : stl_s


Dato : 02-12-06 00:11

Ups, glemte at Kandu ikke vil vise ftp links. Kopier denne linie ind i adresselinien på din browser:

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe

Kommentar
Fra : angelic


Dato : 03-12-06 00:14

S_tls er du her stadig??

Kommentar
Fra : angelic


Dato : 03-12-06 00:19

Jeg prøvede her til aften at scanne med Dr.web. den fandt ikke noget, men kunne heller ikke huske vejledningen og kan ikke få adgang fra fejlsikret.

Jeg slettede Winstall.exe da jeg var i fejlsikret, og nu skriver den ikke noget med virus når jeg starter op.
Men computeren kører generalt langsomt nu...!?

men kan jeg være sikker på at det er væk nu???

Kommentar
Fra : stl_s


Dato : 03-12-06 00:23

Jeps, jeg venter på logsene. Hvis du ikke kan finde dem, så kom med en frisk Hijackthis log.

Kommentar
Fra : angelic


Dato : 03-12-06 00:26

Logfile of HijackThis v1.99.1
Scan saved at 00:13:42, on 03-12-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe
C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe
C:\Programmer\Dell Photo AIO Printer 944\memcard.exe
C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\dlcdcoms.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Documents and Settings\Alissa\Skrivebord\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Peak meet 64 - {5056DB67-CF57-806B-B81D-76BE1ADCC37B} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: date remote title - {7B299F3F-F7E4-7F84-DF3A-65216A8307FF} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PicasaNet] "C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DLCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcdmon.exe] "C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Programmer\Dell Photo AIO Printer 944\memcard.exe"
O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\Alissa\Skrivebord\winstall.exe
O4 - HKCU\..\Run: [Creative Detector] C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://217.157.233.54:8082/activex/AxisCamControl.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcd_device - Unknown owner - C:\WINDOWS\system32\dlcdcoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe

tror ikke jeg kan finde de andre:(



Kommentar
Fra : stl_s


Dato : 03-12-06 00:27

Det lyder positivt, men kom lige med HijackThis til et sidste tjek.

Kommentar
Fra : angelic


Dato : 03-12-06 00:36

Er der stadig noget galt med den???

Kommentar
Fra : miritdk


Dato : 03-12-06 00:42

det er jo det stl_s prøver at finde ud af med en ny log

Kommentar
Fra : stl_s


Dato : 03-12-06 00:43

Sikkert ikke, men der kan være lidt rester der skal væk

Kommentar
Fra : angelic


Dato : 03-12-06 00:57

Jamen, den log jeg har sat på ovenover er dn nye HJTlog.

Kommentar
Fra : stl_s


Dato : 03-12-06 01:00

Sorry, den havde jeg overset. Jeg vender tilbage

Kommentar
Fra : stl_s


Dato : 03-12-06 01:26

Kør en scanning med HijackThis, så du kan se alle filer. Luk alle vinduer, sæt flueben ved disse linier, og klik fix checked.


O2 - BHO: Peak meet 64 - {5056DB67-CF57-806B-B81D-76BE1ADCC37B} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)

O3 - Toolbar: date remote title - {7B299F3F-F7E4-7F84-DF3A-65216A8307FF} - C:\PROGRA~1\DartBeep\Byte link.dll (file missing)

O4 - HKLM\..\Run: [explorer] C:\Documents and Settings\Alissa\Skrivebord\winstall.exe

O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab

O16 - DPF: {E055C02E-6258-40FF-80A7-3BDA52FACAD7} (Installer Class) - http://activex.matcash.com/speedtest2.dll



Slet denne mappe:

C:\PROGRA~1\DartBeep

Kom så lige med en sidste log til tjek.

Kommentar
Fra : briseogstorm


Dato : 03-12-06 01:29

imponerende stl_s har set dig flere gane, du er en guttermand m/k. Smiler B&S

Kommentar
Fra : miritdk


Dato : 03-12-06 01:35

briseogstorm var det dine billeder du skulle udstille og hvordan gik det så ???

Kommentar
Fra : angelic


Dato : 03-12-06 01:47

hvor finder jeg mappen jeg skal slette?

Kommentar
Fra : stl_s


Dato : 03-12-06 01:51

HijackThis forkorter, så den er her:

C:\PROGRAMMER\DartBeep



Kommentar
Fra : angelic


Dato : 03-12-06 01:54

Hmm, kan ikke finde den
har også prøvet at lave en søgning i C:\

Kommentar
Fra : stl_s


Dato : 03-12-06 01:59

Prøv lige om du kan finde den via Start/Søg. Dukker den ikke op, så har HJT fixet den.

Kommentar
Fra : angelic


Dato : 03-12-06 02:00

har prøvet at søge der også, skal jeg lige sende en sidste Hjt-log?

Kommentar
Fra : angelic


Dato : 03-12-06 02:02

Logfile of HijackThis v1.99.1
Scan saved at 01:48:39, on 03-12-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmer\Dell\Media Experience\PCMService.exe
C:\WINDOWS\System32\DSentry.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe
C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe
C:\Programmer\Dell Photo AIO Printer 944\memcard.exe
C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\dlcdcoms.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Alissa\Skrivebord\HJT.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [CTSysVol] C:\Programmer\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Programmer\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [PCMService] "C:\Programmer\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDSentry] C:\WINDOWS\System32\DSentry.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Picasa Media Detector] C:\Documents and Settings\Alissa\Dokumenter\Picasa2\PicasaMediaDetector.exe
O4 - HKLM\..\Run: [PicasaNet] "C:\Documents and Settings\Alissa\Dokumenter\Hello\Hello.exe" -b
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [DLCDCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLCDtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [dlcdmon.exe] "C:\Programmer\Dell Photo AIO Printer 944\dlcdmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Programmer\Dell Photo AIO Printer 944\memcard.exe"
O4 - HKCU\..\Run: [Creative Detector] C:\Programmer\Creative\MediaSource\Detector\CTDetect.exe /R
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: &Google Search - res://c:\programmer\google\GoogleToolbar3.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\programmer\google\GoogleToolbar3.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\programmer\google\GoogleToolbar3.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\programmer\google\GoogleToolbar3.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\programmer\google\GoogleToolbar3.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\programmer\google\GoogleToolbar3.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Share in Hello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra 'Tools' menuitem: Share in H&ello - {B13B4423-2647-4cfc-A4B3-C7D56CB83487} - C:\Documents and Settings\Alissa\Dokumenter\Hello\PicasaCapture.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://217.157.233.54:8082/activex/AxisCamControl.cab
O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: dlcd_device - Unknown owner - C:\WINDOWS\system32\dlcdcoms.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\NCS\Sync\NetSvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Programmer\Fælles filer\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe



Kommentar
Fra : stl_s


Dato : 03-12-06 02:09

Bingo! Så er din log ren. Så mangler der lige lidt oprydning, så er den i vinkel . Godt gået .


Efter et virus/spyware angreb, er det altid en god ide at rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.

Hent ATF Cleaner her fra http://www.atribune.org/content/view/19/2/

Start ATF Cleaner. Sæt flueben i "Select all" (du kan undlade cookies, hvis du vil). Klik "Empty selected".

Kommentar
Fra : angelic


Dato : 03-12-06 02:10

Hvis alt er ok nu, skal du bare have 100000000000000000 gange tak. Det er jo helt fantastisk at man kan få hjælp på denne måde, og at der er nogen der gider at hjælpe en! alle de log-filer jo volapyk for mig! endnu en gang TAK.

Skal lige høre, om jeg bare kan downloade windows live Messenger igen? -den slettede jeg i mit desperate forsøg på selvhjælp -hehe.
Skal jeg gemme alle programmerne(HJT ect)? eller er det bedst bare at slette dem? de ligger og fylder godt op på mit skrivebord

Kommentar
Fra : angelic


Dato : 03-12-06 02:15

Hvordan deaktiverer jeg systemgendannelse? og hvordan aktiverer jeg det igen?
synes ikke der stod noget på det link : (http://www.spywarefri.dk/virusscannere.htm#alle)
Jeg har AVG virus scanner, er den ok? eller kan du anbefale noget andet?

Kommentar
Fra : angelic


Dato : 03-12-06 02:20

hov fandt det, tror jeg sorry.

Kommentar
Fra : miritdk


Dato : 03-12-06 02:24

For Windows XP er det lige så nemt. Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik ok og genstart.

Når du skal aktivere systemgendannelse igen går du samme vej og fjerner fluebenet i "Deaktiver systemgendannelse".


Accepteret svar
Fra : stl_s

Modtaget 60 point
Dato : 03-12-06 02:49

Slet bare alle værktøjerne, pånær SuperAntiSpyware. Den kan du scanne med en gang imellem. For ekstra sikkerhed, kan du hente Spybot S&D, og aktivere "immunisering". Det holder meget af skidtet ude http://www.safer-networking.org/dk/index.html

Kommentar
Fra : angelic


Dato : 03-12-06 02:51



Så skulle det hele være i orden, endnu en gang MANGE tak... jeg er bare helt målløs over du har gidet at tage dig tid til at hjælpe mig. Det er sådan noget der bare gør en vildt glad!
TAK
er det ok at jeg henter msn ned igen?

Godkendelse af svar
Fra : angelic


Dato : 03-12-06 02:55

Tak for svaret stl_s.

Tager virkelig hatten af for dig.... TAK TAK TAK

Kommentar
Fra : stl_s


Dato : 03-12-06 02:59

Se iøvrigt lige dette tip jeg har lavet til Messenger http://sptlarsenserious.googlepages.com/usikrefilerilivemessenger

Kommentar
Fra : stl_s


Dato : 03-12-06 04:11

Tak for point og stjerner.

Iøvrigt, velkommen til Kandu .

Du har følgende muligheder
Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.
Søg
Reklame
Statistik
Spørgsmål : 177577
Tips : 31968
Nyheder : 719565
Indlæg : 6409071
Brugere : 218888

Månedens bedste
Årets bedste
Sidste års bedste