Mssearchnet.exe - malware ønskes fjernet

tjekker den nu

Hent og dobbeltklik på smitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
Programmet pakker sig ud til mappen smitRem.

Hent denne scanner:
Ewido kan du downloade her: http://www.ewido.net/en/download/
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet, (men lad være med at scanne endnu).


Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, luk hijackthis igen.

R3 - URLSearchHook: (no name) - <default> - (no file)

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpADA4.tmp


Find og slet manuet:

C:\WINDOWS\system32\mssearchnet.exe


Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og gemmer rapporten.

Åbn mappen smitRem, og dobbeltklik på RunThis.bat (Følg vejledningen i vinduet.)

Klik på Start->Kontrolpanel->Skærm->Skrivebord->Tilpas Skrivebordet->Web fjern flueben i Security Info og View my Active desktop as a web page (Det er ikke sikkert det eksisterer).

Genstart og kom med en frisk Hijackthislog, samt loggen fra Ewido. Find smitfiles.txt via Start/Søg. Kopier også denne log ind.

Denne skal du også finde og slette manuelt:
C:\WINDOWS\system32\hpADA4.tmp

Smitrem burde snuppe begge to.*S*

Hej arlet

Tak for hjælpen..hermed hijackthis fil:

Logfile of HijackThis v1.99.0
Scan saved at 20:46:25, on 21-12-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\mgabg.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvctrl.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
C:\WINDOWS\system32\PDesk\PDesk.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\vsnpstd.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Alle\My Documents\Programmer fa internettet\HijackThis.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINDOWS\system32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [snpstd] C:\WINDOWS\vsnpstd.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - C:\WINDOWS\system32\mgabg.exe
O23 - Service: Symantec AntiVirus Client - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Webroot Spy Sweeper Engine - Webroot Software, Inc. - C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe

og så en Ewido log....

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:            21:18:38, 21-12-2005
+ Report-Checksum:        89D0412

+ Scan result:

    :mozilla.18:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.28:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.37:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.38:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.39:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.43:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
    :mozilla.102:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.106:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.107:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.108:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Liveperson : Cleaned with backup
    :mozilla.110:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
    :mozilla.157:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
    :mozilla.182:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.183:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
    :mozilla.201:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
    :mozilla.206:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    :mozilla.207:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.208:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.209:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.210:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.211:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
    :mozilla.249:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.250:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.251:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.252:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.253:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
    :mozilla.254:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
    :mozilla.257:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
    :mozilla.258:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.259:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.260:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.261:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.262:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
    :mozilla.338:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.339:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.340:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.355:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.356:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.357:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.358:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.362:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.363:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.364:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.365:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.366:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.367:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.368:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.369:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.370:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.371:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.372:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.374:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.375:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.376:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.377:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.378:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.379:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.380:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.381:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.382:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.383:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.384:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.385:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.386:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.387:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
    :mozilla.389:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sexlist : Cleaned with backup
    :mozilla.425:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
    :mozilla.433:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
    :mozilla.434:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
    :mozilla.435:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Comclick : Cleaned with backup
    :mozilla.824:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
    :mozilla.837:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.838:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.955:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    :mozilla.960:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.963:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    :mozilla.964:C:\Documents and Settings\Alle\Application Data\Mozilla\Firefox\Profiles\lh47tnet.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
    C:\Documents and Settings\Alle\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-6acbedf6-1c034101.class -> Trojan.Java.Femad : Cleaned with backup
    C:\Documents and Settings\Alle\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-7b647c6f-71067a16.class -> Trojan.Java.Femad : Cleaned with backup
    C:\Documents and Settings\Alle\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Gummy.class-aa56332-775b2f49.class -> Trojan.Java.Femad : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@a-vienna.oewabox[1].txt -> Spyware.Cookie.Oewabox : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@ad1.clickhype[1].txt -> Spyware.Cookie.Clickhype : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@adbrite[1].txt -> Spyware.Cookie.Adbrite : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@austria.oewabox[1].txt -> Spyware.Cookie.Oewabox : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@chicagosuntimes.122.2o7[2].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cnn.122.2o7[1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@com[1].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz11.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz3.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz4.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz5.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz6.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz7.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz8.clickzs[1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@cz9.clickzs[2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@free.wegcash[2].txt -> Spyware.Cookie.Wegcash : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@newsnetw.oewabox[1].txt -> Spyware.Cookie.Oewabox : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@rotator.adjuggler[1].txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@spms.bpath[2].txt -> Spyware.Cookie.Bpath : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@track.commissionpartner[1].txt -> Spyware.Cookie.Commissionpartner : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@trafficcenter[1].txt -> Spyware.Cookie.Trafficcenter : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@www.burstbeacon[2].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
    C:\Documents and Settings\Alle\Cookies\alle@www.myaffiliateprogram[1].txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
    C:\Documents and Settings\Alle\My Documents\_J\_Private dokumenter\SIKKERHEDSKOMPONENTER\backups\backup-20041205-183120-405.dll -> Spyware.WinAD : Cleaned with backup
    :mozilla.36:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.59:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.60:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.61:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    :mozilla.65:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.66:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Belstat : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Belstat : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
    :mozilla.76:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
    :mozilla.77:C:\Documents and Settings\B\Application Data\Mozilla\Firefox\Profiles\nvcn91p7.default\cookies.txt -> Spyware.Cookie.Euroclick : Cleaned with backup
    C:\Documents and Settings\B\Cookies\B@adopt.euroclick[1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
    C:\Documents and Settings\B\Cookies\B@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
    C:\Documents and Settings\B\Cookies\B@ehg-dig.hitbox[1].txt -> Spyware.Cookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\B\Cookies\B@ilead.itrack[1].txt -> Spyware.Cookie.Itrack : Cleaned with backup
    C:\Documents and Settings\B\Cookies\B@image.masterstats[1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
    C:\Documents and Settings\MF\Cookies\MF@commissionpartner[1].txt -> Spyware.Cookie.Commissionpartner : Cleaned with backup
    C:\Documents and Settings\MF\Cookies\MF@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
    C:\Documents and Settings\MF\Lokale indstillinger\Temp\~alstmp.exe -> Heuristic.Win32.Dialer : Cleaned with backup
    C:\WINDOWS\system32\ldB8F4.tmp -> Downloader.Zlob.cy : Cleaned with backup


::Report End

og endelig smitfile.txt

smitRem © log file
    version 2.8

    by noahdfear


Microsoft Windows XP [Version 5.1.2600]
The current date is: 20-12-2005
The current time is: 18:36:45,95

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key


PSGuard.com key not present!

spyaxe uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url
Security Troubleshooting.url


~~~ Favorites ~~~

Antivirus Test Online.url


~~~ system32 folder ~~~

1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
hp***.tmp


~~~ Icons in System32 ~~~

ts.ico
ot.ico


~~~ Windows directory ~~~



~~~ Drive root ~~~


~~~ Miscellaneous Files/folders ~~~




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~



Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 1328 'explorer.exe'
Killing PID 1328 'explorer.exe'

Starting registry repairs

Deleting files


  Remaining Post-run Files


~~~ Program Files ~~~



~~~ Shortcuts ~~~

Online Security Guide.url


~~~ Favorites ~~~



~~~ system32 folder ~~~

ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
hp***.tmp


~~~ Icons in System32 ~~~



~~~ Windows directory ~~~



~~~ Drive root ~~~



~~~ Miscellaneous Files/folders ~~~




~~~ Wininet.dll ~~~

CLEAN! :)

Fromsej..tror du har ret..men kørte lige hele baljen for at være på den sikre side *S*

arlet..ser det ud som det skal??

Ja, det gør det..

Så er din log ren.

Efter sådan en tur er det altid en god ide og rydde op i dine systemgendannelses filerne.
Deaktiver systemgendannelse ( http://www.arlet.dk/systemgendannelsen.htm ) - genstart din computer - aktiver systemgendannelse.

Generel oprydning: http://www.arlet.dk/oprydning.htm

For at beskytte dig mod snavs har jeg lavet en sikkerhedspakke,
som du kan se her : www.arlet.dk/pakke.htm

Tusind tak arlet...også for sikkerhedspakken *S*

Velbekommen

God jul