Hej hvis du stadig har tålmodighed til at hjælpe så må du meget gerne se på det igen. Jeg tror jeg har sluppet af med Spywarequake nu. men se lige på min nye log fil.
Har også vedlagt en panda scan nederst
JEg har prøvet at installere servicepack1 fra
http://intern.sdu.dk/it-service/tjenester/ftphotel/ftpindhold/ Men jeg får at vide: Den version af Windows 2000, du har installeret svarer ikke til den opdatering, som du prøver at installere.
Sært eftersom jeg har Windows XP ??? whats wrong ??
Logfile of HijackThis v1.99.1
Scan saved at 12:21:39, on 11-05-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Philips ToUcam Camera\GameCam SE\Program\RFTray.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Dusky\Desktop\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://pol.dkR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.politiken.dkR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://pol.dkO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Corel Graphics Suite 1117] C:\Program Files\Corel\Corel Graphics 11\Register\registration.exe /title="Corel Graphics Suite 11" /date=021903 serial=DR11CTD-9999999-KHM
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [PE2CKFNT SE] C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\ChkFont.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Photo Express Calendar Checker SE.lnk = C:\Program Files\Ulead Systems\Ulead Photo Express 2 SE\CalCheck.exe
O4 - Global Startup: Reality Fusion GameCam SE.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Program Files\nordicbetMPP\MPPoker.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cabO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011217/qtinstall.info.apple.com/qt505/dk/win/QuickTimeInstaller.exeO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145444144075O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1145444127972O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://eu-housecall.trendmicro-europe.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Panda
Incident Status Location
Adware:adware/securityerror Not disinfected c:\windows\system32\ot.ico
Adware:adware/gator Not disinfected c:\windows\GatorPatch.log
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@bs.serving-sys[1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@com[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@fastclick[2].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@media.fastclick[1].txt
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@microsofteup.112.2o7[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@serving-sys[1].txt
Spyware:Cookie/Tradedoubler Not disinfected C:\Documents and Settings\Administrator\Cookies\administrator@tradedoubler[2].txt
Adware:Adware/SecurityError Not disinfected C:\Documents and Settings\Administrator\Desktop\hijackthis.zip[backups/backup-20060419-132752-972.dll]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Desktop\smitRem.exe[smitRem/Process.exe]
Adware:Adware/SecurityError Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temp\Rar$EX00.722\backups\backup-20060419-132752-972.dll
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\3T06NKCK\smitRem[1].exe[smitRem/Process.exe]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@2o7[1].txt
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@adtech[2].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@advertising[1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@atdmt[2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@bs.serving-sys[1].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@burstnet[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@ehg-ubisoft.hitbox[1].txt
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@fastclick[2].txt
Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@hitbox[2].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@mediaplex[1].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@serving-sys[2].txt
Spyware:Cookie/onestat.com Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@stat.onestat[2].txt
Spyware:Cookie/Toplist Not disinfected C:\Documents and Settings\Dusky\Cookies\dusky@toplist[1].txt
Adware:Adware/SecurityError Not disinfected C:\Documents and Settings\Dusky\Desktop\hijackthis.zip[backups/backup-20060419-132752-972.dll]
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Dusky\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected C:\Documents and Settings\Dusky\Desktop\smitRem.exe[smitRem/Process.exe]
Adware:Adware/SecurityError Not disinfected C:\Documents and Settings\Dusky\Local Settings\Temp\Rar$EX01.297\backups\backup-20060419-132752-972.dll
