Gå til innhold

b21a

Medlemmer
  • Innlegg

    483
  • Ble med

  • Besøkte siden sist

Innlegg skrevet av b21a

  1. Hmmmmmm, gikk inn på MS antispyware og valgte "System explorers" under advanced tools.

     

    Fant to oppføringer der som jeg blokkerte, og EUREKA!!!!!!!! skjit'n vart borte. (i hvertfall ser det sånn ut)

     

    ActiveX Virtools WebPlayer Class

     

    This ActiveX Download has been blocked.

     

    To un-block this ActiveX Download, navigate to the Security Agents > Application Agents > View Blocked Events.

    ----------------------------------------------------------------

    (Blocked) StartUp bird cdrom manager.exe bird cdrom manager.exe

     

    This Startup program has been blocked.

     

    To un-block this Startup program, navigate to the Security Agents > Application Agents > View Blocked Events.

    -----------------------------------------------------------------

    (Blocked) StartUp program ball.exe program ball.exe

     

    This Startup program has been blocked.

     

    To un-block this Startup program, navigate to the Security Agents > Application Agents > View Blocked Events.

     

    Håper dette funker :hrm:

  2. Ok jeg gir opp :blush:

     

    Kjærringa installerte msn pluss og dessverre valgte hun reklame med :wallbash:

     

    Har kjørt omtrent alle adaware programmer og virus programmer jeg vet om, men får altså ikke fjernet den#¤%!¤#¤%/%¤% skjiten.

     

    Er det noen som kan hjelpe?!? Under er logen fra hijack this:

     

    Logfile of HijackThis v1.99.1

    Scan saved at 09:41:06, on 22.04.2005

    Platform: Windows XP SP2 (WinNT 5.01.2600)

    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

     

    Running processes:

    C:\WINDOWS\System32\smss.exe

    C:\WINDOWS\system32\winlogon.exe

    C:\WINDOWS\system32\services.exe

    C:\WINDOWS\system32\lsass.exe

    C:\WINDOWS\system32\svchost.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\LEXBCES.EXE

    C:\WINDOWS\system32\LEXPPS.EXE

    C:\WINDOWS\system32\spoolsv.exe

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

    C:\WINDOWS\System32\svchost.exe

    C:\WINDOWS\system32\wuauclt.exe

    C:\WINDOWS\Explorer.EXE

    C:\WINDOWS\htpatch.exe

    C:\WINDOWS\system32\RunDll32.exe

    C:\Programfiler\Java\j2re1.4.2_04\bin\jusched.exe

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

    C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

    D:\Programfiler\Microsoft AntiSpyware\gcasServ.exe

    D:\Programfiler\SPAMfighter\SFAgent.exe

    C:\WINDOWS\system32\ctfmon.exe

    C:\Programfiler\Internet Explorer\iexplore.exe

    D:\Programfiler\Logitech\MouseWare\system\em_exec.exe

    C:\WINDOWS\system32\msiexec.exe

    c:\progra~1\intern~1\iexplore.exe

    D:\Programfiler\Microsoft AntiSpyware\gcasDtServ.exe

    D:\Temp\HijackThis.exe

     

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://goeuurphsw.com/bcoLib5nOsrCQZ9UCefb...nQDPKmmJOM.html

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.online.no/~b21a

    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.online.no/~b21a

    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll

    O4 - HKLM\..\Run: [HTpatch] C:\WINDOWS\htpatch.exe

    O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

    O4 - HKLM\..\Run: [zBrowser Launcher] D:\Programfiler\Logitech\iTouch\iTouch.exe

    O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

    O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_04\bin\jusched.exe

    O4 - HKLM\..\Run: [WinampAgent] D:\Programfiler\Winamp\winampa.exe

    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

    O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

    O4 - HKLM\..\Run: [gcasServ] "D:\Programfiler\Microsoft AntiSpyware\gcasServ.exe"

    O4 - HKLM\..\Run: [sPAMfighter Agent] "D:\Programfiler\SPAMfighter\SFAgent.exe" update delay 60

    O4 - HKLM\..\Run: [WarnSupportKindComp] C:\Documents and Settings\All Users\Programdata\new extra warn support\Program ball.exe

    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

    O4 - HKCU\..\Run: [LDM] D:\Programfiler\Logitech\\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

    O4 - HKCU\..\Run: [Yahoo! Pager] D:\Programfiler\Yahoo!\Messenger\ypager.exe -quiet

    O4 - HKCU\..\Run: [skype] "D:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized

    O4 - HKCU\..\Run: [soap Lies] C:\DOCUME~1\SLUTTB~1\PROGRA~1\STOREA~1\Bird Cdrom Manager.exe

    O4 - HKCU\..\Run: [MessengerPlus3] "\" /WinStart

    O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background

    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe

    O4 - Global Startup: Logitech Desktop Messenger.lnk = ?

    O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office\OSA9.EXE

    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_04\bin\npjpi142_04.dll

    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\j2re1.4.2_04\bin\npjpi142_04.dll

    O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - D:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe

    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=34738&clcid=0x409

    O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab

    O16 - DPF: {64D01C7F-810D-446E-A07E-16C764235644} (AtlAtomadersCtlAttrib Class) - http://zone.msn.com/bingame/amad/default/atomaders.cab

    O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - http://www.icanal.no/spill/commerce/catalo...es/ExentCtl.ocx

    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab

    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

    O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a...5/Installer.exe

    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://playweb11.pogo.com/game/deluxe/insa...aploader_v6.cab

    O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE

     

     

    EDIT: Jada, jeg vet at jeg ikke skulle brukt IE, men kjærringa liker ikke noen andre web browsere, og siden hun har kjøpt denne maskinen må jeg vel gi meg :)

  3. Dobbelt klikk på den lille høytaleren nede til høyre på oppgavelinjen, eventuelt trykk: start->programmer->tilbehør->underholdning->lydkontroll

     

    Velg alternativer->egenskaper i menyen og se etter at du har valgt mikrofon på listen.

     

    Den har etter min erfaring vært "dempet" som default, så det kan være det som plager. Bare fjern haken under volumkontrollen så burde det funke.

  4. Sjekk konto egenskapene dine.

     

    OE har en lei tendens til å rote med dem etter at du har lagt inn brukernavn/passord.

     

    Alternativer->Kontoer->e-post.

     

    Marker kontoen du vil sjekke og trykk egenskaper.

     

    Sjekk skillearket Servere.

     

    Der du hadde lagt inn popservernavnet står kanskje "Localhost" nå og i Kontonavnet står "popservere/brukernavn"(pop.online.no/ola dunk)

     

    Endre popserver navnet til bake til "normalen" og endre kontonavnet til det det skal være.

     

    Dette bruker å funke hos meg.

  5. Process File: spoolsv or spoolsv.exe

    Process Name: Microsoft Printer Spooler Service

     

    Description:

    spoolsv.exe is a Microsoft Windows system executable which handles the printing process to your local printers.

     

    Note: spoolsv.exe is also a process which is registered as the Backdoor.Ciadoor.B Trojan. This Trojan allows attackers to access your computer, stealing passwords and personal data. It is a registered security risk and should be removed immediately. Please see additional details regarding this process

     

    Tror nok jeg ville ha brukt et annet antivirus pgm, eller lastet ned en fiks for den Trojaneren.

×
×
  • Opprett ny...