Christian83 Skrevet 17. april 2007 Skrevet 17. april 2007 Hei! Jeg har de i de siste ukene blitt plaget av popups regelmessig når jeg bruker mozila og exploprer, det er noen reklame pop-ups og noen som reklamere for spyware program som "errorsafe". Hvordan får jeg stoppet dette? Ad-aware og virusprogrammet mitt finner tydeligvis ikke problemet. Håper på hjelp Mvh Christian
maximus Skrevet 17. april 2007 Skrevet 17. april 2007 (endret) EDIT: Fungerte ikke. Endret 17. april 2007 av maximus
Znoken Skrevet 17. april 2007 Skrevet 17. april 2007 Følg denne guiden og jeg er rimelig sikker på at du får fjernet det meste...Last også ned HijackThis og legg ut loggen her.....
Christian83 Skrevet 19. april 2007 Forfatter Skrevet 19. april 2007 Flott! Her er loggen : Logfile of HijackThis v1.99.1 Scan saved at 10:17:23, on 19.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\iprntctl.exe C:\WINDOWS\system32\iprntlgn.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\XemiComputers\Active Desktop Calendar\ADC.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\iTunes\iTunes.exe C:\Documents and Settings\Christian Lillemork\Skrivebord\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Programfiler\XemiComputers\Active Desktop Calendar\ADC.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lillemork.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
Gjest medlem-105082 Skrevet 19. april 2007 Skrevet 19. april 2007 Kjør Hijackthis og slett: O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) Last ned SAS, installer, oppdater, kjør og slett alt. Legg så ut en logg - Preferences->statistics/logs
Christian83 Skrevet 20. april 2007 Forfatter Skrevet 20. april 2007 SUPERAntiSpyware Scan Log Generated 04/19/2007 at 10:13 PM Application Version : 3.6.1000 Core Rules Database Version : 3221 Trace Rules Database Version: 1231 Scan type : Complete Scan Total Scan Time : 00:38:52 Memory items scanned : 218 Memory threats detected : 0 Registry items scanned : 5885 Registry threats detected : 0 File items scanned : 39752 File threats detected : 45 Adware.Tracking Cookie C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@winantivirus[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@adrevolver[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@trafficmp[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@2o7[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@casalemedia[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@tradedoubler[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@doubleclick[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][3].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@tribalfusion[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@fastclick[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@imrworldwide[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@drivecleaner[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@indextools[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][3].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@advertising[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@mediaplex[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@indexstats[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@atdmt[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@zedo[1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@adtech[2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][2].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\[email protected][1].txt C:\Documents and Settings\Christian Lillemork\Cookies\christian_lillemork@advertising[1].txt Adware.Casino Games (Golden Palace Casino) C:\POKER\EXPEKT POKER\CASINO.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\SKRIVEBORD\EXPEKT POKER.LNK
Christian83 Skrevet 20. april 2007 Forfatter Skrevet 20. april 2007 Ok Logfile of HijackThis v1.99.1 Scan saved at 22:57:02, on 20.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\WINDOWS\system32\iprntctl.exe C:\WINDOWS\system32\iprntlgn.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\XemiComputers\Active Desktop Calendar\ADC.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Documents and Settings\Christian Lillemork\Skrivebord\Hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&t...ilion&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar3.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar3.dll O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] CHDAudPropShortcut.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [RecGuard] C:\Windows\SMINST\RecGuard.exe O4 - HKLM\..\Run: [Reminder] C:\Windows\CREATOR\Remind_XP.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [iPrint Tray] C:\WINDOWS\system32\iprntctl.exe TRAY_ICON O4 - HKLM\..\Run: [iPrint Event Monitor] C:\WINDOWS\system32\iprntlgn.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Programfiler\XemiComputers\Active Desktop Calendar\ADC.exe O4 - HKCU\..\Run: [WMPNSCFG] C:\Programfiler\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O11 - Options group: [iNTERNATIONAL] International* O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://lillemork.spaces.live.com//PhotoUpload/MsnPUpld.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Programfiler\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Programfiler\Fellesfiler\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programfiler\Fellesfiler\LightScribe\LSSrvc.exe
Christian83 Skrevet 20. april 2007 Forfatter Skrevet 20. april 2007 Husker ikke helt om jeg har fått noen etter det... Men skal gi lyd med en gang det skulle skje. Tusen takk for hjelpa alle sammen så langt!!
Christian83 Skrevet 23. april 2007 Forfatter Skrevet 23. april 2007 (endret) Hei igjen.. Det spretter fortsatt opp spyware Reklame for ErrorSafe.. Endret 23. april 2007 av Christian83
Znoken Skrevet 23. april 2007 Skrevet 23. april 2007 (endret) Sjekk denne og denne siden ...Tror du blir kvitt errorsafe ved og følge de instuksjonene... Endret 23. april 2007 av Znoken
norbat Skrevet 23. april 2007 Skrevet 23. april 2007 (endret) Hei igjen.. Det spretter fortsatt opp spyware Reklame for ErrorSafe.. 8449948[/snapback] Da må du forklare - er det vilkårlig hvilken sider du er inne på når errorsafe spretter opp eller er det noen bestemte sider? Hvis det er bestemte sider, så ligger det noen triggere der som vil at du skal laste ned errorsafe. Få da aktivert popup-blokker i nettleseren. Hvis det er vilkårlige sider, så kan det ligge noen skjulte filer på pc'n, som ikke så lett lar seg oppdage av antispywareprog. Det du da kan prøve er å sjekke etter skjulte file vha. Blacklight fra F-secure Hent Blacklight ved å klikke på 'I accept'-knappen nede på siden du kommer til. Kjør programmet, og om det finner noe velger du 'Rename'. Gi tilbakemelding om det fant noe. Edit: Hvis du fra før av har CCleaner, så kjør noen runder med det slik at du får tømt temp-filer og cookies. Endret 23. april 2007 av norbat
Christian83 Skrevet 23. april 2007 Forfatter Skrevet 23. april 2007 (endret) Ok.. Takk for hjelpa! Jeg kjører også en runde igjennom smørbrød lista du har laget.. Vinduene spretter opp vilkårlig så langt jeg kan se... Endret 23. april 2007 av Christian83
QBab Skrevet 23. april 2007 Skrevet 23. april 2007 I tilfelle du ikke allerede har gjort det. Last ned Spybot search and destroy of SE AD-aware. Last ned oppdeteringer til programmene og kjør-scan-slett. Tror ikke det skal være verre enn som så for å bli kvitt errorsafe.
norbat Skrevet 23. april 2007 Skrevet 23. april 2007 Ok.. Takk for hjelpa! Jeg kjører også en runde igjennom smørbrød lista du har laget..Vinduene spretter opp vilkårlig så langt jeg kan se... 8450263[/snapback] Prøv gjerne Blacklight først
Christian83 Skrevet 23. april 2007 Forfatter Skrevet 23. april 2007 Da er blacklight kjørt.. Den fant 4 filer og jeg regner med at den sletta disse automatisk.. Men rett etter jeg hadde kjørt den kom det opp et nytt og ikke tidligere vindu i firefox.. En som påsto at antivirus programmene ikke var bra nok osv osv
Christian83 Skrevet 23. april 2007 Forfatter Skrevet 23. april 2007 Jeg kjørte en scan til og ser at de ikke ble sletta, legger med et vedlegg av fila blacklight fant spyware.bmp
norbat Skrevet 23. april 2007 Skrevet 23. april 2007 Gjør som tidligere nevnt ' Rename'. Filene vil fortsatt ligge på pc'n og kan fjernes manuelt - søk på navnet. Filene vil få endelsen -ren. Errorsafe-popupsen vil være historie etter dette
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå