madi Skrevet 24. mai 2006 Del Skrevet 24. mai 2006 Hei folkens jeg har fått en trojan på pcen min. får en virusvarsel fra norton antivirus. den heter Trojan.Nebuler og ligger i C:\WINDOWS\temp\tmp73.tmp norton har klar å slette noen av filene men, gir meg beskjed at den ikke kan fjerne \ eller kan ikke reparer. jeg har prøvd å gå inni C og prøvde å finne den filen, men fant ingen. når jeg trykker på ok i virusvarsel vinduet blir tmp73 rename til andre numre. Jeg har hittil prøvd å kjøre mange programmer som norton anti virus, nod32, spybot, adware-spyware, The cleaner, Trojan Remover osv. i dsikkerhetsmodus med nettverk. Men ingen av dem har klart å finne den torjan eller fjernet dem. Jeg fortsatt får virus varsel om den trojanen. jeg ville være veldig takknemlig hvis noen kunne hjelpe meg.... plzzzz svar senest mulig. Takk på forhånd Lenke til kommentar
zjulik Skrevet 24. mai 2006 Del Skrevet 24. mai 2006 Last ned Hijackthis fra min signatur, scan til en loggfil, lim inn loggen her. Da ser vi hva du har fått, og kan gi råd videre. Lenke til kommentar
madi Skrevet 24. mai 2006 Forfatter Del Skrevet 24. mai 2006 Jeg håper problemet mitt blir løst snart:( Logfile of HijackThis v1.99.1 Scan saved at 19:24:16, on 24.05.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\Programfiler\Norton Internet Security\ISSVC.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\snmp.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Update Service\livesrv.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Programfiler\Softwin\BitDefender9\vsserv.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\QuickTime\qttask.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Apoint\Apntex.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe C:\Programfiler\The Cleaner\tca.exe C:\Programfiler\The Cleaner\tcm.exe C:\Programfiler\Google\Google Desktop Search\GoogleDesktopIndex.exe C:\Programfiler\Softwin\BitDefender9\bdmcon.exe C:\Programfiler\Softwin\BitDefender9\bdoesrv.exe C:\Programfiler\Softwin\BitDefender9\bdnagent.exe C:\Programfiler\Softwin\BitDefender9\bdswitch.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Programfiler\Google\Google Desktop Search\GoogleDesktopCrawl.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Wireless LAN Utility\SiWake.exe C:\Programfiler\Yahoo!\Messenger\ymsgr_tray.exe C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\Programfiler\zlsSetup_61_744_001_en.exe C:\DOCUME~1\Madiha\LOKALE~1\Temp\GLB13A.tmp C:\Programfiler\Mozilla Firefox\firefox.exe C:\DOCUME~1\Madiha\LOKALE~1\Temp\Midlertidig mappe 2 for hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webmail.tele2.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programfiler\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NI.UERSH_0001_N68M0602] "C:\Documents and Settings\Madiha\Lokale innstillinger\Temporary Internet Files\Content.IE5\C96Z4TI7\ErrorSafeFreeInstall_no[1].exe" -nag O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programfiler\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [tcactive] C:\Programfiler\The Cleaner\tca.exe O4 - HKLM\..\Run: [tcmonitor] C:\Programfiler\The Cleaner\tcm.exe O4 - HKLM\..\Run: [bDMCon] "C:\Programfiler\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Programfiler\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Programfiler\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Programfiler\Softwin\BitDefender9\bdswitch.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] C:\Programfiler\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU\..\Run: [Weather] C:\PROGRA~1\AWS\WEATHE~1\Weather.exe 1 O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SiWake.lnk = C:\Programfiler\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Google-søk - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Oversett engelsk ord - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Koblinger bakover - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Lignende sider - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Øyeblikksbilde av siden i hurtigbufferen - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programfiler\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Lenke til kommentar
zjulik Skrevet 24. mai 2006 Del Skrevet 24. mai 2006 Tja. Først vil jeg si at du kunne være mer forsiktig med å installere alle disse toolbarene du har. Men det er en smakssak. Det som må bort først er: O4 - HKLM\..\Run: [Transponder] C:\WINDOWS\system32\susp.exe Dette er spyware. O4 - HKLM\..\Run: [NI.UERSH_0001_N68M0602] "C:\Documents and Settings\Madiha\Lokale innstillinger\Temporary Internet Files\Content.IE5\C96Z4TI7\ErrorSafeFreeInstall_no[1].exe" -nag Dette og - og det kan bety at problemet er større. Men det ser vi etterhvert. Slik gjør du: Start Hijackthis igjen og kryss av for de jeg nevnte, og be om fiks. Last ned og kjør CCleaner (link i signatur). Ta så en omstart. Så går du til Housecall (link i signatur) og kjører en scan derfra. Ny runde med CCleaner. Post så en ny logg her. Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 Det gikk greit med å kjøre hele prosessen men, da jeg kjørte scan fra Housecall, ble det funnet 3 trojan filer og "infected" cookies. Jeg prøvde å slette dem men fikk feilmelding om at det har blitt oppdaget feil på explorer og må lukkes. jeg kjørte den 3-4 ganger.de første gangene fikk jeg opp trojan filer men fikk feilmld om å lukke programmet,og de siste ganene fikk jeg ingen trojn file. Fikk vite at det ble ikke funnet noe som helst ting. En annen ting er at jeg har prøvd å fjerne O4 - HKLM\..\Run: [NI.UERSH_0001_N68M0602] "C:\Documents and Settings\Madiha\Lokale innstillinger\Temporary Internet Files\Content.IE5\C96Z4TI7\ErrorSafeFreeInstall_no[1].exe" -nag flere ganger nå, men den er der hver gang jeg scanner med hijack. Jeg forsatt får virusvarsel fra norton Antivirus. den nye loggen inneholder da: Logfile of HijackThis v1.99.1 Scan saved at 03:15:25, on 25.05.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Documents and Settings\Madiha\Skrivebord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webmail.tele2.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programfiler\google\googletoolbar2.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\01.02.5000.1021\no\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [NI.UERSH_0001_N68M0602] "C:\Documents and Settings\Madiha\Lokale innstillinger\Temporary Internet Files\Content.IE5\C96Z4TI7\ErrorSafeFreeInstall_no[1].exe" -nag O4 - HKLM\..\Run: [bDMCon] "C:\Programfiler\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Programfiler\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Programfiler\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Programfiler\Softwin\BitDefender9\bdswitch.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SiWake.lnk = C:\Programfiler\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Google-søk - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Oversett engelsk ord - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Koblinger bakover - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Lignende sider - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Øyeblikksbilde av siden i hurtigbufferen - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programfiler\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Lenke til kommentar
zjulik Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Du kan prøve denne: http://www.spywareremove.com/removeErrorSafe.html Lenke til kommentar
berxter Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Sorry for at jeg går inn i din tråd, Zjulik; jeg fant følgende: Dersom din metode ikke virker fullgodt er det (minst) 3 alternativer: - Ettersom Errorsafe er en Winfixer/Vundoklon, skulle denne guiden hjelpe. - Hvis det skjærer seg skal Ewido kjørt i safe mode ta den, - og endelig skal en oppdatert SpyBot, også kjørt i safe mode (uten Tea Timer aktiv) kunne ta den. Av disse har jeg mest tro på din metode og Ewido. Bernt K Lenke til kommentar
zjulik Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Sorry for at jeg går inn i din tråd, Zjulik; Tvert i mot - vi bør alle trå til i slike tråder. Lenke til kommentar
quakie Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Et tips er å laste ned en sikrere og mer stabil nettleser. Som f.eks Firefox. Du bør også være mer kritisk og ikke trykke ja og "install" på alt som popper opp . Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 (endret) jeg jar kjørt spyhunter og den fant en fil som heter " IE Toolbar and Homepage Hijacker. A derivative of lop.com/C2" men jeg må kjøpe programmet for å fjerne den Har dere andre forslag... eller må jeg bare reinstallere xp for å kvitt problemet? og takk til alle dere som svarte Endret 25. mai 2006 av madi Lenke til kommentar
zjulik Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Andre forslag...har du gått gjennom linken berxter ba deg om da? Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 Jeg er litt vanskelig for å skjønne hva og hvordan dette skal gjøres.og er også litt redd for å slette kanskje noen viktige filer. hva vil du si om å formatere og reinstallere xp. blir jeg jvitt problemet da? Lenke til kommentar
berxter Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 (endret) Det blir du selvsagt, men det er jo bare tull, da.. Da sletter du ihvertfall viktige filer! Å formatere pga en liten fisleinfeksjon som dette blir mer som å amputere beinet pga en inngrodd tånegl (mener nå jeg). Du, kanskje det enkleste er å laste ned Ewido, installere den, oppdatere den; restarte maskina i safe mode (f8 under oppstart) og kjøre Ewido der. Du sletter da ikke noe viktig, det gjør du vel forsåvidt ikke med de andre metodene heller, men prøv med Ewido først. Det er et flott antivirusprogram som har en gratis fullversjons prøveperiode, og er faktisk noe av det første proffene griper til for å fjerne skitt. Det går godt sammen med andre AV-programmer. Du skriver at du har kjørt SpyBot i sikkermodus; den skulle ha tatt den; slo du av TeaTimer først? Bernt K Endret 25. mai 2006 av berxter Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 har prøvd med å slå av tea time også, og har også kjørt ewido i sikkerhetsmodus. men ingenting hjelper her. får forstatt virusvarseler fra norton. har nå prøvd alt mulig:( min siste loggen. Logfile of HijackThis v1.99.1 Scan saved at 21:02:22, on 25.05.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Norton Internet Security\ISSVC.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe C:\Programfiler\ewido\security suite\ewidoctrl.exe C:\Programfiler\ewido\security suite\ewidoguard.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\System32\snmp.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Update Service\livesrv.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\Programfiler\Softwin\BitDefender9\vsserv.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Apoint\Apntex.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\Real\RealPlayer\RealPlay.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Softwin\BitDefender9\bdmcon.exe C:\Programfiler\Softwin\BitDefender9\bdoesrv.exe C:\Programfiler\Softwin\BitDefender9\bdnagent.exe C:\Programfiler\Softwin\BitDefender9\bdswitch.exe C:\Programfiler\SPYWAREfighter\spfprc.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Messenger\msmsgs.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\Programfiler\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Programfiler\Digital Line Detect\DLG.exe C:\Programfiler\Wireless LAN Utility\SiWake.exe C:\Documents and Settings\Madiha\Skrivebord\HijackThis.exe C:\Programfiler\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webmail.tele2.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://uk.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ie/defaul...earch.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www1.euro.dell.com/content/default....c=no&l=no&s=gen R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programfiler\google\googletoolbar2.dll O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [DLBTCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\DLBTtime.dll,_RunDLLEntry@16 O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [bDMCon] "C:\Programfiler\Softwin\BitDefender9\bdmcon.exe" O4 - HKLM\..\Run: [bDOESRV] "C:\Programfiler\Softwin\BitDefender9\bdoesrv.exe" O4 - HKLM\..\Run: [bDNewsAgent] "C:\Programfiler\Softwin\BitDefender9\bdnagent.exe" O4 - HKLM\..\Run: [bDSwitchAgent] "C:\Programfiler\Softwin\BitDefender9\bdswitch.exe" O4 - HKLM\..\Run: [spywarefighterguard] C:\Programfiler\SPYWAREfighter\spfprc.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: Digital Line Detect.lnk = ? O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: SiWake.lnk = C:\Programfiler\Wireless LAN Utility\SiWake.exe O8 - Extra context menu item: &Google-søk - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: &Oversett engelsk ord - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmwordtrans.html O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Koblinger bakover - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Lignende sider - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Øyeblikksbilde av siden i hurtigbufferen - res://C:\Programfiler\Google\GoogleToolbar2.dll/cmcache.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programfiler\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll O20 - Winlogon Notify: IntelWireless - C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing) O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing) O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Programfiler\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: dlbt_device - Dell - C:\WINDOWS\system32\dlbtcoms.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: ewido security suite control - ewido networks - C:\Programfiler\ewido\security suite\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Programfiler\ewido\security suite\ewidoguard.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing) O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programfiler\Dell\NICCONFIGSVC\NICCONFIGSVC.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Programfiler\Softwin\BitDefender9\vsserv.exe" /service (file missing) O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programfiler\Fellesfiler\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing) Lenke til kommentar
zjulik Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Ser ut som du er kvitt styggedommmen. Nå må du bestemme deg for et av antivirusprogrammene dine - Symantec(Norton) eller Bitdefender. Det er meget mulig at det er fordi de to krangler at du fremdeles har problemer. Avinstaller det ene. Kjør en rens med CCleaner. Post en ny logg. Lenke til kommentar
berxter Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 (endret) Jepp, loggen ser rein, om enn noe lang, ut. Madi: Hvor sier Norton at "viruset" er? Peker det fortsatt på C:\WINDOWS\temp\tmp73.tmp eller på en annen folder? Det kan jo hende at den ligger i karantenefolderen til BitDefender eller i en system_restorefolder, og da er'n harmløs i øyeblikket. Har du betalt for Spywarefighter? Hvis ikke ville jeg ha avinstallert den og erstattet den med f eks AdawareSE. Bernt K Endret 25. mai 2006 av berxter Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 nei jeg har ikke betalt for spywarefighter. er i trial perioden. norton viser ikke bare tmp73 filen." C:\windows\temp\tmp------.tmp" tallet etter tmp forandrer seg hele tiden når jeg klikker på ok. for ex. C:\windows\temp\tmp1F7.tmp, C:\windows\temp\tmp1f8.tmp, C:\windows\temp\tmp1f9.tmp osv. den viser at noen filer har blitt slettet automatisk og noen kan ikke repareres. det virker sånt at de filene som blir slettet dukker opp igjen etter jeg restarter. har slettet karantefolderen til BitDefender nå, og hvordan gjør jeg det i en system_restorefolder i tilfelle det ligger noe der. tusen takk for hjelpen ellers Lenke til kommentar
zjulik Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 Å kjøre to antiviruser er helt unødvendig. Det er svært liten - sannsynligvis ingen - sjanse for at maskinen blir sikrere. Det er stor sjanse for konflikter og "falske" funn. I tillegg blir maskinen unødvendig treg. Lenke til kommentar
berxter Skrevet 25. mai 2006 Del Skrevet 25. mai 2006 nei jeg har ikke betalt for spywarefighter. er i trial perioden. norton viser ikke bare tmp73 filen." C:\windows\temp\tmp------.tmp" tallet etter tmp forandrer seg hele tiden når jeg klikker på ok. for ex. C:\windows\temp\tmp1F7.tmp, C:\windows\temp\tmp1f8.tmp, C:\windows\temp\tmp1f9.tmp osv.den viser at noen filer har blitt slettet automatisk og noen kan ikke repareres. det virker sånt at de filene som blir slettet dukker opp igjen etter jeg restarter. har slettet karantefolderen til BitDefender nå, og hvordan gjør jeg det i en system_restorefolder i tilfelle det ligger noe der. tusen takk for hjelpen ellers 6178894[/snapback] System restorefolderen sletter du ved å skru av funksjonen, reboote og så slå på system restore igjen slik for eksempel. Vær klar over at du da sletter hele folderen, og så opprette den tom igjen, og med rein maskin bør du nok opprette et restorepunkt. (Meningene er delte om SR; noen hater det som pesten og lar det permanent være disablet, mens andre, som jeg, gjerne vil ha den.) Har du gjort som Zjulik ba deg om; kjøre ccleaner? Bernt K Lenke til kommentar
madi Skrevet 25. mai 2006 Forfatter Del Skrevet 25. mai 2006 ja har kjørt CCleaner flere ganger nå. Skal prøve å slette restorefolder. Håper det hjelper noe Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå