Frigg33 Skrevet 2. juli 2006 Del Skrevet 2. juli 2006 Innimellom får jeg opp reklame "Advertisment by OuterInfo" uten at jeg er på internett. Hvordan kan jeg fjerne dette?.. jeg har prøvd seach and destroy og adware og windows defender.. Men det går ikke vekk.. Hjelp Meg please Lenke til kommentar
Frigg33 Skrevet 3. juli 2006 Forfatter Del Skrevet 3. juli 2006 noen som kan hjelpe meg eller? Se om dere finner noe skumle greier her : Logfile of HijackThis v1.99.1 Scan saved at 20:25:15, on 03.07.06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Programfiler\Apoint2K\Apoint.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programfiler\F-Secure\Common\FSM32.EXE C:\WINDOWS\system32\897da382.exe C:\Programfiler\Windows Defender\MSASCui.exe C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\?ppPatch\l?ass.exe C:\PROGRA~1\SKS~1\taskmgr.exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\Programfiler\Apoint2K\Apntex.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe C:\Programfiler\F-Secure\Anti-Virus\FSGK32.EXE C:\Programfiler\F-Secure\Anti-Virus\fssm32.exe C:\Programfiler\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\F-Secure\Common\FSMA32.EXE C:\Programfiler\F-Secure\Common\FSMB32.EXE C:\Programfiler\F-Secure\Common\FCH32.EXE C:\Programfiler\F-Secure\Common\FAMEH32.EXE C:\Programfiler\F-Secure\Common\FNRB32.EXE C:\Programfiler\F-Secure\Common\FIH32.EXE C:\Programfiler\F-Secure\Anti-Virus\fsav32.exe C:\Programfiler\HPQ\shared\hpqwmi.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\Per Oscar\Skrivebord\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: (no name) - {E3EB3E49-FF8C-FA7C-F04D-F1EA1BB27396} - C:\WINDOWS\system32\byiqw.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programfiler\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [897da382.exe] C:\WINDOWS\system32\897da382.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [Creative Detector] C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [897da382.exe] C:\Documents and Settings\Per Oscar\Lokale innstillinger\Programdata\897da382.exe O4 - HKCU\..\Run: [Kganujc] C:\Programfiler\?ppPatch\l?ass.exe O4 - HKCU\..\Run: [Raau] "C:\PROGRA~1\SKS~1\taskmgr.exe" -vt tzt O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgNO2405.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{DFBDCFEB-CE68-4BC6-AB78-89E7DC64ADFD}: NameServer = 217.13.4.24,217.13.7.140 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: , O23 - Service: Adobe LM Service - Unknown owner - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Programfiler\F-Secure\BackWeb\7681197\Program\fsbwlan.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Programfiler\F-Secure\Common\FSAA.EXE O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FSMA32.EXE O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programfiler\HPQ\shared\hpqwmi.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Mrxatv - S3/Diamond Multimedia Systems - C:\WINDOWS\system32\drivers\nikedrv.sys O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe Lenke til kommentar
zjulik Skrevet 3. juli 2006 Del Skrevet 3. juli 2006 R3 - URLSearchHook: (no name) - {E3EB3E49-FF8C-FA7C-F04D-F1EA1BB27396} - C:\WINDOWS\system32\byiqw.dll 4 - HKLM\..\Run: [897da382.exe] C:\WINDOWS\system32\897da382.exe O4 - HKCU\..\Run: [897da382.exe] C:\Documents and Settings\Per Oscar\Lokale innstillinger\Programdata\897da382.exe O4 - HKCU\..\Run: [Kganujc] C:\Programfiler\?ppPatch\l?ass.exe O4 - HKCU\..\Run: [Raau] "C:\PROGRA~1\SKS~1\taskmgr.exe" -vt tzt Kryss av for disse i Hijackthis og be den fikse dem. Så tar du en omstart og sletter de filene som nevnes her, fysisk, ved å gå inn i mappene og se om de ligger der. Kjør CCleaner (link i sig). Post ny logg. Lenke til kommentar
Frigg33 Skrevet 3. juli 2006 Forfatter Del Skrevet 3. juli 2006 O4 - HKCU\..\Run: [Kganujc] C:\Programfiler\?ppPatch\l?ass.exe O4 - HKCU\..\Run: [Raau] "C:\PROGRA~1\SKS~1\taskmgr.exe" -vt tzt Disse to kunne jeg ikk slette fysisk.. og jeg klarte bare å krysse den ene av på hijackthis O4 - HKCU\..\Run: [Kganujc] C:\Programfiler\?ppPatch\l?ass.exe den andre var ikke på listen.. kan det hende jeg har fjernet den med spybot? Lenke til kommentar
Frigg33 Skrevet 3. juli 2006 Forfatter Del Skrevet 3. juli 2006 jeg har prøvd å fjerne så mange som mulig.. Er det noen som gidder å sjekke om alt er vekke? Logfile of HijackThis v1.99.1 Scan saved at 01:06:37, on 04.07.06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe C:\WINDOWS\AGRSMMSG.exe C:\Programfiler\Apoint2K\Apoint.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe C:\Programfiler\F-Secure\Common\FSM32.EXE C:\Programfiler\Windows Defender\MSASCui.exe C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe C:\Programfiler\WIDCOMM\Bluetooth-programvare\BTTray.exe C:\Programfiler\Apoint2K\Apntex.exe C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe C:\Programfiler\F-Secure\Anti-Virus\FSGK32.EXE C:\Programfiler\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe C:\Programfiler\F-Secure\Anti-Virus\fssm32.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\F-Secure\Common\FSMA32.EXE C:\Programfiler\F-Secure\Common\FSMB32.EXE C:\Programfiler\F-Secure\Common\FCH32.EXE C:\Programfiler\F-Secure\Common\FAMEH32.EXE C:\Programfiler\F-Secure\Common\FNRB32.EXE C:\Programfiler\F-Secure\Common\FIH32.EXE C:\Programfiler\F-Secure\Anti-Virus\fsav32.exe C:\Programfiler\HPQ\shared\hpqwmi.exe C:\WINDOWS\System32\svchost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Programfiler\MSN Messenger\msnmsgr.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\wscntfy.exe C:\Documents and Settings\Per Oscar\Skrivebord\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] C:\Programfiler\Analog Devices\SoundMAX\Smax4.exe /tray O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM\..\Run: [hpWirelessAssistant] C:\Programfiler\hpq\HP Wireless Assistant\HP Wireless Assistant.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programfiler\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programfiler\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [Creative Detector] C:\Programfiler\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [msnmsgr] "C:\Programfiler\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Programfiler\Spybot - Search & Destroy\TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Send til &Bluetooth - C:\Programfiler\WIDCOMM\Bluetooth-programvare\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\WINDOWS\system32\shdocvw.dll O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {97B79133-88F0-45F0-8D57-0F2EF27D9C66} - http://85.255.114.166/1/rdgNO2405.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{DFBDCFEB-CE68-4BC6-AB78-89E7DC64ADFD}: NameServer = 217.13.4.24,217.13.7.140 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: , O23 - Service: Adobe LM Service - Unknown owner - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programfiler\WIDCOMM\Bluetooth-programvare\bin\btwdins.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Programfiler\F-Secure\BackWeb\7681197\Program\fsbwlan.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programfiler\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FNRB32.EXE O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Programfiler\F-Secure\Common\FSAA.EXE O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programfiler\F-Secure\Common\FSMA32.EXE O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programfiler\HPQ\shared\hpqwmi.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Mrxatv - S3/Diamond Multimedia Systems - C:\WINDOWS\system32\drivers\nikedrv.sys O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå