iblix Skrevet 21. september 2006 Del Skrevet 21. september 2006 Hei, NOD32 varsler veldig ofte om at jeg er blitt infected av Dialer.PZ trojan, noen som vet hvordan jeg kan fjerne dette ? HJT: Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\ewido anti-spyware 4.0\guard.exe C:\Programfiler\Eset\nod32krn.exe C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\MultiRes\MultiRes.exe C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe C:\Programfiler\Eset\nod32kui.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe C:\Programfiler\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Documents and Settings\Morten Bjørnstadjord\Skrivebord\utorrent.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Programfiler\Internet Explorer\IEXPLORE.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\Documents and Settings\Morten Bjørnstadjord\Skrivebord\virus fixing\Hijackthis\HijackThis.exe O4 - HKLM\..\Run: [MultiRes] C:\Programfiler\MultiRes\MultiRes.exe O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programfiler\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Programfiler\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [Outpost Firewall] C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programfiler\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programfiler\VIA\RAID\raid_tool.exe O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programfiler\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programfiler\ewido anti-spyware 4.0\guard.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programfiler\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe Lenke til kommentar
Pozzolan Skrevet 22. september 2006 Del Skrevet 22. september 2006 Jeg ser ikke noe galt i den loggen. Kan hende at den ligger å skjuler seg i system restore. Følg "Hijackthis guide" linken i signaturen min og les hvordan man slå av system restore. Slå det av, restart og slå det på igjen. Da burde det forsvinne. Lenke til kommentar
iblix Skrevet 24. september 2006 Forfatter Del Skrevet 24. september 2006 Ok, nå ser logg slik ut: Logfile of HijackThis v1.99.1 Scan saved at 18:26:46, on 24.09.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\ewido anti-spyware 4.0\guard.exe C:\Programfiler\Eset\nod32krn.exe C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\Programfiler\MultiRes\MultiRes.exe C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe C:\Programfiler\Eset\nod32kui.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\svchost.exe C:\Documents and Settings\Morten Bjørnstadjord\Skrivebord\virus fixing\Hijackthis\HJT1991.exe O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {9F644F86-2D49-4E89-8F28-7DA78A90E014} - C:\WINDOWS\system32\ddabx.dll O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - (no file) O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00322} - (no file) O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - C:\WINDOWS\system32\wfcabcwf.dll (file missing) O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programfiler\FlashFXP\IEFlash.dll O4 - HKLM\..\Run: [MultiRes] C:\Programfiler\MultiRes\MultiRes.exe O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programfiler\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Programfiler\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [Outpost Firewall] C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programfiler\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programfiler\VIA\RAID\raid_tool.exe O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programfiler\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O20 - Winlogon Notify: ddabx - C:\WINDOWS\system32\ddabx.dll O20 - Winlogon Notify: h618 - C:\WINDOWS\g1482671.dll (file missing) O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O20 - Winlogon Notify: winbjv32 - winbjv32.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programfiler\ewido anti-spyware 4.0\guard.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programfiler\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe Lenke til kommentar
Pozzolan Skrevet 24. september 2006 Del Skrevet 24. september 2006 (endret) Slett disse med hijackthis: O2 - BHO: (no name) - {9F644F86-2D49-4E89-8F28-7DA78A90E014} - C:\WINDOWS\system32\ddabx.dll O2 - BHO: (no name) - {a43385f0-7113-496d-96d7-b9b550e3fcca} - (no file) O2 - BHO: (no name) - {A4F94C0C-54A7-4DB1-9AF3-B22E63D00322} - (no file) O2 - BHO: (no name) - {B7672BAF-E9A3-49B6-86B2-C81719A18A4C} - C:\WINDOWS\system32\wfcabcwf.dll (file missing) O20 - Winlogon Notify: ddabx - C:\WINDOWS\system32\ddabx.dll O20 - Winlogon Notify: h618 - C:\WINDOWS\g1482671.dll (file missing) O20 - Winlogon Notify: winbjv32 - winbjv32.dll (file missing) Så sletter du denne med killbox: C:\WINDOWS\system32\ddabx.dll Dette gjøres i sikkermodus Kjør også en full scan med Nod32 i sikkermodus. Post en ny logg fra vanlig modus når du er ferdig. Endret 24. september 2006 av stealthy Lenke til kommentar
berxter Skrevet 25. september 2006 Del Skrevet 25. september 2006 Skal tro om ikke ddabx.dll er noe Vundolignende? Den opptrer som det... . Det skader ihvertfall ikke å kjøre Vundofix, og se etter om den også finner xbadd.dll, og så ta dem i safe mode. Bernt K Lenke til kommentar
iblix Skrevet 25. september 2006 Forfatter Del Skrevet 25. september 2006 (endret) ok, jeg har gjort som du sa stealthy og Jeg prøvde også VundoFix og den fant ddabx.dll, xbadd.ini og xbadd.bak1 og slettet disse. Logfile of HijackThis v1.99.1 Scan saved at 18:32:19, on 25.09.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\ewido anti-spyware 4.0\guard.exe C:\Programfiler\Eset\nod32krn.exe C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\MultiRes\MultiRes.exe C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe C:\Programfiler\Eset\nod32kui.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\ewido anti-spyware 4.0\ewido.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\Steam\Steam.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\Programfiler\VIA\RAID\raid_tool.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Morten Bjørnstadjord\Skrivebord\virus fixing\Hijackthis\HJT1991.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_07\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\Programfiler\FlashFXP\IEFlash.dll O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Programfiler\VSToolbar\VSToolBar.dll O4 - HKLM\..\Run: [MultiRes] C:\Programfiler\MultiRes\MultiRes.exe O4 - HKLM\..\Run: [smapp] C:\Programfiler\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Programfiler\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [!ewido] "C:\Programfiler\ewido anti-spyware 4.0\ewido.exe" /minimized O4 - HKLM\..\Run: [Outpost Firewall] C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe /waitservice O4 - HKLM\..\Run: [OutpostFeedBack] C:\Programfiler\Agnitum\Outpost Firewall\feedback.exe /dump:os_startup O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [steam] "C:\Programfiler\Steam\Steam.exe" -silent O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [AtiTrayTools] "C:\Programfiler\Radeon Omega Drivers\v3.8.221\ATI Tray Tools\atitray.exe" O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: VIA RAID TOOL.lnk = C:\Programfiler\VIA\RAID\raid_tool.exe O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\Programfiler\Agnitum\Outpost Firewall\Plugins\BrowserBar\ie_bar.dll O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O20 - AppInit_DLLs: C:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programfiler\ewido anti-spyware 4.0\guard.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programfiler\Eset\nod32krn.exe O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C:\Programfiler\Agnitum\Outpost Firewall\outpost.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing) O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Programfiler\Analog Devices\SoundMAX\SMAgent.exe Endret 25. september 2006 av iblix Lenke til kommentar
berxter Skrevet 26. september 2006 Del Skrevet 26. september 2006 Alt det gamle ser nå bra ut, men du har skaffet deg O3 - Toolbar: &VSToolBar - {821F87FF-8245-4972-9E28-732E92EC2F51} - C:\Programfiler\VSToolbar\VSToolBar.dll som er kjent som adware. Få'n vekk! Du skal teoretisk kunne avinstallere den fra kontrollpanelet, og siden slette hele C:\Program Files\VSToolbar evt med Killbox dersom den er der; det skulle greie biffen. Ikke glem en runde med ccleaner (husk å fjerne haka for "only remove temp files older than 48 hours" i advanced options). Bernt K Lenke til kommentar
iblix Skrevet 26. september 2006 Forfatter Del Skrevet 26. september 2006 ok, takk for god hjelp Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå