hanne85 Skrevet 25. april 2007 Del Skrevet 25. april 2007 (endret) Hva kan jeg slette? jeg finner ikke spylockedfilen i Hijack sitt vindu, kun i loggen... Logfile of HijackThis v1.99.1 Scan saved at 01:47:17, on 25.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe C:\Programfiler\Video AX Object\bpmon.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\Windows Defender\MSASCui.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\SpywareLocked 3.5\SpywareLocked 3.5.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\MSN Messenger\MsnMsgr.Exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Video AX Object\bpmini.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymSCUI.exe C:\Programfiler\Fellesfiler\Symantec Shared\NMain.exe C:\PROGRA~1\NORTON~1\navw32.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Java\jre1.5.0_06\bin\jucheck.exe C:\Programfiler\Messenger\msmsgs.exe C:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nhh.no/studentar R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - C:\Programfiler\Need2Find\bar\1.bin\ND2FNBAR.DLL (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Programfiler\Video AX Object\bpvol.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Protection Bar - {F0993251-2512-4710-AF6E-0A13EA199D02} - C:\Programfiler\Video AX Object\splug.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [updateManager] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Programfiler\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Monopoly3Setup.exe] C:\DOWNLO~1\MONOPO~1.EXE /r O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://solidoleoleman.spaces.live.com//Pho...ad/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programfiler\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe Endret 25. april 2007 av hanne85 Lenke til kommentar
norbat Skrevet 25. april 2007 Del Skrevet 25. april 2007 (endret) Hei, hanne85 Hent SAS, installer og oppdater. Lukk programmet Hent Smitfraudfix, legg det på skrivebordet Restart i sikker modus (tapp F8 under oppstart) Kjør Smitfraudfix, velg valg 2. Kjør en 'Complete scan' med SAS Restart i normal Post en ny HJT-logg + loggen fra SAS (Preferences->statistics/logs), så tar vi en opprydding til slutt (Det som bla. trigger spylocked, er Video AX Object. Denne mappa vil i de fleste tilfeller bli fjerne vha. av de to overnevnte programmene) Endret 25. april 2007 av norbat Lenke til kommentar
hanne85 Skrevet 25. april 2007 Forfatter Del Skrevet 25. april 2007 Hei, hanne85 Hent SAS, installer og oppdater. Lukk programmet Hent Smitfraudfix, legg det på skrivebordet Restart i sikker modus (tapp F8 under oppstart) Kjør Smitfraudfix, velg valg 2. Kjør en 'Complete scan' med SAS Restart i normal Post en ny HJT-logg + loggen fra SAS (Preferences->statistics/logs), så tar vi en opprydding til slutt (Det som bla. trigger spylocked, er Video AX Object. Denne mappa vil i de fleste tilfeller bli fjerne vha. av de to overnevnte programmene) 8466023[/snapback] hei hei nå har jeg gjort det ovenfor, jeg får fortsatt opp systemalert nede i høyrehjørne, et spørsmålstegn med et forbudtskilt som blinker over.. her er loggene (beklager jeg vet ikke hvordan jeg lager linker...) HJT: Logfile of HijackThis v1.99.1 Scan saved at 12:33:33, on 25.04.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Norton AntiVirus\navapsvc.exe C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe C:\Programfiler\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\DAEMON Tools\daemon.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\HP\Digital Imaging\bin\hpqSTE08.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Messenger\msmsgs.exe C:\WINDOWS\system32\notepad.exe C:\Programfiler\Symantec\LiveUpdate\AUpdate.exe C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE C:\Programfiler\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Programfiler\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Program Files\HijackThis\HijackThis.exe C:\Programfiler\Symantec\LiveUpdate\LuCallbackProxy.exe C:\Programfiler\Symantec\LiveUpdate\LuCallbackProxy.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nhh.no/studentar R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [updateManager] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [eabconfg.cpl] C:\Programfiler\HPQ\Quick Launch Buttons\EabServr.exe /Start O4 - HKLM\..\Run: [Cpqset] C:\Programfiler\HPQ\Default Settings\cpqset.exe O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [HP Software Update] C:\Programfiler\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [Windows Defender] "C:\Programfiler\Windows Defender\MSASCui.exe" -hide O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Monopoly3Setup.exe] C:\DOWNLO~1\MONOPO~1.EXE /r O4 - HKCU\..\Run: [µTorrent] "C:\Programfiler\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [DAEMON Tools] "C:\Programfiler\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programfiler\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Hurtigstart for Adobe Reader.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Oppslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab31267.cab O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://solidoleoleman.spaces.live.com//Pho...ad/MsnPUpld.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/Facebo...otoUploader.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab31267.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab31267.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter: text/html - (no CLSID) - (no file) O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:\Programfiler\HPQ\SHARED\HPQWMI.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Programfiler\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe SAS: SUPERAntiSpyware Scan Log Generated 04/25/2007 at 12:17 PM Application Version : 3.6.1000 Core Rules Database Version : 3224 Trace Rules Database Version: 1235 Scan type : Complete Scan Total Scan Time : 00:55:34 Memory items scanned : 408 Memory threats detected : 0 Registry items scanned : 5550 Registry threats detected : 0 File items scanned : 37692 File threats detected : 6 Adware.Tracking Cookie C:\Documents and Settings\Hanne Søfting\Cookies\hanne sø[email protected][1].txt C:\Documents and Settings\Hanne Søfting\Cookies\hanne sø[email protected][2].txt C:\Documents and Settings\Hanne Søfting\Cookies\hanne søfting@serving-sys[1].txt C:\Documents and Settings\Hanne Søfting\Cookies\hanne sø[email protected][1].txt C:\Documents and Settings\Hanne Søfting\Cookies\hanne søfting@mediaplex[1].txt Adware.WhenU C:\SYSTEM VOLUME INFORMATION\_RESTORE{3D419849-1197-4061-845A-54BF968A6B65}\RP367\A0261930.EXE hva gjør jeg videre? og dessuten tusen takk for at du hjelper meg Lenke til kommentar
norbat Skrevet 25. april 2007 Del Skrevet 25. april 2007 Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked': O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN O18 - Filter: text/html - (no CLSID) - (no file) Fjern temprære filer m.fl ved å laste ned CCleaner. Under installasjonen fjerner du haken for å installere yahoo toolbar. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Restart pc'n og fortell så hvordan det ligger an. Lenke til kommentar
hanne85 Skrevet 25. april 2007 Forfatter Del Skrevet 25. april 2007 Kjør HJT, sett merke framfor følgende linjer og klikk 'Fix checked':O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN O18 - Filter: text/html - (no CLSID) - (no file) Fjern temprære filer m.fl ved å laste ned CCleaner. Under installasjonen fjerner du haken for å installere yahoo toolbar. Start programmet. Gå til 'Valg'->'Avansert'. Fjern avkryssingen framfor: "bare slett midlertidige filer......." Klikk på 'Renser' og deretter 'Kjør CCleaner'. Restart pc'n og fortell så hvordan det ligger an. 8467557[/snapback] pcen min er frisk! tusen tusen takk, du skal få alle mine varmeste anbefalinger i fremtiden Lenke til kommentar
norbat Skrevet 25. april 2007 Del Skrevet 25. april 2007 Flott at det ordnet seg. Du bør nullstille gjenopprettingsmappa slik at du ikke blir infisert ved en evt. systemgjenoppretting. Kontrollpanel->system->systemgjenoppretting . Sett merke framfor "Slå av .....", restart pc, fjern merket igjen for å aktivere funksjonen. Får du på ny spywareproblemer, vet du hvilket forum du kan henvende deg til. Surf trygt Lenke til kommentar
limescreen Skrevet 3. juli 2007 Del Skrevet 3. juli 2007 Prøvde de programmene og kjørte de i sikkerhetsmodus og det virket!! tusen takk du er en gud! Lenke til kommentar
norbat Skrevet 3. juli 2007 Del Skrevet 3. juli 2007 Bare hyggelig. Fint om du poster en HJT-logg, så ser vi om det ligger noe mer på lur. (NB: Opprett en egen post ved å klikke 'Nytt emne' der du legger evt. en hjt-logg) Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå