Søg
Avatar billede bjarne_ib Nybegynder
29. juni 2006 - 22:00 Der er 9 kommentarer og
1 løsning

Kan ikke åbne Explorer ved klik - Hijack This log

Jeg har problemer med at åbne min Explorer når jeg klikker på ikonerne. Explorer åbner, men lukker med det samme. Den eneste måde jeg kan komme på nettet er ved at bruge min startside tast på mit keyboard. Det skyldes sikker noget snavs, så hvem vil kaste et blik på mine logs?

DrWeb log:

Scan statistics

Objects scanned: 523208
Infected objects found: 11
Objects with modifications found: 0
Suspicious objects found: 0
Adware programs found: 36
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 6
Objects cured: 0
Objects deleted: 2
Objects renamed: 33
Objects moved: 18
Objects ignored: 0
Scan speed: 48 Kb/s
Scan time: 11:08:29


SUPERAntiSpyWare log:

SUPERAntiSpyware Scan Log
Generated 06/29/2006 at 08:24 PM

Core Rules Database Version : 2997
Trace Rules Database Version: 1079

Memory threats detected  : 0
Registry threats detected : 3
File threats detected    : 3

Adware.180solutions/ZangoSearch
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#.Owner
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/SAIX.dll#{DECEAAA2-370A-49BB-9362-68C3A58DDC62}

Unclassified.Unknown Origin
    C:\BACKUP MAPPE\$C\program files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\Restart.exe
    C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\Restart.exe
    C:\System Volume Information\_restore{B74D94D3-D1DB-4052-A567-C83FE77FCA49}\RP45\A0085146.exe


Hijack This log:
Logfile of HijackThis v1.99.1
Scan saved at 21:33:48, on 29-06-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5346.0005)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Nero\InCD\InCDsrv.exe
C:\Super Ad Blocker\SABSVC.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\AntiVir PersonalEdition Classic\sched.exe
C:\Programmer\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Programmer\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmer\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Internet History Killer Pro\IHKiller.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Skype\Phone\Skype.exe
C:\Super Ad Blocker\SAdBlock.exe
C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\System Mechanic Pro 6.0\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Super AntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\FLLESF~1\Nokia\MPAPI\MPAPI3s.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\TV-adaptor\SchSvr.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmer\Fælles filer\PCSuite\Services\ServiceLayer.exe
C:\Casio\Plauto.exe
c:\programmer\internet explorer\iexplore.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Hijack This\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sporten.tv2.dk/nfl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Super Ad Blocker\sabtb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmer\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\RunOnce: [ Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /ErIEIndex
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BestPopupKiller] "C:\Programmer\BestPopupKiller\BestPopupKiller.exe" /STARTUP
O4 - HKCU\..\Run: [Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /Startup
O4 - HKCU\..\Run: [HistoryAudit] "C:\Programmer\HistoryAudit\HistoryAudit.exe" /STARTUP
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SuperAdBlocker] C:\Super Ad Blocker\SAdBlock.exe
O4 - HKCU\..\Run: [PcSync] C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\System Mechanic Pro 6.0\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Super AntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\RunOnce: [ Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /ErIEIndex
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\TV-adaptor\SchSvr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Casio\Plauto.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/activex/IPSUploader.cab
O16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX Control) - http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmer\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Nero\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Super Ad Blocker\SABSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\Fælles filer\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmer\Fælles filer\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Avatar billede levich Nybegynder
01. juli 2006 - 20:09 #1
øjeblik, så ser jeg på det.
Avatar billede levich Nybegynder
01. juli 2006 - 20:20 #2
Jeg vil foreslå, at du fjerner Best Popup Killer og History Audit.

Læs alle punkterne inden du gør noget.

(1)
Deaktiver systemgendannelse, ved at Højreklikke på "Denne Computer" på skrivebordet -> egenskaber -> Systemgendannelse -> sæt flueben i "Deaktiver systemgendannelse" -> Klik OK.

(2)
Afinstaller Best Popup Killer og History Audit fra kontrolpanelet under tilføj/fjern programmer.
Måske skal du svare på nogle spørgsmål under afinstallationen af History Audit – læg mærke til, hvad du svarer.

(3)
Genstart computeren i fejlsikret tilstand (tryk F8 når Windows starter op), og fix følgende linjer med HijackThis:
O4 - HKCU\..\Run: [BestPopupKiller] "C:\Programmer\BestPopupKiller\BestPopupKiller.exe" /STARTUP
O4 - HKCU\..\Run: [HistoryAudit] "C:\Programmer\HistoryAudit\HistoryAudit.exe" /STARTUP

(4)
Åbn en tilfældig mappe, i menuen skal du klikke på Funktioner -> Mappeindstillinger -> Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler" og ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

søg efter og slet mappe(r):
C:\Programmer\BestPopupKiller\
C:\Programmer\HistoryAudit\

(5)
Start -> kør -> skriv "cleanmgr" -> Slet Temporary internet files, papirkurv og midlertidige filer. Gentag for alle dine drev.

(6)
Genstart computeren normalt. Lav en ny log med HijackThis, og send den herind.

(7)
Når vi er helt færdige, så husk at aktiver systemgendannelse igen.
Avatar billede bjarne_ib Nybegynder
02. juli 2006 - 09:36 #3
Så har jeg gjort de forskellige ting, men jeg stødte på problemer i nr. 2. Best Popup Killer og History Audit fandtes ikke på listen i kontrolpanelet, så jeg har fixet de to linier i Hijack This og fjernet de to mapper på.

I går afinstallerede jeg IE 7 beta 2 og er nu tilbage på IE 6. De løste lidt af problemerne i går. (computeren var også maget langsom). Den er nu blevet hurtigere også efter de ovenstående øvelser.

Her er den nye Hijack This log:

Logfile of HijackThis v1.99.1
Scan saved at 09:12:17, on 02-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Nero\InCD\InCDsrv.exe
C:\Super Ad Blocker\SABSVC.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\AntiVir PersonalEdition Classic\sched.exe
C:\Programmer\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Ulead Systems\DVD\ULCDRSvr.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Programmer\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Programmer\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Internet History Killer Pro\IHKiller.exe
C:\Skype\Phone\Skype.exe
C:\Super Ad Blocker\SAdBlock.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\System Mechanic Pro 6.0\System Mechanic Professional 6\SMSystemAnalyzer.exe
C:\Programmer\Fælles filer\PCSuite\Services\ServiceLayer.exe
C:\Super AntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\FLLESF~1\Nokia\MPAPI\MPAPI3s.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\TV-adaptor\SchSvr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Casio\Plauto.exe
C:\Programmer\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Programmer\Logitech\Video\AlbumDB2.exe
C:\Hijack This\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://sporten.tv2.dk/nfl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O3 - Toolbar: Super Ad Blocker Toolbar - {B4B3001E-0F56-4E51-8250-BDE11547EC55} - C:\Super Ad Blocker\sabtb.dll
O4 - HKLM\..\Run: [avgnt] "C:\Programmer\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\RunOnce: [ Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /ErIEIndex
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /Startup
O4 - HKCU\..\Run: [Skype] "C:\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SuperAdBlocker] C:\Super Ad Blocker\SAdBlock.exe
O4 - HKCU\..\Run: [PcSync] C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [SMSystemAnalyzer] "C:\System Mechanic Pro 6.0\System Mechanic Professional 6\SMSystemAnalyzer.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Super AntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\RunOnce: [ Internet History Killer Pro] C:\Internet History Killer Pro\IHKiller.exe /ErIEIndex
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: InterVideo WinScheduler.lnk = C:\TV-adaptor\SchSvr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Photo Loader supervisory.lnk = C:\Casio\Plauto.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INETREPL.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Trend Micro ActiveX Scan Agent 6.5) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IPSUploader Control) - http://as.photoprintit.de/ips-opdata/activex/IPSUploader.cab
O16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX Control) - http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocx
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Programmer\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Programmer\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Nero\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Super Ad Blocker Service (SABSVC) - SuperAdBlocker.com - C:\Super Ad Blocker\SABSVC.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\Fælles filer\PCSuite\Services\ServiceLayer.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Programmer\Fælles filer\Ulead Systems\DVD\ULCDRSvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Avatar billede levich Nybegynder
02. juli 2006 - 13:49 #4
Der er ikke noget galt i, at du ikke kunne finde Best Popup Killer og History Audit fandtes på listen i kontrolpanelet. De ser ud til at være fjernet, og loggen ser fin ud nu. Er vi færdige, eller har du stadig problemer?
Avatar billede bjarne_ib Nybegynder
03. juli 2006 - 08:07 #5
Det hele kører meget bedre nu. Det eneste problem der er tilbage er Errorsafe, som jeg ikke kan komme af med selv om jeg har kørt SuperAntiSpyware, AntiWir og diverse andre scannere. Den bliver ved med at dukke op.
Jeg har ellers fulgt proceduren som er beskrevet andre steder på Eksperten, men det har ikke hjulpet.
Har du en løsning på det?
Avatar billede levich Nybegynder
03. juli 2006 - 18:59 #6
Hent http://www.spywarefri.dk/downloads1/ewido-setup.exe (Ewido).
Installer programmer og opdater det, men vent med at scanne.

Genstart i fejlsikret tilstand og scan med Ewido, fix de ting som den finder og kopier loggen herind, og fortæl om det har hjulpet.
Avatar billede bjarne_ib Nybegynder
04. juli 2006 - 11:05 #7
Jeg er igang med at scanne og skal nok komme tilbage med resultatet når den er klar. Jeg fik desværre flere problemer i går, da min Zonealarm ikke virker rigtigt (TrueVektor vrøvl) og der var noget der ændrede indstillinger i min forbindelse til internettet. Jeg fik dog downloaded Ewido og den har også fundet problemer, så jeg lægger log op når den er klar.
Avatar billede bjarne_ib Nybegynder
04. juli 2006 - 19:33 #8
Min computer er helt umulig nu. Antivir vil ikke starte op. Zonealarm er væk/melder problemer. Ewido scannede computeren og rettede 69 fejl. Desværre er computeren ikke blevet bedre af dette.

Her er loggen:

---------------------------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------

+ Oprettet den:            07:28:14, 04-07-2006
+ Rapport-Checksum:        AF3389A2

+ Scanningsresultat:
    C:\BACKUP MAPPE\$C\Antivir\INFECTED\WINADSHIFT[1].DL1.#IR -> Adware.WinAD : Renset med backup
    C:\BACKUP MAPPE\$C\Documents and Settings\Jacob From\Lokale indstillinger\Temp\__unin_0.#xe -> Adware.Altnet : Renset med backup
    C:\BACKUP MAPPE\$C\Programmer\Fælles filer\Adobe\ESD\DLMCleanup.exe -> Trojan.Patched.B : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\Downloaded Program Files\MediaAccX.#ll -> Adware.WinAD : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\Downloaded Program Files\WinStatX.#ll -> Adware.WinAD : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\c36bHs.dll/bi.dll -> Adware.BiSpy : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\c36bHs.dll/biprep.exe -> Adware.BiSpy : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\c36bHs.dll/bi.dll -> Adware.BiSpy : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\c36bHs.dll/biprep.exe -> Adware.BiSpy : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\sahagent1008.#xe -> Adware.Sahat : Renset med backup
    C:\BACKUP MAPPE\$C\WINDOWS\system32\Xcite2.#xe -> Adware.F1Organizer : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0034030.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0058670.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0105853.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0105932.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0105933.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0105935.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\A0105936.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\btv_1000.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\DoctorWeb\Quarantine\btv_1002.exe -> Downloader.RVP.e : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-01.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-01.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-01.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-01.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-02.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-02.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-02.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-02.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-03.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-03.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-03.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-03.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-04.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-04.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-04.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-04.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-05.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-05.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-05.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-05.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-06.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-06.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-06.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-06.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-07.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-07.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-07.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-07.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-08.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-08.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-08.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-08.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-09.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-09.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-09.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-09.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-10.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-10.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-10.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-10.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-11.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-11.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-11.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-11.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-12.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-12.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-12.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-12.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-13.rar/Free_Mp3-SearchEngine.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-13.rar/Mp3_License.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-13.rar/Mp3_Sound_Definition.exe -> Adware.Agent : Renset med backup
    C:\Documents and Settings\Mester\Skrivebord\Ny mappe (3)\SteSeag-13.rar/Download_Agreement.exe -> Adware.Agent : Renset med backup
    D:\Program Files\Altnet\Download Manager\asmps__0.#ll -> Adware.Altnet : Renset med backup
    D:\Program Files\Altnet\Download Manager\asm____0.#xe -> Adware.Altnet : Renset med backup


::Rapport slut
Avatar billede levich Nybegynder
04. juli 2006 - 19:51 #9
Tja, jeg har desværre ikke flere forslag.
Avatar billede bjarne_ib Nybegynder
04. juli 2006 - 20:26 #10
Men tusind tak for hjælpen
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 09:46 Messinger virker ikke på Windows 10 og Windows 11 Af eksmojo i Windows
I går 17:32 Jeg kan ikke opdatere min iPad til ios 26.4.1. Af Bettina i Apps til iOS
I går 08:32 Office pakke LTSC vs Retail? Af Don G i Office & Kontorpakker
10/0421:19 Lydindstilling Prosonic TV Af TageArent i Fjernsyn & projektorer
10/0415:37 Sort skærm Af mort1 i Windows
White papers
Flere white papers »