Problemer med ErrorSafe.
Jeg har problemer med popup vinduer der beder mig om at installerer ErrorSafe,jeg bliver dog ved med at lukke dem men det resulterer altid i at de sider jeg er igang med at læse lukker ned.Har kørt Dr.Web. Logfilen ser således ud:
Scan statistics
-----------------------------------------------------------------------------
Objects scanned: 152200
Infected objects found: 7
Objects with modifications found: 1
Suspicious objects found: 0
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 7
Objects renamed: 3
Objects moved: 1
Objects ignored: 0
Scan speed: 249 Kb/s
Scan time: 02:13:52
-----------------------------------------------------------------------------
=============================================================================
Total session statistics
=============================================================================
Objects scanned: 152393
Infected objects found: 7
Objects with modifications found: 1
Suspicious objects found: 0
Adware programs found: 3
Dialer programs found: 0
Joke programs found: 0
Riskware programs found: 0
Hacktool programs found: 0
Objects cured: 0
Objects deleted: 7
Objects renamed: 3
Objects moved: 1
Objects ignored: 0
Scan speed: 254 Kb/s
Scan time: 02:14:14
=============================================================================
Derefter har jeg kørt Superantispyware. Logfilen ser således ud:
SUPERAntiSpyware Scan Log
Generated 06/27/2006 at 02:00 PM
Core Rules Database Version : 2993
Trace Rules Database Version: 1078
Memory threats detected : 0
Registry threats detected : 6
File threats detected : 103
Adware.Tracking Cookie
C:\Documents and Settings\Carina\Cookies\carina@ads2.jubii[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.dk-sex[1].txt
C:\Documents and Settings\Carina\Cookies\carina@nextag[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad1.emediate[1].txt
C:\Documents and Settings\Carina\Cookies\carina@data[1].txt
C:\Documents and Settings\Carina\Cookies\carina@adopt.specificclick[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.centraliprom[1].txt
C:\Documents and Settings\Carina\Cookies\carina@clicks.checkoutsales[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.emarketmakers[2].txt
C:\Documents and Settings\Carina\Cookies\carina@clicks.jackpot[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.jackpot[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.realcastmedia[2].txt
C:\Documents and Settings\Carina\Cookies\carina@adtracking.servnet[1].txt
C:\Documents and Settings\Carina\Cookies\carina@track.adform[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.3d-passion[2].txt
C:\Documents and Settings\Carina\Cookies\carina@rightmedia[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.ofir[1].txt
C:\Documents and Settings\Carina\Cookies\carina@adecn[2].txt
C:\Documents and Settings\Carina\Cookies\carina@e2.emediate[2].txt
C:\Documents and Settings\Carina\Cookies\carina@rowise[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.tiscali[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.tripod.jubii[1].txt
C:\Documents and Settings\Carina\Cookies\carina@eboz[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.realcastmedia[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.realtechnetwork[2].txt
C:\Documents and Settings\Carina\Cookies\carina@bestserials[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad1.hardware[1].txt
C:\Documents and Settings\Carina\Cookies\carina@indexstats[2].txt
C:\Documents and Settings\Carina\Cookies\carina@newads[1].txt
C:\Documents and Settings\Carina\Cookies\carina@belnk[1].txt
C:\Documents and Settings\Carina\Cookies\carina@e-2dj6wfmiwiajegp.stats.esomniture[2].txt
C:\Documents and Settings\Carina\Cookies\carina@optimost[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.midielite[1].txt
C:\Documents and Settings\Carina\Cookies\carina@kmpads[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.xxxgateways[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.webstat[1].txt
C:\Documents and Settings\Carina\Cookies\carina@adopt.hbmediapro[2].txt
C:\Documents and Settings\Carina\Cookies\carina@serials[1].txt
C:\Documents and Settings\Carina\Cookies\carina@dist.belnk[2].txt
C:\Documents and Settings\Carina\Cookies\carina@indextools[1].txt
C:\Documents and Settings\Carina\Cookies\carina@banner.prestigecasino[1].txt
C:\Documents and Settings\Carina\Cookies\carina@starware[2].txt
C:\Documents and Settings\Carina\Cookies\carina@megastats[1].txt
C:\Documents and Settings\Carina\Cookies\carina@m1.webstats4u[1].txt
C:\Documents and Settings\Carina\Cookies\carina@easy-hit-counters[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.vg.basefarm[1].txt
C:\Documents and Settings\Carina\Cookies\carina@globalstat[1].txt
C:\Documents and Settings\Carina\Cookies\carina@warlog[2].txt
C:\Documents and Settings\Carina\Cookies\carina@advertpro.ya[1].txt
C:\Documents and Settings\Carina\Cookies\carina@yieldmanager[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.admarketplace[2].txt
C:\Documents and Settings\Carina\Cookies\carina@adsrevenue[2].txt
C:\Documents and Settings\Carina\Cookies\carina@adopt.euroclick[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.adtoma[2].txt
C:\Documents and Settings\Carina\Cookies\carina@stat.dealtime[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.iprom[2].txt
C:\Documents and Settings\Carina\Cookies\carina@countercentral[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ad1.clickhype[2].txt
C:\Documents and Settings\Carina\Cookies\carina@hurricanedigitalmedia[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.yieldmanager[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.mediaiprom[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.screensavers[2].txt
C:\Documents and Settings\Carina\Cookies\carina@i.screensavers[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.mystats[1].txt
C:\Documents and Settings\Carina\Cookies\carina@adfair[1].txt
C:\Documents and Settings\Carina\Cookies\carina@stats.manticoretechnology[1].txt
C:\Documents and Settings\Carina\Cookies\carina@partypoker[2].txt
C:\Documents and Settings\Carina\Cookies\carina@stats[1].txt
C:\Documents and Settings\Carina\Cookies\carina@winfixer[2].txt
C:\Documents and Settings\Carina\Cookies\carina@bizrate[2].txt
C:\Documents and Settings\Carina\Cookies\carina@a[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.cc214142[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.belstat[1].txt
C:\Documents and Settings\Carina\Cookies\carina@tripod.jubii[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.skins[1].txt
C:\Documents and Settings\Carina\Cookies\carina@stats1.reliablestats[2].txt
C:\Documents and Settings\Carina\Cookies\carina@dealtime[1].txt
C:\Documents and Settings\Carina\Cookies\carina@stat.postdanmark[1].txt
C:\Documents and Settings\Carina\Cookies\carina@click.tdc-online[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.webreseau[2].txt
C:\Documents and Settings\Carina\Cookies\carina@elitegn[2].txt
C:\Documents and Settings\Carina\Cookies\carina@i[2].txt
C:\Documents and Settings\Carina\Cookies\carina@revsci[2].txt
C:\Documents and Settings\Carina\Cookies\carina@ads2.drivelinemedia[1].txt
C:\Documents and Settings\Carina\Cookies\carina@tripod.lycos[2].txt
C:\Documents and Settings\Carina\Cookies\carina@counter.fateback[2].txt
C:\Documents and Settings\Carina\Cookies\carina@adv.virgilio[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ads.evendi[1].txt
C:\Documents and Settings\Carina\Cookies\carina@anad.tacoda[2].txt
C:\Documents and Settings\Carina\Cookies\carina@stats2.clicktracks[2].txt
C:\Documents and Settings\Carina\Cookies\carina@m15rc[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.crackz[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.redzoneglobal[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.belstat[2].txt
C:\Documents and Settings\Carina\Cookies\carina@clicksor[1].txt
C:\Documents and Settings\Carina\Cookies\carina@www.005.free-counter.co[2].txt
C:\Documents and Settings\Carina\Cookies\carina@www.incentaclick[2].txt
C:\Documents and Settings\Carina\Cookies\carina@tacoda[1].txt
C:\Documents and Settings\Carina\Cookies\carina@adserver.banneradministration[1].txt
C:\Documents and Settings\Carina\Cookies\carina@ad.zanox[2].txt
C:\Documents and Settings\Carina\Cookies\carina@counter[2].txt
C:\Documents and Settings\Carina\Cookies\carina@subcounter[1].txt
C:\Documents and Settings\Carina\Cookies\carina@wallpaper-screensavers[1].txt
Adware.IST/ISTBar (Slotch Bar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#.Owner
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/ISTactivex.dll#{018B7EC3-EECA-11D3-8E71-0000E82C6C0D}
Adware.Avenue Media/Internet Optimizer
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\AMeOpt
Trojan.NewDotNet
HKU\.DEFAULT\Software\New.net
HKU\S-1-5-18\Software\New.net
Og endelig har jeg kørt HijackThis. Logfilen følger:
Logfile of HijackThis v1.99.1
Scan saved at 15:10:56, on 27-06-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\Programmer\Norton Personal Firewall\NISUM.EXE
C:\WINDOWS\SOINTGR.EXE
C:\Programmer\Norton Personal Firewall\IAMAPP.EXE
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Support.com\bin\tgcmd.exe
C:\Programmer\CursorXP\CursorXP.exe
C:\Programmer\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programmer\Fælles filer\Panda Software\PavShld\pavprsrv.exe
C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Norton Personal Firewall\SymProxySvc.exe
C:\Programmer\Norton Personal Firewall\NISSERV.EXE
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Norton Personal Firewall\ATRACK.EXE
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Carina\Dokumenter\Spyware værktøjer\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.medion.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.jubii.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton SystemWorks\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Programmer\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [iamapp] C:\Programmer\Norton Personal Firewall\IAMAPP.EXE
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programmer\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [hcenter] "C:\Programmer\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKCU\..\Run: [STYLEXP] C:\Programmer\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [CursorXP] C:\Programmer\CursorXP\CursorXP.exe
O4 - HKCU\..\Run: [IncrediMail] C:\Programmer\IncrediMail\bin\IncMail.exe /c
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ZumaSetup.exe] C:\DOWNLO~1\ZUMASE~1.EXE /r
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: Adobe Gamma.lnk = ?
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Programmer\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O14 - IERESET.INF: START_PAGE_URL=http://www.medion.com
O16 - DPF: {01111C00-3E00-11D2-8470-0060089874ED} (Support.com ActionRunner Class) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlar.cab
O16 - DPF: {01111E00-3E00-11D2-8470-0060089874ED} (Support.com SmartIssue) - http://netsupport2.tdconline.dk/sdccommon/download/tgctlsi.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9FC5238F-12C4-454F-B1B5-74599A21DE47} (Webshots Photo Uploader) - http://community.webshots.com/html/WSPhotoUploader.CAB
O16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) - http://activex.microgaming.com/DLhelper/version6/dlhelper.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Personal Firewall Service (NISSERV) - Symantec Corporation - C:\Programmer\Norton Personal Firewall\NISSERV.EXE
O23 - Service: Norton Personal Firewall Accounts Manager (NISUM) - Symantec Corporation - C:\Programmer\Norton Personal Firewall\NISUM.EXE
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programmer\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmer\Fælles filer\Panda Software\PavShld\pavprsrv.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\SPEEDD~1\nopdb.exe
O23 - Service: Norton Personal Firewall Proxy Service (SymProxySvc) - Symantec Corporation - C:\Programmer\Norton Personal Firewall\SymProxySvc.exe
Er der nogle der gider at kigge det igennem for mig?
Har forøvrigt fulgt en beskrivelse/guide som jeg fornyligt har læst herinde.