mindre egenkapital

Magazine
Go Back   Computer Juice > Computer Software > Virus, spionprogrammer og sikkerhet
Reload this Page

Vedvarende Feilmelding - M3PLUGIN.DLL

Registrer Site Spy Member List Donate Søke Dagens innlegg Marker forumene som lest Forum Rules

Register


 Default 

Vedvarende Feilmelding - M3PLUGIN.DLL




Reply
 
Thread Tools
  #1  
Old 19nde Nov 2008, 21:23
New Member Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

Hei

Det er en feilmelding som har vært dukker opp hver gang jeg starte på min PC i noen tid nå. Selv om det har egentlig ikke plaget meg (jeg bare Trykk "OK", og det forsvinner), Jeg tror det er grunnen til at jeg har problemer med å brenne ting til DVD.

Jeg vil beskrive meldingen. Det er kun et lite vindu i midten av skjermen med tittelen "RUNDLL '. Selve meldingen, sier:

"Feil ved lasting: C: \ progra ~ 1 \ bar \ 1.bin \ M3PLUGIN.DLL

Den angitte modulen ble ikke funnet. "

og så bare lar meg Klikk "OK". Aner du hva det er eller hvordan du kan fikse det?

oh yeah, jeg har Windows XP Home Edition versjon 2002 Service Pack 2.

Takk,
john
  #2  
Old 20th 2008 nov 00:31
Administrator Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

M3PLUGIN.DLL er en del av et virus og / eller spionprogramvare som har stått på systemet.

Følg denne veiledningen og post loggfilene, og deretter ett av malware vil hjelpe deg med å få fullt ryddet opp.

http://www.computer-juice.com/forums...-posting-7476/

* Flyttet tråden til Virus / Spyware forum.
__________________

Min System: Hybr! D

Prosessor (er):
AMD Turion 64 X2 TL-64 2.2GHz
Hovedkort:
HP nForce 560
RAM-minne:
2GB DDR2 PC2-5300
Graphics Card (s):
Nvidia 7150M Om bord Integrert
Lydkort:
5.1 Om bord Integrert
Harddisk (er):
250GB 5400RPM SATA300
Optisk stasjon (er):
18x CD / DVDRW-DL ATA
Case / PSU:
Stock HP
Cooling:
Stock HP
Nettverk / Internett:
10/100 Nic / 10MB Virgin Kabel
Skjerm (er):
17 "WXGA + HD BrightView Widescreen
Operating System (s):
Windows 7 Ultimate 32Bit
  #3  
Old 23 Nov 2008, 18:39
New Member Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

hei

Jeg har fullført trinn 1-6 og feilmelding på oppstart faktisk har forsvunnet. Jeg skal legge inn tre logger bare i tilfelle.

Her er programmene var jeg usikker på i "Legg til / fjern programmer"-listen:

AC3 Filter
AmpliTube 1.1 LE
Ask Toolbar
Bonjour
Compatibility Pack for 2007 Office system
Customer Experience Ekstrautstyr
DNA
Enhanced Multimedia Keyboard Solution
High Definition Audio Driver Package - KB888111
HP Boot Optimiser
IncrediMail XE
LADSPA_plugins-vinn-0.4.15
Microsoft. NET Framework 1.1
Microsoft. NET Framework 1.1 Hotfix (KB928366)
Microsoft. NET Framework 2.0 Service Pack 1
Microsoft Silverlight
Microsoft Visual C + + 2005 Redistributable (2 av disse)
MobileMe Kontrollpanel
MSXML 4.0 SP2 (KB925672)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
Pif DESIGNER
Prime95
PS2
Python 2.2 pywin32 utvidelser (build 203)
Python 2.2.3
Safari
Windows Installer 3.1 (KB893803)

Her er SUPERAntiSpyware logg:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 11/22/2008 at 09:46

Application Version: 4.22.1014

Core Rules Database Version: 3648
Trace Rules Database Version: 1631

Scan type: Complete Scan
Total Scan Time: 02:30:48

Minne eks skannet: 568
Minne trusler oppdages: 0
Registerelementene skannet: 7140
Registerverdi trusler oppdages: 79
Fil eks skannet: 198486
Fil trusler oppdages: 1

BearShare fildeling Kundekommentarer
[BearShare] C: \ Programfiler \ BearShare \ BEARSHARE.EXE
C: \ Programfiler \ BearShare \ BEARSHARE.EXE

Adware.Vundo Variant
HKLM \ Software \ Classes \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC)
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC)
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC)
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ InprocServer32
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ ProgID
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ Programmable
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ TypeLib
HKCR \ CLSID \ (994B5FB4-0103-44A6-B6B3-C73572B362BC) \ VersionIndependentProgID
HKCR \ adzgalore.optimizer.1
HKCR \ adzgalore.optimizer.1 \ CLSID
HKCR \ adzgalore.optimizer
HKCR \ adzgalore.optimizer \ CLSID
HKCR \ adzgalore.optimizer \ CurVer
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4)
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ 0
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (49BCC77A-79EB-4D50-A6DB-04E8202921C4) \ 1.0 \ HELPDIR
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ EXP lorer \ Browser Helper Objects \ (994B5FB4-0103-44A6-B6B3-C73572B362BC)
HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (994B5FB4-0103-44A6-B6B3-C73572B362BC)
HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (BCA95E31-1FBF-4F84-8F23-1BA653007A1E)
HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C)
HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ ProxyStubClsid
HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ ProxyStubClsid32
HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ TypeLib
HKCR \ Interface \ (BD219B90-626B-40F4-BFDD-420240DFCA2C) \ TypeLib # Version

Adware.MyWebSearch
HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (00A6FAF1-072E-44CF-8957-5838F569A31D)
HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ Software \ Microsoft \ Windows \ CurrentVersion \ Ext \ Stats \ (07B18EA9-A523-4961-B6BB-170DE4475CCA)

Adware.MyWebSearch / FunWebProducts
HKU \ S-1-5-21-2034642920-3615235737-3946141644-1008 \ SOFTWARE \ FunWebProducts
HKCR \ CLSID \ (9AFB8248-617F-460d-9366-D71CDEDA3179)
HKCR \ CLSID \ (9AFB8248-617F-460d-9366-D71CDEDA3179) \ TreatAs
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E)
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ 0
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ 0 \ win32
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ FLAGS
HKCR \ TypeLib \ (D518921A-4A03-425E-9873-B9A71756821E) \ 1.0 \ HELPDIR
HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE)
HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ ProxyStubClsid
HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ ProxyStubClsid32
HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ TypeLib
HKCR \ Interface \ (CF54BE1C-9359-4395-8533-1657CF209CFE) \ TypeLib # Version
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE # NextInstance
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # Service
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # Legacy
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # ConfigFlags
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # Klassifikasjon
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # ClassGUID
HKLM \ SYSTEM \ CurrentControlSet \ Enum \ Root \ LEGACY_MYW EBSEARCHSERVICE \ 0000 # DeviceDesc
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # Type
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # Start
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # ErrorControl
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # ImagePath
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # DisplayName
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service # ObjectName
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Security
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Security # Security
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum # 0
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum # Count
HKLM \ SYSTEM \ CurrentControlSet \ Services \ MyWebSearch Service \ Enum # NextInstance
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run # MyWebSearch Plugin [rundll32 C: \ progra ~ 1 \ MYWEBS ~ 1 \ bar \ 1.bin \ M3PLUGIN.DLL, UPF]

Trojan.Unclassified / MSFox
HKLM \ SOFTWARE \ Mozilla \ MSFox
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str4
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str5
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str9
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str6
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str7
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str8
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str1
HKLM \ SOFTWARE \ Mozilla \ MSFox # Str0
HKLM \ SOFTWARE \ Mozilla \ MSFox # Int2
HKLM \ SOFTWARE \ Mozilla \ MSFox # Int3

og her er Malwarebyte's Anti-Maware logg:

Malwarebytes' Anti-Malware 1.30
Database versjon: 1417
Windows 5.1.2600 Service Pack 2

23/11/2008 3:41:52 PM
mbam-log-2008-11-23 (15-41-52). txt

Scan type: Quick Scan
Objekter skannet: 55759
Tid brukt: 7 minute (s), 57 sekund (er)

Memory Processes Infected: 0
Memory Modules Infected: 3
Registernøkler Infected: 43
Registry Values Infected: 3
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 5

Memory Processes Infected:
(Ingen skadelige eks oppdaget)

Memory Modules Infected:
C: \ Programfiler \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot.
C: \ Programfiler \ Mozilla Firefox \ plugins \ NPAskSBr.dll (Trojan.Agent) -> Delete on reboot.
C: \ Programfiler \ AskSBar \ bar \ 1.bin \ A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.

Registernøkler Infected:
HKEY_CLASSES_ROOT \ TypeLib \ (f0d4b230-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (f0d4b23a-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (f0d4b23c-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ CLSID \ (b15fd82e-85bc-430d-90cb-65db1b030510) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ CLSID \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (f0d4b231-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ CLSID \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ CLSID \ (f0d4b23b-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (f0d4b23b-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CLASSES_ROOT \ xml.xml (Trojan.FakeAlert) -> karantene og slettet.
HKEY_CLASSES_ROOT \ xml.xml.1 (Trojan.FakeAlert) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (1601d447-7424-4866-8dcc-acf98a2a41e1) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (1e404d48-670a-4085-a6a0-d195793ddd33) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (9f593aac-ca4c-4a41-a7ff-a00812192d61) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Interface \ (ceb9c60d-f0ad-4b73-a3ab-4fc822e38d66) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ CLSID \ (1e404d48-670a-4085-a6a0-d195793ddd33) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Typelib \ (749ec66f-a838-4b38-b8e5-e65d905fff74) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Typelib \ (c3c0ec2c-2c1c-495c-9ad0-1f0ef833d7b5) (Adware.BHO) -> karantene og slettet.
HKEY_CLASSES_ROOT \ Typelib \ (9233c3c0-1472-4091-a505-5580a23bb4ac) (Trojan.FakeAlert) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (055fd26d-3a88-4e15-963d-dc8493744b1d) (Adware.BHO) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9506910a-0f94-4ea1-b567-7070428b8b2b) (Adware.BHO) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (07b18eab-a523-4961-b6bb-170de4475cca) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (25560540-9571-4d7b-9389-0f166788785a) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (3dc201fb-e9c9-499c-a11f-23c360d7c3f8) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (63d0ed2c-b45b-4458-8b3b-60c69bbbd83c) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (9ff05104-b030-46fc-94b8-81276e4e27df) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (1d4db7d2-6ec9-47a3-bd87-1e41684e07bb) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (25560540-9571-4d7b-9389-0f166788785a) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (3dc201fb-e9c9-499c-a11f-23c360d7c3f8) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (63d0ed2c-b45b-4458-8b3b-60c69bbbd83c) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (98d9753d-d73b-42d5-8c85-4469cda897ab) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (9ff05104-b030-46fc-94b8-81276e4e27df) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (59c7fc09-1c83-4648-b3e6-003d2bbc7481) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (68af847f-6e91-45dd-9b68-d6a12c30e5d7) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (9170b96c-28d4-4626-8358-27e6caeef907) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (d1a71fa0-ff48-48dd-9b6d-7a13a3e42127) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (ddb1968e-ead6-40fd-8dae-ff14757f60c7) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ ElevationPolicy \ (f138d901-86f0-4383-99b6-9cdd406036da) (Adware.MyWebSearch) -> karantene og slettet.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ adzgalore (Adware.Agent) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Low Rights \ RunDll32Policy \ f3ScrCtr.dll (Adware.MyWay) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Multimedia \ W Mplayer \ Schemes \ f3pss (Adware.MyWebSearch) -> karantene og slettet.

Registry Values Infected:
HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Toolbar \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (f0d4b239-da4b-4daf-81e4-dfee4931a4aa) (Adware.AskSBAR) -> karantene og slettet.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ MyWebSearch Email Plugin (Adware.MyWebSearch) -> karantene og slettet.

Registry Data Items Infected:
(Ingen skadelige eks oppdaget)

Folders Infected:
(Ingen skadelige eks oppdaget)

Files Infected:
C: \ Programfiler \ AskSBar \ bar \ 1.bin \ ASKSBAR.DLL (Adware.AskSBAR) -> Delete on reboot.
C: \ Programfiler \ Mozilla Firefox \ plugins \ NPAskSBr.dll (Trojan.Agent) -> Delete on reboot.
C: \ Programfiler \ AskSBar \ bar \ 1.bin \ A2PLUGIN.DLL (Adware.MyWebSearch) -> Delete on reboot.
C: \ WINDOWS \ system32 \ WhoisCL.exe (Adware.BHO) -> karantene og slettet.
C: \ WINDOWS \ system32 \ mysidesearch_sidebar_uninstall. Exe (Adware.BHO) -> karantene og slettet.


masse problemer, jeg ser ...

takk for ytterligere hjelp
  #4  
Old 23 Nov 2008, 20:09
Moderator Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

Jeg er ikke sikker på om du vil beholde denne eller ikke. Hvis det er noe du ikke bruker jeg vil avinstallere den. Ingen trenger å ha det ta opp plass hvis det ikke brukes. AmpliTube 1.1 LE -- http://www.sonomawireworks.com/guide...LE_for_Windows

Uninstall:
Ask Toolbar <- Dette er adware, burde vært fjernet av skannere, men sjekk for å være sikker.
IncrediMail XE <- Inkluderer reklameprogrammer avinstallere hvis du ikke bruker IncrediMail.

----------

Følg oppdatere Java instruksjoner og deretter legge inn HijackThis logg, slik at vi kan fortsette på.
__________________
  #5  
Old 23 Nov 2008, 21:19
New Member Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

OK, kom kvitt AmpliTube, men hadde problemer med de to andre.

Når jeg trykker på "Endre / fjern" for "Ask Toolbar", en melding som kalles "RUNDLL sier:

"Feil ved lasting c: \ progra ~ 1 \ AskSBar \ bar \ 1.bin \ AskSBar.dll

Den angitte modulen ble ikke funnet. "

Og når jeg trykker på "Endre / fjern" for "IncrediMail XE ', en melding som kalles" Wise Uninstall "sier:

"Kunne ikke åpne INSTALL.LOG fil."

Her er Hijack Denne loggen:

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 3:02:36 PM, on 24/11/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ issch.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programfiler \ Andrea Electronics \ AudioCommander \ AudioCommander.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe
C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ UfSeAgnt.exe
C: \ Programfiler \ Windows Defender \ MSASCui.exe
C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe
C: \ progra ~ 1 \ intern ~ 2 \ mum.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Windows Live \ Messenger \ MsnMsgr.Exe
C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Programfiler \ Yahoo! \ Messenger \ YahooMessenger.exe
C: \ Programfiler \ Bonjour \ mDNSResponder.exe
C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe
C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ SfCtlCom.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Trend Micro \ BM \ TMBMSRV.exe
C: \ Programfiler \ Canon \ CAL \ CALMAIN.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ progra ~ 1 \ TRENDM ~ 1 \ intern ~ 3 \ TmPfw.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ TmProxy.exe
C: \ Programfiler \ Trend Micro \ TrendSecure \ TSCFCommander.exe
C: \ Programfiler \ Trend Micro \ TrendSecure \ TSCFPlatformCOMSvr.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ ALCXMNTR.EXE
c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device

Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL =

http://ie.redirect.hp.com/svs/rdr?

TYPE = 3 & TP = iehome & locale = EN_AU & c = Q106 & bd = Presario & P f = skrivebordet
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL =

http://ie.redirect.hp.com/svs/rdr?

TYPE = 3 & TP = iesearch & locale = EN_AU & c = Q106 & bd = Presario & pf = skrivebordet
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant =

http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar =

http://ie.redirect.hp.com/svs/rdr?

TYPE = 3 & TP = iesearch & locale = EN_AU & c = Q106 & bd = Presario & pf = skrivebordet
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page =

http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =

http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet

Settings, ProxyOverride = *. local
R3 - URLSearchHook: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no

fil)
R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) --

C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
R3 - URLSearchHook: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no

fil)
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) --

C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) --

C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) --

C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D -

784B7D6BE0B3) - C: \ Programfiler \ Fellesfiler

\ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll (file missing)
O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) --

C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer --

(3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program

Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)

- C: \ Programfiler \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6)

- C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows

Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) --

c: \ Programfiler \ Google \ googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D)

- C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 4.1.805.4472 \ sw g.dll
O2 - BHO: TSToolbarBHO - (C1656CCA-D2EA-4A32-94AE-AE0B180E6449) - C: \ Program

Files \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74 -

9C25C1C588A9) - C: \ Programfiler \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) --

C: \ Programfiler \ Java \ jre6 \ lib \ distribuere \ jqs \ ie \ jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) --

C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O2 - BHO: XBTP02634 Class - (F97DA966-F09D-4cab-BF29-75A0026986EA) --

C: \ progra ~ 1 \ BEARSH ~ 2 \ BEARSH ~ 2 \ MediaBar.dll (fil mangler)
O3 - Toolbar: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file)
O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) --

C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) --

C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O3 - Toolbar: Transaction Protector - (E7620C98-FCCC-40E5-92EC-C7685D2E1E40) --

C: \ Programfiler \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll
O3 - Toolbar: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file)
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ programfiler

\ Google \ googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) --

C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Skjem bort

/ RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe

/ SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32

\ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE

/ IMEName
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Programfiler \ Hewlett-Packard \ HP Boot

Optimizer \ HPBootOp.exe "/ kjøre
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1

\ ISUSPM.exe-oppstart
O4 - HKLM \ .. \ Run: [ISUSScheduler] "c: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1

\ issch.exe "-start
O4 - HKLM \ .. \ Run: [SSBkgdUpdate] C: \ Programfiler \ Fellesfiler \ ScanSoft

Shared \ SSBkgdUpdate \ SSBkgdupdate.exe-Embedding-boot
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32

\ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [AudioCommander] C: \ Programfiler \ Andrea

Elektronikk \ AudioCommander \ AudioCommander.exe / brett
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [BearFlix] "C: \ Programfiler \ BEARFLIX \ BEARFLIX.EXE" / pause
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre6

\ bin \ jusched.exe "
O4 - HKLM \ .. \ Run: [googletalk] C: \ Programfiler \ Google \ Google

Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software

Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [UfSeAgnt.exe] "C: \ Programfiler \ Trend Micro \ Internet

Security \ UfSeAgnt.exe "
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32

\ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows

Defender \ MSASCui.exe "-hide
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler

Files \ Real \ Update_OB \ realsched.exe "-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe" --

atboottime
O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Programfiler \ Fellesfiler

Files \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programfiler \ Adobe \ Reader

8.0 \ Reader \ Reader_sl.exe "
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Programfiler \ UTORRENT \ UTORRENT.EXE"
O4 - HKCU \ .. \ Run: [InternodeUsage] C: \ progra ~ 1 \ intern ~ 2 \ mum.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ Windows

Live \ Messenger \ MsnMsgr.Exe "/ background
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Programfiler \ Spybot - Search &

Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Programfiler \ Yahoo!

\ Messenger \ YahooMessenger.exe "stille
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User

'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User

'NETWORK SERVICE')
O8 - Extra sammenheng menyelement: & Search -? P = ZKxdm021YYAU
O8 - Extra sammenheng menyelement: Legg til i Google Bilder Screensa & ver --

res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / C: \ progra ~ 1

\ Micros ~ 4 \ Office11 \ EXCEL.EXE/3000
O8 - Extra sammenheng menyelement: StumbleUpon PhotoBlog It! --

res: / / StumbleUponIEBar.dll / blogimage
O9 - Extra knappen: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) --

C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) --

C: \ progra ~ 1 \ micros ~ 4 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) --

c: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
O9 - Extra knappen: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) --

C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett -

Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra "Verktøy" MENUITEM: Connection Help - (E2D4D26B-0180-43a4-B05F -

462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett -

Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) --

C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7 -

f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) --

C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E -

00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O15 - Trusted Zone: *. stumbleupon.com
O16 - DPF: (215B8138-A3CF-44C5-803F-8226143CFC0A) (Trend Micro ActiveX Scan

Agent 6.6) --

http://housecall65.trendmicro.com/ho...86/win32/activ

ex / hcImpl.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) --

C: \ Programfiler \ Yahoo! \ Common \ Yinsthelper.dll
O16 - DPF: (F6676623-8BBD-479C-A51B-05868728708C) (DigitalDM) --

http://www.digitaldm.com/Plug-in/myebk/c/DIGITALDM2.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program

Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Programfiler \ Fellesfiler

Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program

Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. --

C: \ Programfiler \ Canon \ CAL \ CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd --

C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet

Forlag \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program

\ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 1050 \ Intel

32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program

Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - søndag

Microsystems, Inc. - C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LightScribeService Direct Disc Merking Service

(LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler

Files \ LightScribe \ LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation --

C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro

Inc. - C: \ Programfiler \ Trend Micro \ Internet Security \ SfCtlCom.exe
O23 - Service: Trend Micro Uautorisert Change Prevention Service (TMBMServer)

- Trend Micro Inc. - C: \ Programfiler \ Trend Micro \ BM \ TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. --

C: \ progra ~ 1 \ TRENDM ~ 1 \ intern ~ 3 \ TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. --

C: \ Programfiler \ Trend Micro \ Internet Security \ TmProxy.exe

--
End of file - 13563 bytes
  #6  
Old 23 Nov 2008, 22:43
Moderator Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

OK vi skal håndtere de to programmene som du ikke kunne avinstallere men første du må kjøre en ny HijackThis scan. Bare denne gangen når loggen kommer opp, før du kopierer den, i toppen av Notisblokk klikker Format, og klikk deretter Word Wrap. Deretter må du kopiere og lime inn resultater.
__________________
  #7  
Old 23 Nov 2008, 22:52
New Member Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

Håper dette er riktig:

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 4:51:04 PM, on 24/11/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ issch.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programfiler \ Andrea Electronics \ AudioCommander \ AudioCommander.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe
C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ UfSeAgnt.exe
C: \ Programfiler \ Windows Defender \ MSASCui.exe
C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe
C: \ progra ~ 1 \ intern ~ 2 \ mum.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Windows Live \ Messenger \ MsnMsgr.Exe
C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
C: \ Programfiler \ Yahoo! \ Messenger \ YahooMessenger.exe
C: \ Programfiler \ Bonjour \ mDNSResponder.exe
C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe
C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ SfCtlCom.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Trend Micro \ BM \ TMBMSRV.exe
C: \ Programfiler \ Canon \ CAL \ CALMAIN.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ progra ~ 1 \ TRENDM ~ 1 \ intern ~ 3 \ TmPfw.exe
C: \ Programfiler \ Trend Micro \ Internet Security \ TmProxy.exe
C: \ Programfiler \ Trend Micro \ TrendSecure \ TSCFCommander.exe
C: \ Programfiler \ Trend Micro \ TrendSecure \ TSCFPlatformCOMSvr.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ WINDOWS \ ALCXMNTR.EXE
c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ progra ~ 1 \ INCRED ~ 1 \ UNWISE.EXE
C: \ Programfiler \ Real \ RealPlayer \ RealPlay.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. local
R3 - URLSearchHook: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file)
R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
R3 - URLSearchHook: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file)
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Fellesfiler \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll (file missing)
O2 - BHO: StumbleUpon Launcher - (145B29F4-A56B-4b90-BBAC-45784EBEBBB7) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O2 - BHO: RealPlayer Download og Record Plugin for Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Programfiler \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - c: \ Programfiler \ Google \ googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 4.1.805.4472 \ sw g.dll
O2 - BHO: TSToolbarBHO - (C1656CCA-D2EA-4A32-94AE-AE0B180E6449) - C: \ Programfiler \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Programfiler \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Programfiler \ Java \ jre6 \ lib \ distribuere \ jqs \ ie \ jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - (E99421FB-68DD-40F0-B4AC-B7027CAE2F1A) - C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O2 - BHO: XBTP02634 Class - (F97DA966-F09D-4cab-BF29-75A0026986EA) - c: \ progra ~ 1 \ BEARSH ~ 2 \ BEARSH ~ 2 \ MediaBar.dll (fil mangler)
O3 - Toolbar: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file)
O3 - Toolbar: EPSON Web-To-Page - (EE5D279F-081B-4404-994D-C6B60AAEBA6D) - C: \ Programfiler \ EPSON \ EPSON Web-To-Page \ EPSON Web-To-Page.dll
O3 - Toolbar: StumbleUpon Toolbar - (5093EB4C-3E93-40AB-9266-B607BA87BDC8) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O3 - Toolbar: Transaction Protector - (E7620C98-FCCC-40E5-92EC-C7685D2E1E40) - C: \ Programfiler \ Trend Micro \ TrendSecure \ TransactionProtector \ TSToolbar.d ll
O3 - Toolbar: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file)
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - c: \ Programfiler \ Google \ googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Programfiler \ Yahoo! \ Companion \ Installerer \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Skjem bort / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [HPBootOp] "C: \ Programfiler \ Hewlett-Packard \ HP Boot Optimizer \ HPBootOp.exe" / kjøre
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-oppstart
O4 - HKLM \ .. \ Run: [ISUSScheduler] "c: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ issch. Exe"-start
O4 - HKLM \ .. \ Run: [SSBkgdUpdate] C: \ Programfiler \ Fellesfiler \ ScanSoft Shared \ SSBkgdUpdate \ SSBkgdupdate.exe-Embedding-boot
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [AudioCommander] C: \ Programfiler \ Andrea Electronics \ AudioCommander \ AudioCommander.exe / brett
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [BearFlix] "C: \ Programfiler \ BEARFLIX \ BEARFLIX.EXE" / pause
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [googletalk] C: \ Programfiler \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [UfSeAgnt.exe] "C: \ Programfiler \ Trend Micro \ Internet Security \ UfSeAgnt.exe"
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programfiler \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programfiler \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Programfiler \ UTORRENT \ UTORRENT.EXE"
O4 - HKCU \ .. \ Run: [InternodeUsage] C: \ progra ~ 1 \ intern ~ 2 \ mum.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Programfiler \ Windows Live \ Messenger \ MsnMsgr.Exe" / background
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Programfiler \ Spybot - Search & Destroy \ TeaTimer.exe
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Programfiler \ Yahoo! \ Messenger \ YahooMessenger.exe" stille
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE')
O8 - Extra sammenheng menyelement: & Search -? P = ZKxdm021YYAU
O8 - Extra sammenheng menyelement: Legg til i Google Bilder Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 4 \ Office11 \ EXCEL.EXE/3000
O8 - Extra sammenheng menyelement: StumbleUpon PhotoBlog It! - Res: / / StumbleUponIEBar.dll / blogimage
O9 - Extra knappen: StumbleUpon - (75C9223A-409A-4795-A3CA-08DE6B075B4B) - C: \ Programfiler \ StumbleUpon \ StumbleUponIEBar.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 4 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - c: \ Programfiler \ Fellesfiler \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
O9 - Extra knappen: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
O9 - Extra "Verktøy" MENUITEM: Connection Help - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHealth \ HELPCTR \ leverandører \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = USA \ IEButton \ support.htm
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O15 - Trusted Zone: *. stumbleupon.com
O16 - DPF: (215B8138-A3CF-44C5-803F-8226143CFC0A) (Trend Micro ActiveX Scan Agent 6.6) -- http://housecall65.trendmicro.com/ho...vex/hcImpl.cab
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Programfiler \ Yahoo! \ Common \ Yinsthelper.dll
O16 - DPF: (F6676623-8BBD-479C-A51B-05868728708C) (DigitalDM) -- http://www.digitaldm.com/Plug-in/myebk/c/DIGITALDM2.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Programfiler \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Programfiler \ Bonjour \ mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C: \ Programfiler \ Canon \ CAL \ CALMAIN.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Programfiler \ Fellesfiler \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Programfiler \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 1050 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C: \ Programfiler \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - C: \ Programfiler \ Trend Micro \ Internet Security \ SfCtlCom.exe
O23 - Service: Trend Micro Uautorisert Change Prevention Service (TMBMServer) - Trend Micro Inc. - C: \ Programfiler \ Trend Micro \ BM \ TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C: \ progra ~ 1 \ TRENDM ~ 1 \ intern ~ 3 \ TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C: \ Programfiler \ Trend Micro \ Internet Security \ TmProxy.exe

--
End of file - 13643 bytes
  #8  
Old 23 Nov 2008, 23:23
Moderator Group
  
Default Vedvarende Feilmelding - M3PLUGIN.DLL

Dette er liksom en lang liste men det er bare noen få ting å gjøre egentlig, og det er nødvendig. PC-en din vil takke deg.

Deaktiver Spybot's TeaTimer

Mens TeaTimer er et utmerket verktøy for forebygging av spyware, det kan også forstyrre HijackThis løser. Deaktiver TeaTimer nå før du er ren.

1. Høyreklikk Spybot i systemstatusfeltet (ser ut som en kalender med et hengelås-symbol). Velge Avslutt Spybot S & D Resident
2. Løpe Spybot S & D
3. Gå til Modus menyen, Og sørg Avansert modus er valgt.
4. På venstre side, velger Verktøy > Resident
avmerk Resident TeaTimer og OK eventuelle spørsmål og Start datamaskinen.

Merk: Hvis TeaTimer gir deg en advarsel etter at noen endringer ble gjort, at dette i stedet for å blokkere den.

Hvis TeaTimer vil ikke slå deretter avinstallere Spybot til vi er ferdig med rengjøring.

Avreise TeaTimer av før vi er helt ferdig med rengjøring.

----------

Deaktiver Windows Defender

Vi trenger å deaktivere Windows Defender Sanntidsprisdata beskyttelse som det kan forstyrre feilrettingsfilene at vi må gjøre.
  • Åpen Windows Defender
  • Klikk på Verktøy, Generelle innstillinger
  • Bla ned og fjern Slå på sanntids beskyttelse (anbefales)
  • Når du fjerner dette ved å klikke på Lagre knappen og lukke Windows Defender.
Etter alle reparasjonene er fullført er det svært viktig at du aktiverer Sanntidsprisdata Protection igjen.

----------

Uninstall spyware

Avinstaller dette mens vi rengjøring. Hvis du velger å sette det tilbake når vi har gjort det er opp til deg, men det vil bare føre til problemer for nå.

Vennligst gå til Legg til / fjern programmer og avinstallere: (hvis det)
  • BearFlix
  • BearShare eller BearShare MediaBar
----------

Mesteparten av dette er adware / spyware men noen er bare unødvendig startups. Programmene vil ikke bli berørt du trenger for å starte dem manuelt når du ønsker å bruke dem. PCen vil kjøre bedre uten dem kjører hele tiden også.

Åpne HijackThis og velg Gjør et søk.

Sett et merke ved siden av følgende oppføringer: (hvis det)
  • R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
  • R3 - URLSearchHook: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file)
  • R3 - URLSearchHook: (no name) - (0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
  • R3 - URLSearchHook: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file)
  • O2 - BHO: Ask Search Assistant BHO - (0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2) - C: \ Programfiler \ AskSBar \ SrchAstt \ 1.bin \ A2SRCHAS.DLL
  • O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
  • O2 - BHO: XBTP02634 Class - (F97DA966-F09D-4cab-BF29-75A0026986EA) - c: \ progra ~ 1 \ BEARSH ~ 2 \ BEARSH ~ 2 \ MediaBar.dll (fil mangler)
  • O3 - Toolbar: (no name) - (D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A) - (no file)
  • O3 - Toolbar: (no name) - (855F3B16-6D32-4fe6-8A56-BBB695989046) - (no file)
  • O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-oppstart
  • O4 - HKLM \ .. \ Run: [ISUSScheduler] "c: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ issch. Exe"-start
  • O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Programfiler \ Fellesfiler \ Real \ Update_OB \ realsched.exe"-osboot
  • O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ qttask.exe"-atboottime
  • O4 - HKLM \ .. \ Run: [AppleSyncNotifier] C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleSyncNotifier.exe
  • O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
  • O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Programfiler \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
  • O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
  • O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
  • O15 - Trusted Zone: *. stumbleupon.com <- Dette er ikke nødvendig i Trusted Zone.
Viktig: Lukk alle vinduer unntatt HijackThis og klikk Fix kontrolleres.

Avslutt HijackThis.

----------

Slett AskSBar mappe

C: \ Program Files \AskSBar

----------

Merk: nedenstående instruksjoner ble laget spesielt for denne brukeren. Hvis du ikke bruker, IKKE Følg disse skiltene fordi de kan ødelegge hjemkomsten til systemet

Gå til Start> Kjør og skriver Notepad.exe deretter OK

Kopier og lim inn nedenfor i Notepad og lagre som fixme.reg til ditt Desktop

Code:
REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "ISUSPM Startup" =- "ISUSScheduler" =- "TkBellExe" =- "QuickTime Task" =- "AppleSyncNotifier" =- "iTunesHelper" =- "Adobe Reader Speed Launcher "=-
Finn fixme.reg på skrivebordet og dobbeltklikk på den. Svar Ja når du blir bedt om å fusjonere med Registry.

Kontroller at du fortelle meg hvis du mottar en suksess beskjed om å legge det over til registret. Hvis du ikke blir en suksess melding, det fungerte ikke.

Slett fixme.reg fra Desktop.

----------

Laste ned Deaktiver / Fjern Windows Messenger på skrivebordet for å fjerne Windows Messenger.

Må ikke forveksles Windows Messenger med MSN Messenger fordi de ikke er det samme. Windows Messenger er en hyppig årsak til popups.

Unzip filen på skrivebordet. Åpne MessengerDisable.exe og velg den nederste boksen -- Avinstallere Windows Messenger og klikk Søke.

Avslutt ut av MessengerDisable deretter slette to filer som ble satt på skrivebordet.

Kjør CCleaner og starte datamaskinen på nytt. <- Viktig skritt.

----------

Last ned ComboFix © av ubåter fra én av de nedenfor koblinger. Pass på at toppen lagre det til Desktop.

Link # 1
Link # 2

** Merk: Det er viktig at det er lagret direkte til skrivebordet ditt

Lukk alle åpne weblesere. (Firefox, Internet Explorer, osv.) før du starter ComboFix.

Midlertidig deaktivere din antivirus, Og eventuelle antispyware sanntid beskyttelse før utføre en skanning. Klikk denne koblingen å se en liste over sikkerhetsprogrammer som skal være deaktivert og hvordan du deaktiverer dem.

Merk: TrendMicro er noen ganger vanskelig å slå. Hvis dette er tilfelle bare kjøre ComboFix anyway og la eventuelle advarsler TrendMicro gir deg til å kjøre.

Dobbeltklikk combofix.exe og følg instruksjonene.

For Windows XP systemer installere gjenopprettingskonsollen:

- Hvis du bruker Windows XP og ikke allerede har gjenopprettingskonsollen er installert, må du sørge for Internett-tilkoblingen er aktiv (hvis mulig) og klikk Ja.
- Hvis for noe grunn din Internett fungerer ikke klikker Nei.
-- Hvis du ikke bruker Windows XP, vil du ikke bli bedt om.
- Når du blir bedt om å godta lisensavtalen klikk OK.
- Godta Microsofts EULA (Klikk Ja).
- Når du blir fortalt at RC er riktig installert klikk JA å fortsette scanning for malware.

Når du er ferdig ComboFix vil produsere en logg for deg.
Poste ComboFix logg og en ny HijackThis log i neste svaret.

Viktig: Ikke mouseclick ComboFix's vinduet mens den kjører. Det kan føre til stall.

Husk å aktivere din antivirus og antispyware beskyttelse når ComboFix er fullført.

----------

Også gi meg beskjed om eventuelle problemer du merke med datamaskinen nå.

Jeg vil sannsynligvis ikke komme tilbake til dette før en gang i morgen, det er sent her. Ikke bekymre deg, vil vi få det ferdig opp og forhåpentlig PCen skal kjøres som ny!
__________________
Reply

Register

Hugseliste

Lignende Tråder
Tråd Tråd startet Forum Svar Siste innlegg
MSN Feilmelding 80040154 jwarrilow89 General Software Chat 5 6 oktober 2009 15:52
Feil eller merknad Melding Hjelp! gmckinney39 Windows-operativsystemer 3 12 mai 2009 18:02
Feilmelding sashikumaran Windows-operativsystemer 1 9 november 2008 13:34
Feilmelding megabyte Multimedia & Kodeker 6 8 mars 2008 18:14
Feilmelding legweak General Software Chat 1 25 oktober 2007 09:54
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Juice.
Kontakt -- Personvern -- Sitemap -- Topp

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by vBSEO © 2009, gjennomgå webområdet, Inc.