Hej needhelp og velkommen til Spywarefri

Du skal lige kopiere hele loggen herind. Den nederste del mangler. Prøv lige igen. *S*

sorry - her er hele loggen

på forhånd tak - hilsen peter

Logfile of HijackThis v1.97.7
Scan saved at 22:53:22, on 20-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/system32/spoolsv.exe
C:/PROGRA~1/Grisoft/AVG6/avgserv.exe
C:/Program Files/Common Files/EPSON/EBAPI/SAgent2.exe
C:/WINDOWS/System32/nvsvc32.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/Explorer.EXE
C:/Program Files/Common Files/Real/Update_OB/realsched.exe
C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
C:/Program Files/Microsoft Hardware/Mouse/point32.exe
C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
C:/Program Files/Grisoft/AVG6/avgcc32.exe
C:/WINDOWS/System32/ctfmon.exe
C:/Program Files/Messenger/msmsgs.exe
C:/WINDOWS/System32/RUNDLL32.EXE
C:/Program Files/Adobe/Acrobat 5.0/Distillr/AcroTray.exe
C:/WINDOWS/System32/ZoneLabs/vsmon.exe
C:/WINDOWS/Explorer.EXE
C:/and/hijackthis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Program Files/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Program Files/Spybot - Search & Destroy/SDHelper.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O4 - HKLM/../Run: [TkBellExe] “C:/Program Files/Common Files/Real/Update_OB/realsched.exe” -osboot
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/System32/NeroCheck.exe
O4 - HKLM/../Run: [Omnipage] C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
O4 - HKLM/../Run: [POINTER] point32.exe
O4 - HKLM/../Run: [Norton Wizzard] nwiz.exe
O4 - HKLM/../Run: [yay.exe] asass.exe
O4 - HKLM/../Run: [smrtdrv] runtime.exe
O4 - HKLM/../Run: [cvmonitor.exe] cvmonitor.exe
O4 - HKLM/../Run: [Audoi Device Loader] smssv.exe
O4 - HKLM/../Run: [System Service Manager] norton.exe
O4 - HKLM/../Run: [752E9B41] C:/WINDOWS/System32/wxquys.exe
O4 - HKLM/../Run: [Zone Labs Client] C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
O4 - HKLM/../Run: [AVG_CC] C:/Program Files/Grisoft/AVG6/avgcc32.exe /startup
O4 - HKLM/../Run: [NvCplDaemon] RUNDLL32.EXE C:/WINDOWS/System32/NvCpl.dll,NvStartup
O4 - HKLM/../Run: [nwiz] nwiz.exe /install
O4 - HKLM/../RunServices: [Norton Wizzard] nwiz.exe
O4 - HKLM/../RunServices: [yay.exe] asass.exe
O4 - HKLM/../RunServices: [smrtdrv] runtime.exe
O4 - HKLM/../RunServices: [cvmonitor.exe] cvmonitor.exe
O4 - HKLM/../RunServices: [Audoi Device Loader] smssv.exe
O4 - HKLM/../RunServices: [System Service Manager] norton.exe
O4 - HKLM/../RunServices: [DDD05049] C:/WINDOWS/System32/wxquys.exe
O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/System32/ctfmon.exe
O4 - HKCU/../Run: [MSMSGS] “C:/Program Files/Messenger/msmsgs.exe” /background
O4 - HKCU/../Run: [NvMediaCenter] RUNDLL32.EXE C:/WINDOWS/System32/NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Microsoft Office.lnk = C:/Program Files/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:/Program Files/Adobe/Acrobat 5.0/Distillr/AcroTray.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:/WINDOWS/system32/spool/drivers/w32x86/3/E_SRCV02.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O12 - Plugin for .mp3: C:/Program Files/Internet Explorer/PLUGINS/npqtplugin3.dll
O12 - Plugin for .spop: C:/Program Files/Internet Explorer/Plugins/NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) - https://netbank.sydbank.dk/ssydbankibp1900ib100.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37691.538125
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab

Hej Peter

Det var jo godt vi fik den hele.

Nu kan jeg se at du har gaobot virus så du skal en tur ud og onlinescanne først.

Først skal du slå systemgendannelse fra. Hvis du ikke ved, hvordan du gør det så kig her:  http://www.spywarefri.dk/virusscannere.htm#alle

Du kan bruge en el. flere af disse:
http://housecall.antivirus.com/housecall/start_pcc.asp
http://www.bitdefender.com/scan/license.php
http://security.symantec.com/ssc/home.asp?j=1&langid=us&venid=sym&plfid=23&pkj=ZCVXESLHFEPGEVVSDUX

Genstart.

Og så kører du en ny scanning med Hijackthis og kopier en ny log herind.

hej igen - mange tak for hjælpen

her er min nye hijack-log

hilsen peter

Logfile of HijackThis v1.97.7
Scan saved at 23:34:25, on 20-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/system32/spoolsv.exe
C:/PROGRA~1/Grisoft/AVG6/avgserv.exe
C:/Program Files/Common Files/EPSON/EBAPI/SAgent2.exe
C:/WINDOWS/System32/nvsvc32.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/Explorer.EXE
C:/Program Files/Common Files/Real/Update_OB/realsched.exe
C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
C:/Program Files/Microsoft Hardware/Mouse/point32.exe
C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
C:/Program Files/Grisoft/AVG6/avgcc32.exe
C:/WINDOWS/System32/ctfmon.exe
C:/Program Files/Messenger/msmsgs.exe
C:/WINDOWS/System32/RUNDLL32.EXE
C:/Program Files/Adobe/Acrobat 5.0/Distillr/AcroTray.exe
C:/WINDOWS/System32/ZoneLabs/vsmon.exe
C:/WINDOWS/Explorer.EXE
C:/and/hijackthis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Program Files/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Program Files/Spybot - Search & Destroy/SDHelper.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O4 - HKLM/../Run: [TkBellExe] “C:/Program Files/Common Files/Real/Update_OB/realsched.exe” -osboot
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/System32/NeroCheck.exe
O4 - HKLM/../Run: [Omnipage] C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
O4 - HKLM/../Run: [POINTER] point32.exe
O4 - HKLM/../Run: [Norton Wizzard] nwiz.exe
O4 - HKLM/../Run: [yay.exe] asass.exe
O4 - HKLM/../Run: [smrtdrv] runtime.exe
O4 - HKLM/../Run: [752E9B41] C:/WINDOWS/System32/wxquys.exe
O4 - HKLM/../Run: [Zone Labs Client] C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
O4 - HKLM/../Run: [AVG_CC] C:/Program Files/Grisoft/AVG6/avgcc32.exe /startup
O4 - HKLM/../Run: [NvCplDaemon] RUNDLL32.EXE C:/WINDOWS/System32/NvCpl.dll,NvStartup
O4 - HKLM/../Run: [nwiz] nwiz.exe /install
O4 - HKLM/../RunServices: [Norton Wizzard] nwiz.exe
O4 - HKLM/../RunServices: [yay.exe] asass.exe
O4 - HKLM/../RunServices: [smrtdrv] runtime.exe
O4 - HKLM/../RunServices: [DDD05049] C:/WINDOWS/System32/wxquys.exe
O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/System32/ctfmon.exe
O4 - HKCU/../Run: [MSMSGS] “C:/Program Files/Messenger/msmsgs.exe” /background
O4 - HKCU/../Run: [NvMediaCenter] RUNDLL32.EXE C:/WINDOWS/System32/NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Microsoft Office.lnk = C:/Program Files/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:/Program Files/Adobe/Acrobat 5.0/Distillr/AcroTray.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:/WINDOWS/system32/spool/drivers/w32x86/3/E_SRCV02.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O12 - Plugin for .mp3: C:/Program Files/Internet Explorer/PLUGINS/npqtplugin3.dll
O12 - Plugin for .spop: C:/Program Files/Internet Explorer/Plugins/NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) - https://netbank.sydbank.dk/ssydbankibp1900ib100.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37691.538125
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab

Hej igen

Der er stadig flere forskellige virus i den log, men nu skal jeg prøve at få dem væk manuelt.

Du skal genstarte i fejlsikret tilstand. Tast f8 under opstart og vælg så fejlsikret.

Kør en scanning med Hijackthis, så du kan se alle filer.
Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte en vinge ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked. Efter fix skal du genstarte din computer.

Det er disse, som skal fixes:

O4 - HKLM/../Run: [Norton Wizzard] nwiz.exe
O4 - HKLM/../Run: [yay.exe] asass.exe
O4 - HKLM/../Run: [smrtdrv] runtime.exe
O4 - HKLM/../Run: [752E9B41] C:/WINDOWS/System32/wxquys.exe
O4 - HKLM/../RunServices: [Norton Wizzard] nwiz.exe
O4 - HKLM/../RunServices: [yay.exe] asass.exe
O4 - HKLM/../RunServices: [smrtdrv] runtime.exe
O4 - HKLM/../RunServices: [DDD05049] C:/WINDOWS/System32/wxquys.exe
——————————————————————————————
Dem her kan du også med fordel fixe. De forsvinder ikke, kun fra run, og her ligger de bare og sluger dine kræfter:

O4 - HKLM/../Run: [TkBellExe] “C:/Program Files/Common Files/Real/Update_OB/realsched.exe” -osboot
O4 - Global Startup: Microsoft Office.lnk = C:/Program Files/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:/Program Files/Adobe/Acrobat 5.0/Distillr/AcroTray.exe
—————————————————————————————————-

For at kunne se alle filer og mapper, så følg denne vejledning:
Åbn en mappe, klik på Funktioner >Mappeindstillinger >Vis.
Fjern flueben ved “Skjul beskyttede operativsystemfiler”.
Fjern flueben ved “Skjul filtypenavne for kendte filtyper”.
Sæt prik i “Vis skjulte filer og mapper”.

Søg og slet det med fed:
nwiz.exe
asass.exe
runtime.exe
C:/WINDOWS/System32/wxquys.exe

Genstart din computer.
Du skal også lige hente og installere programmet Ad-aware hvis du da ikke har det i forvejen. Opdater det straks efter installationen, og inden du kører en scanning med denne. Fjern alt hvad den finder. Programmet samt brugervejledning på dansk finder du her: http://www.spywarefri.dk/vaerktoj.htm#adaware

Genstart din computer, kør en ny scanning med HijackThis, kopier en ny log herind til tjek.

hej igen - jeg har fulgt dine instruktioner - her er den nye log

hilsen peter

Logfile of HijackThis v1.97.7
Scan saved at 00:46:12, on 21-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/system32/spoolsv.exe
C:/PROGRA~1/Grisoft/AVG6/avgserv.exe
C:/Program Files/Common Files/EPSON/EBAPI/SAgent2.exe
C:/WINDOWS/System32/nvsvc32.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/Explorer.EXE
C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
C:/Program Files/Microsoft Hardware/Mouse/point32.exe
C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
C:/Program Files/Grisoft/AVG6/avgcc32.exe
C:/WINDOWS/System32/ctfmon.exe
C:/Program Files/Messenger/msmsgs.exe
C:/WINDOWS/System32/RUNDLL32.EXE
C:/WINDOWS/System32/ZoneLabs/vsmon.exe
C:/WINDOWS/Explorer.EXE
C:/and/hijackthis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Program Files/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Program Files/Spybot - Search & Destroy/SDHelper.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/System32/NeroCheck.exe
O4 - HKLM/../Run: [Omnipage] C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
O4 - HKLM/../Run: [POINTER] point32.exe
O4 - HKLM/../Run: [Zone Labs Client] C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
O4 - HKLM/../Run: [AVG_CC] C:/Program Files/Grisoft/AVG6/avgcc32.exe /startup
O4 - HKLM/../Run: [NvCplDaemon] RUNDLL32.EXE C:/WINDOWS/System32/NvCpl.dll,NvStartup
O4 - HKLM/../Run: [nwiz] nwiz.exe /install
O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/System32/ctfmon.exe
O4 - HKCU/../Run: [MSMSGS] “C:/Program Files/Messenger/msmsgs.exe” /background
O4 - HKCU/../Run: [NvMediaCenter] RUNDLL32.EXE C:/WINDOWS/System32/NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:/WINDOWS/system32/spool/drivers/w32x86/3/E_SRCV02.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O12 - Plugin for .mp3: C:/Program Files/Internet Explorer/PLUGINS/npqtplugin3.dll
O12 - Plugin for .spop: C:/Program Files/Internet Explorer/Plugins/NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) - https://netbank.sydbank.dk/ssydbankibp1900ib100.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37691.538125
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab

Hej Peter

Det ser ud til at jeg fik det hele med.

Din log er nu helt ren og du må gerne slå systemgendannelsen til igen.
Lidt råd med på vejen herfra skal du da også have.
For at sikre din pc fremover ville det være en god idé at bruge nogle af programmerne fra vores lille pakke som du kan se her:
http://www.spywarefri.dk/pakken.htm

Især vil jeg anbefale Spybot/og eller Ad-aware, SpywareBlaster, IE Privacy Keeper/el. EmtyTempFolder, IE-Spyad og SpywareGuard som minimum. De er alle gratis, fylder ikke meget, sløver ikke din pc og konflikter ikke med dine andre programmer

Ønsker du ikke mange små prg. så kan du i stedet købe et prg. som Spy Sweeper. Den ligger også i pakken, hvor du kan læse lidt mere. Der ligger også et link til dansk manual. Vælger du at købe Spy Sweeper, så er det eneste andet du har brug for, et cookie remover program.

Og så skal du også lige skjule dine filer og mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Hej igen - og tak for hjælpen

Det bekymrer mig at nwiz.exe stadig findes i min log - er det OK?

Desuden kan jeg stadig ikke komme ind få følgende:
jeg går i tools og window update og kan ikke få forbindelse. Det samme gælder for
andre microsoft-sider. Kan det være en anden form for browser-hijack?

Her er min nye log:

Logfile of HijackThis v1.97.7
Scan saved at 13:26:36, on 21-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/system32/spoolsv.exe
C:/PROGRA~1/Grisoft/AVG6/avgserv.exe
C:/Program Files/Common Files/EPSON/EBAPI/SAgent2.exe
C:/WINDOWS/System32/nvsvc32.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/Explorer.EXE
C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
C:/Program Files/Microsoft Hardware/Mouse/point32.exe
C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
C:/Program Files/Grisoft/AVG6/avgcc32.exe
C:/WINDOWS/System32/ctfmon.exe
C:/Program Files/Messenger/msmsgs.exe
C:/WINDOWS/System32/RUNDLL32.EXE
C:/WINDOWS/System32/ZoneLabs/vsmon.exe
C:/WINDOWS/Explorer.EXE
C:/and/hijackthis.exe

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Program Files/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Program Files/Spybot - Search & Destroy/SDHelper.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/System32/NeroCheck.exe
O4 - HKLM/../Run: [Omnipage] C:/Program Files/ScanSoft/OmniPageSE/opware32.exe
O4 - HKLM/../Run: [POINTER] point32.exe
O4 - HKLM/../Run: [Zone Labs Client] C:/PROGRA~1/ZONELA~1/ZONEAL~1/zlclient.exe
O4 - HKLM/../Run: [AVG_CC] C:/Program Files/Grisoft/AVG6/avgcc32.exe /startup
O4 - HKLM/../Run: [NvCplDaemon] RUNDLL32.EXE C:/WINDOWS/System32/NvCpl.dll,NvStartup
O4 - HKLM/../Run: [nwiz] nwiz.exe /install
O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/System32/ctfmon.exe
O4 - HKCU/../Run: [MSMSGS] “C:/Program Files/Messenger/msmsgs.exe” /background
O4 - HKCU/../Run: [NvMediaCenter] RUNDLL32.EXE C:/WINDOWS/System32/NVMCTRAY.DLL,NvTaskbarInit
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:/WINDOWS/system32/spool/drivers/w32x86/3/E_SRCV02.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O12 - Plugin for .mp3: C:/Program Files/Internet Explorer/PLUGINS/npqtplugin3.dll
O12 - Plugin for .spop: C:/Program Files/Internet Explorer/Plugins/NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) - https://netbank.sydbank.dk/ssydbankibp1900ib100.cab
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.danskebank.dk/html/activex/DB/Menu.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021205/qtinstall.info.apple.com/borris/us/win/QuickTimeInstaller.exe
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004033001/housecall.antivirus.com/housecall/xscan53.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37691.538125
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab

Nwiz er helt i orden - den hænger sammen med dit grafikkort.

Prøv først at slette din “cache”. I Internet Explorer skal du vælge Funktioner -> Internetindstillinger,  i fanebladet Generelt skal du klikke på “Slet filer”.

Prøv at komme på Windows Update nu.

Hvis det ikke virker, så prøv at deaktivere dit antivirusprogram og forsøg igen.

Hvis det ikke virker, så prøv at deaktivere din firewall og forsøg igen.

.... og et par links, der måske kan hjælpe:

http://v4.windowsupdate.microsoft.com/troubleshoot
http://support.microsoft.com/default.aspx?scid=kb;en-us;813444