spyware vel... prøv www.download.com[...] > "ad-Aware" samt "Spybot search and destroy"
--
|amiga1200Tower|Blizzard 060 acc|2mbchip+32mb fast ram|6gig hhd|48xCdrom|Amiga Os3.9| The only way to multitask on a pc, is to run pc-task twince on amiga.. #http://jb.euroloser.dk[...]

Har prøvet med Ad-Aware 6.0... den finder ikk noget!
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

Prøv at køre hijackthis og smid en log herind. http://www.majorgeeks.com[...]
--
Nerd is just a word used by people who can't pronounce intellectual.

k.. hva med spybot ? De napper jo lidt forskelligt ;) Eller så dump din hjt.log her, så skal de kloge nok kigge på det ;)
--
|amiga1200Tower|Blizzard 060 acc|2mbchip+32mb fast ram|6gig hhd|48xCdrom|Amiga Os3.9| The only way to multitask on a pc, is to run pc-task twince on amiga.. #http://jb.euroloser.dk[...]

Er det en start-up liste eller hvad er det du mener *THILE*
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

Den eneste log jeg kunne finde ud af at lave er den her: StartupList report, 28/07/2004, 10:59:40 PM StartupList version: 1.52.2 Started from : C:DownloadHijackThis.EXE Detected: Windows XP SP1 (WinNT 5.01.2600) Detected: Internet Explorer v6.00 SP1 (6.00.2800.1106) * Using default options ================================================== Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:ProgrammerTGTSoftStyleXPStyleXPService.exe C:WINDOWSsystem32spoolsv.exe C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe C:WINDOWSExplorer.EXE C:WINDOWSSystem32GEARSEC.EXE C:ProgrammerFælles filerMicrosoft SharedVS7DEBUGMDM.EXE C:WINDOWSSystem32 vsvc32.exe C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedccApp.exe C:ProgrammeriTunesiTunesHelper.exe C:ProgrammerHighCriteriaTotalRecorderTotRecSched.exe C:ProgrammerD-Toolsdaemon.exe C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSsystem32vso_locachard.exe C:ProgrammerMessengermsmsgs.exe C:WINDOWSSystem32ctfmon.exe c:progra~1intern~1iexplore.exe C:ProgrammerTGTSoftStyleXPStyleXP.exe C:WINDOWSSystem32f0r0rdirote.exe C:ProgrammerMSN Messengermsnmsgr.exe C:WINDOWSSystem32devldr32.exe c:progra~1intern~1iexplore.exe C:ProgrammeriPodiniPodService.exe C:ProgrammerInternet Exploreriexplore.exe C:ProgrammerInternet Exploreriexplore.exe C:DownloadHijackThis.exe -------------------------------------------------- Listing of startup folders: Shell folders Startup: [C:Documents and SettingsChristofferMenuen StartProgrammerStart] PowerReg Scheduler V3.exe PowerReg Scheduler.exe Shell folders Common Startup: [C:Documents and SettingsAll UsersMenuen StartProgrammerStart] Adobe Gamma Loader.lnk = ? -------------------------------------------------- Checking Windows NT UserInit: [HKLMSoftwareMicrosoftWindows NTCurrentVersionWinlogon] UserInit = C:WINDOWSsystem32userinit.exe, -------------------------------------------------- Autorun entries from Registry: HKLMSoftwareMicrosoftWindowsCurrentVersionRun NvCplDaemon = RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup nwiz = nwiz.exe /install ccApp = "C:ProgrammerFælles filerSymantec SharedccApp.exe" ccRegVfy = "C:ProgrammerFælles filerSymantec SharedccRegVfy.exe" iTunesHelper = C:ProgrammeriTunesiTunesHelper.exe mail itch = C:PROGRA~1REF2AM~1Activelies.exe QuickTime Task = "C:ProgrammerQuickTimeqttask.exe" -atboottime TotalRecorderScheduler = "C:ProgrammerHighCriteriaTotalRecorderTotRecSched.exe" rn4d = C:WINDOWSSystem32f0r0rkolder.exe C:WINDOWSSystem32f0r0rdirote.exe DAEMON Tools-1033 = "C:ProgrammerD-Toolsdaemon.exe" -lang 1033 MessengerPlus3 = "C:ProgrammerMessenger Plus! 3MsgPlus.exe" achard = C:WINDOWSsystem32vso_locachard.exe -------------------------------------------------- Autorun entries from Registry: HKCUSoftwareMicrosoftWindowsCurrentVersionRun MSMSGS = "C:ProgrammerMessengermsmsgs.exe" /background ctfmon.exe = C:WINDOWSSystem32ctfmon.exe STYLEXP = C:ProgrammerTGTSoftStyleXPStyleXP.exe -Hide MessengerPlus3 = "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart msnmsgr = "C:ProgrammerMSN Messengermsnmsgr.exe" /background -------------------------------------------------- Shell & screensaver key from C:WINDOWSSYSTEM.INI: Shell=*INI section not found* SCRNSAVE.EXE=*INI section not found* drivers=*INI section not found* Shell & screensaver key from Registry: Shell=Explorer.exe SCRNSAVE.EXE=*Registry value not found* drivers=*Registry value not found* Policies Shell key: HKCU..Policies: Shell=*Registry key not found* HKLM..Policies: Shell=*Registry value not found* -------------------------------------------------- Enumerating Browser Helper Objects: (no name) - C:PROGRA~1SHOWCO~1SOAPDRV.exe - {4FA119AD-EE17-4C9F-15FD-A65F15E1BF2E} (no name) - C:DOCUME~1CHRIST~1LOKALE~1Tempdrahca.dat - {60112085-E1CE-4e0e-823A-EBB1AD98804C} -------------------------------------------------- Enumerating Task Scheduler jobs: AF6C25DE9187D77A.job Symantec NetDetect.job -------------------------------------------------- Enumerating Download Program Files: [Checkers Class] InProcServer32 = C:WINDOWSDownloaded Program Filesmsgrchkr.dll CODEBASE = http://messenger.zone.msn.com[...] [QuickTime Object] InProcServer32 = C:ProgrammerQuickTimeQTPlugin.ocx CODEBASE = http://www.apple.com[...] [FilePlanet Download Control Class] InProcServer32 = C:WINDOWSDownloaded Program FilesFilePlanetDownloadCtrl.dll CODEBASE = http://www.fileplanet.com[...] [EARTPatchX Class] InProcServer32 = C:WINDOWSDownloaded Program FilesEARTPX.dll CODEBASE = http://files.ea.com[...] [GSDACtl Class] InProcServer32 = C:WINDOWSDownloaded Program Filesgsda.dll CODEBASE = http://launch.gamespyarcade.com[...] [MessengerStatsClient Class] InProcServer32 = C:WINDOWSDownloaded Program Filesmessengerstatsclient.dll CODEBASE = http://messenger.zone.msn.com[...] [Update Class] InProcServer32 = C:WINDOWSSystem32iuctl.dll CODEBASE = http://v4.windowsupdate.microsoft.com[...] [SassCln Object] InProcServer32 = C:WINDOWSDownloaded Program FilesSassCln.dll CODEBASE = http://www.microsoft.com[...] [Shockwave Flash Object] InProcServer32 = C:WINDOWSSystem32macromedflashFlash.ocx CODEBASE = http://download.macromedia.com[...] -------------------------------------------------- Enumerating ShellServiceObjectDelayLoad items: PostBootReminder: C:WINDOWSsystem32SHELL32.dll CDBurn: C:WINDOWSsystem32SHELL32.dll WebCheck: C:WINDOWSSystem32webcheck.dll SysTray: C:WINDOWSSystem32stobject.dll -------------------------------------------------- End of report, 6,911 bytes Report generated in 0.161 seconds Command line options: /verbose - to add additional info on each section /complete - to include empty sections and unsuspicious data /full - to include several rarely-important sections /force9x - to include Win9x-only startups even if running on WinNT /forcent - to include WinNT-only startups even if running on Win9x /forceall - to include all Win9x and WinNT startups, regardless of platform /history - to list version history only
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

Ud fra dit skærmdump, kan jeg se at du har Dirote spyware kørende: http://www.kephyr.com[...]
--
Gæstebruger, opret dit eget login og få din egen signatur.

nej det er ikke sådan en :) Ligeså snart du har åbnet programmet skal du trykke scan. Derefter kan du trykke på "save log"
--
Nerd is just a word used by people who can't pronounce intellectual.

øhh, du Thile... Når jeg trykker scan arbejder programmet lidt og så lukker det ned
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

Hmm, det er da altid godt man kan samle model fly når ens pc ikk funker... mm den lim dufter sjovt :P
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

hmm programmet virker fint hos alle andre. Det kan tænkes det er en virus som lukker programmet...
--
Nerd is just a word used by people who can't pronounce intellectual.

Norton har ikk fundet nogen virusser
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

#12 Dit norton kan være blevet lagt ned, det oplever jeg tit at folk er ude for.. Prøv at hente avast! Antivirus: http://www.freewindows.dk[...]
--
pc-Til Dit Behov - besøg http://www.pc-tdb.dk[...]

Jeg opdagede at jeg havde en f0r0r i windows/system32. den fjernede jeg og nu virker det. Men anyways, tak for hjælpen alle jer der bidrog.
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

#14 Du opdagede *GG* Læs #7 Velbekommen ;-)
--
Gæstebruger, opret dit eget login og få din egen signatur.

Sorry, havde ikk læst dit svar... Jeg er ikk typen der tager æren... men tak --- havde jeg set den noget før havde jeg sparet mig selv for mange minutters arbejde =P
--
:: Spit-Fire = Synthetic Positronic Individual Trained for Forbidden Infiltration and Rational Exploration // End of message.

Genstart systemet. Det tager ikke en brøkdel så lang tid, som at finde frem til problemet.
--