Just nu i M3-nätverket
Jump to content

Vill få bort Malware SpyAxe!!!!!!!!!!!!


soffi51

Recommended Posts

Scan saved at 22:44:32, on 2005-12-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\TOSHIBA\Tvs\TvsTray.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\Apoint2K\Apoint.exe

C:\Program\TOSHIBA\E-KEY\CeEKey.exe

C:\Program\TOSHIBA\TouchPad\TPTray.exe

C:\Program\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program\TOSHIBA\Touch and Launch\PadExe.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\TCtrlIOHook.exe

C:\WINDOWS\system32\TPSMain.exe

C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

C:\Program\TOSHIBA\TOSHIBAs kontroller\TFncKy.exe

C:\Program\TOSHIBA\Accessibility\FnKeyHook.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Microsoft AntiSpyware\gcasServ.exe

C:\Program\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Microsoft AntiSpyware\gcasDtServ.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program\AntiVir PersonalEdition Classic\sched.exe

C:\Program\Apoint2K\Apntex.exe

C:\Program\AntiVir PersonalEdition Classic\avguard.exe

C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe

C:\WINDOWS\system32\msiexec.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE

C:\Program\Internet Explorer\iexplore.exe

C:\Documents and Settings\Sofie\Lokala inställningar\Temporary Internet Files\Content.IE5\Z11YNSF5\HijackThis[1].exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://passagen.se/'>http://passagen.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://passagen.se/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hp9E00.tmp

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (file missing)

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Tvs] C:\Program\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [CeEKEY] C:\Program\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPNF] C:\Program\TOSHIBA\TouchPad\TPTray.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [PadTouch] C:\Program\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [smoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [HWSetup] C:\Program\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [sVPWUTIL] C:\Program\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program\TOSHIBA\Accessibility\FnKeyHook.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [MMTray] "C:\Program\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [mmtask] "C:\Program\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] C:\Program\Microsoft AntiSpyware\gcASCleaner.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [incrediMail] C:\Program\IncrediMail\bin\IncMail.exe /c

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm

O8 - Extra context menu item: &Translate English Word - res://C:\Program\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in new background tab - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?91d7636062154c348f2d56742ad7e686

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?91d7636062154c348f2d56742ad7e686

O8 - Extra context menu item: Similar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program\Google\GoogleToolbar1.dll/cmtrans.html

O12 - Plugin for .mpeg: C:\Program\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134210839296

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: NavLogon - C:\WINDOWSO20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

 

Hoppas att jag gjort rätt nu då!/soffi51!Tacksam för all hjälp!

 

[inlägget ändrat 2005-12-13 22:50:57 av soffi51]

Link to comment
Share on other sites

Skapa en ny mapp på C:\ och placera HijackThis.exe dit så C:\HjT\HijackThis.exe

 

 

[log]Ladda ner smitrem.exe på skrivbordet

 

http://noahdfear.geekstogo.com/click%20counter/click.php?id=1

 

Dubbelklicka på den och klicka Start så får du smitrem mappen på skrivbordet

 

Starta sen i felsäkert läge

 

Scanna med Hijack bocka i dessa rader om dom finns och klicka Fix checked

 

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hp9E00.tmp

 

Sen öppna smitRem-mappen, dubbelklicka på RunThis.bat filen och följ anvisningarna.

Starta sen normalt och skicka smitrem logg ( C:\smitfiles.txt) och ny Hijack logg.

 

Glöm inte detta när du skickar loggar:

 

När du har klistrat in loggen så måla\markera den och klicka på LOG knappen och sen skicka."[/log]

 

Link to comment
Share on other sites

 

Scan saved at 23:50:45, on 2005-12-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\TOSHIBA\Tvs\TvsTray.exe

C:\WINDOWS\AGRSMMSG.exe

C:\Program\Apoint2K\Apoint.exe

C:\Program\TOSHIBA\E-KEY\CeEKey.exe

C:\Program\TOSHIBA\TouchPad\TPTray.exe

C:\Program\TOSHIBA\ConfigFree\NDSTray.exe

C:\Program\TOSHIBA\Touch and Launch\PadExe.exe

C:\WINDOWS\system32\ZoomingHook.exe

C:\WINDOWS\system32\TCtrlIOHook.exe

C:\WINDOWS\system32\TPSMain.exe

C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

C:\Program\TOSHIBA\TOSHIBAs kontroller\TFncKy.exe

C:\Program\TOSHIBA\Accessibility\FnKeyHook.exe

C:\WINDOWS\system32\dla\tfswctrl.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Microsoft AntiSpyware\gcasServ.exe

C:\Program\Musicmatch\Musicmatch Jukebox\mm_tray.exe

C:\Program\Musicmatch\Musicmatch Jukebox\mmtask.exe

C:\Program\AntiVir PersonalEdition Classic\sched.exe

C:\Program\Apoint2K\Apntex.exe

C:\Program\Microsoft AntiSpyware\gcasDtServ.exe

C:\WINDOWS\system32\TPSBattM.exe

C:\Program\AntiVir PersonalEdition Classic\avguard.exe

C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe

C:\Program\AntiVir PersonalEdition Classic\avgnt.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

C:\Program\Messenger\msmsgs.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe

C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearchIndexer.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Delade filer\Microsoft Shared\Source Engine\OSE.EXE

C:\Documents and Settings\Sofie\Skrivbord\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://passagen.se/'>http://passagen.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR'>http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://passagen.se/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll (file missing)

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [Tvs] C:\Program\TOSHIBA\Tvs\TvsTray.exe

O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe

O4 - HKLM\..\Run: [Apoint] C:\Program\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [CeEKEY] C:\Program\TOSHIBA\E-KEY\CeEKey.exe

O4 - HKLM\..\Run: [TPNF] C:\Program\TOSHIBA\TouchPad\TPTray.exe

O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe

O4 - HKLM\..\Run: [PadTouch] C:\Program\TOSHIBA\Touch and Launch\PadExe.exe

O4 - HKLM\..\Run: [Zooming] ZoomingHook.exe

O4 - HKLM\..\Run: [TCtryIOHook] TCtrlIOHook.exe

O4 - HKLM\..\Run: [TPSMain] TPSMain.exe

O4 - HKLM\..\Run: [smoothView] C:\Program\TOSHIBA\Toshibas zoomningsfunktion\SmoothView.exe

O4 - HKLM\..\Run: [TFncKy] TFncKy.exe

O4 - HKLM\..\Run: [HWSetup] C:\Program\TOSHIBA\TOSHIBA Applet\HWSetup.exe hwSetUP

O4 - HKLM\..\Run: [sVPWUTIL] C:\Program\Toshiba\Windows Utilities\SVPWUTIL.exe SVPwUTIL

O4 - HKLM\..\Run: [TOSHIBA Accessibility] C:\Program\TOSHIBA\Accessibility\FnKeyHook.exe

O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [MMTray] "C:\Program\Musicmatch\Musicmatch Jukebox\mm_tray.exe"

O4 - HKLM\..\Run: [mmtask] "C:\Program\Musicmatch\Musicmatch Jukebox\mmtask.exe"

O4 - HKLM\..\Run: [OpwareSE2] "C:\Program\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"

O4 - HKLM\..\Run: [avgnt] "C:\Program\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [TOSCDSPD] C:\Program\TOSHIBA\TOSCDSPD\toscdspd.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [incrediMail] C:\Program\IncrediMail\bin\IncMail.exe /c

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Windows Desktop Search.lnk = C:\Program\MSN Toolbar Suite\DS\02.05.0001.1119\en-us\bin\WindowsSearch.exe

O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\Program\INCRED~1\bin\resources\WebMenuImg.htm

O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: &MSN Search - res://C:\Program\MSN Toolbar Suite\TB\02.05.0001.1119\en-us\msntb.dll/search.htm

O8 - Extra context menu item: &Translate English Word - res://C:\Program\Google\GoogleToolbar1.dll/cmwordtrans.html

O8 - Extra context menu item: Backward Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open in new background tab - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/229?91d7636062154c348f2d56742ad7e686

O8 - Extra context menu item: Open in new foreground tab - res://C:\Program\MSN Toolbar Suite\TAB\02.05.0001.1119\en-us\msntabres.dll/230?91d7636062154c348f2d56742ad7e686

O8 - Extra context menu item: Similar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate Page into English - res://C:\Program\Google\GoogleToolbar1.dll/cmtrans.html

O12 - Plugin for .mpeg: C:\Program\Internet Explorer\PLUGINS\npqtplugin3.dll

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1134210839296

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: NavLogon - C:\WINDOWSO20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AntiVir Scheduler (AntiVirScheduler) - H+BEDV Datentechnik GmbH - C:\Program\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program\TOSHIBA\ConfigFree\CFSvcs.exe

 

Förstår inte det med smitrem log?/soffi51!

 

Link to comment
Share on other sites

 

Skicka smitrem loggen den finns här C:\smitfiles.txt

 

Glöm inte detta när du skickar loggar:

 

När du har klistrat in loggen så måla\markera den och klicka på LOG knappen och sen skicka."

 

 

Link to comment
Share on other sites

 

smitRem © log file

version 2.8

 

by noahdfear

 

 

Microsoft Windows XP [Version 5.1.2600]

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

checking for ShudderLTD key

 

ShudderLTD key not present!

 

checking for PSGuard.com key

 

 

PSGuard.com key not present!

 

spyaxe uninstaller NOT present

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

Existing Pre-run Files

 

 

~~~ Program Files ~~~

 

 

 

~~~ Shortcuts ~~~

 

 

 

~~~ Favorites ~~~

 

 

 

~~~ system32 folder ~~~

 

 

 

~~~ Icons in System32 ~~~

 

 

 

~~~ Windows directory ~~~

 

 

 

~~~ Drive root ~~~

 

 

~~~ Miscellaneous Files/folders ~~~

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03

Copyright© 2002-2003 Craig.Peacock@beyondlogic.org

Killing PID 1840 'explorer.exe'

 

Starting registry repairs

 

Deleting files

 

 

Remaining Post-run Files

 

 

~~~ Program Files ~~~

 

 

 

~~~ Shortcuts ~~~

 

 

 

~~~ Favorites ~~~

 

 

 

~~~ system32 folder ~~~

 

 

 

~~~ Icons in System32 ~~~

 

 

 

~~~ Windows directory ~~~

 

 

 

~~~ Drive root ~~~

 

 

 

~~~ Miscellaneous Files/folders ~~~

 

 

 

 

~~~ Wininet.dll ~~~

 

CLEAN! :)

/så här!Soffi51!

 

Link to comment
Share on other sites

Loggar är ok.

Körde du smitrem i felsäkert läge.

 

> Vet inte,ikonen är kvar?????/<

 

Kan du beskriva lite tydligare ploppar det up nån meddelande eller.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...