Just nu i M3-nätverket
Jump to content

Spyaxe Spytrooper


Hermanhedning

Recommended Posts

Hermanhedning

Kan någon hjälpa mej med att fixa bort det här skräpet. Hur vågar någon ställa till så mkt trassel och samtidigt försöka sälja program. De borde ju bombas..

 

Skickar med min loggfil eftersom alla andra har gjort det. Jag blir mycket tacksam om någon kan hjälpa mej..

 

Tack på förhand.

 

Loggfilen följer NEDAN!!!

 

Logfile of HijackThis v1.99.1

Scan saved at 19:03:17, on 2005-12-13

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\drivers\CDAC11BA.EXE

C:\Program\McAfee\McAfee AntiSpyware\Msssrv.exe

C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\nvctrl.exe

C:\WINDOWS\system32\mssearchnet.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program\D-Tools\daemon.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\program\mcafee.com\agent\mcagent.exe

C:\Program\McAfee.com\Agent\McRegWiz.exe

C:\Program\McAfee\McAfee AntiSpyware\MssCli.exe

C:\WINDOWS\system32\svcnet.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Messenger\msmsgs.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Yahoo!\Messenger\ymsgr_tray.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program\Netscape\Netscape Browser\netscape.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Documents and Settings\Sambo\Skrivbord\Hijack\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpD1B2.tmp

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll (file missing)

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program\Yahoo!\Companion\Installs\cpn\yt.dll

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [MCAgentExe] c:\program\mcafee.com\agent\mcagent.exe

O4 - HKLM\..\Run: [MCUpdateExe] C:\program\mcafee.com\agent\mcupdate.exe

O4 - HKLM\..\Run: [McRegWiz] C:\Program\McAfee.com\Agent\McRegWiz.exe /autorun

O4 - HKLM\..\Run: [_AntiSpyware] C:\Program\McAfee\McAfee AntiSpyware\MssCli.exe

O4 - HKLM\..\Run: [shellapi32] svcnet.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program\Yahoo!\Messenger\ypager.exe -quiet

O4 - HKCU\..\Run: [shellapi32] svcnet.exe

O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program\Yahoo!\Common/ycsrch.htm

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program\Yahoo!\Common/ycdict.htm

O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program\Yahoo!\Common/ycmap.htm

O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program\Yahoo!\Common/ycsms.htm

O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program\Yahoo!\Common\yiesrvc.dll (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab

O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System Class) - http://download.mcafee.com/molbin/shared/mcinsctl/en-us/4,0,0,84/mcinsctl.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{BA8CA5B5-5E8F-464B-A8E7-0A6CA4EAF9E3}: NameServer = 213.150.135.211 195.58.103.21

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE

O23 - Service: McAfee AntiSpyware Real-Time Scanner (McAfeeAntiSpyware) - Network Associates, Inc. - C:\Program\McAfee\McAfee AntiSpyware\Msssrv.exe

O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - Networks Associates Technology, Inc - C:\Program\McAfee.com\Agent\mcupdmgr.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

 

 

/Hermanhedning

 

Link to comment
Share on other sites

 

Skapa en ny mapp på C:\ och placera HijackThis.exe dit så C:\HjT\HijackThis.exe

 

 

Ladda ner smitrem.exe på skrivbordet

 

http://noahdfear.geekstogo.com/click%20counter/click.php?id=1

 

[log]Dubbelklicka på den och klicka Start så får du smitrem mappen på skrivbordet

 

Starta sen i felsäkert läge

 

Scanna med Hijack bocka i dessa rader om dom finns och klicka Fix checked

 

O2 - BHO: HomepageBHO - {1ca480cd-c0e5-4548-874e-b85b17905b3a} - C:\WINDOWS\system32\hpD1B2.tmp

O4 - HKLM\..\Run: [shellapi32] svcnet.exe

O4 - HKCU\..\Run: [shellapi32] svcnet.exe

 

Sen ta bort med dolda filer synliga om hittas

 

svcnet.exe

 

Sen öppna smitRem-mappen, dubbelklicka på RunThis.bat filen och följ anvisningarna.

Starta sen normalt och skicka smitrem logg ( C:\smitfiles.txt) och ny Hijack logg.

 

Glöm inte detta när du skickar loggar:

 

När du har klistrat in loggen så måla\markera den och klicka på LOG knappen och sen skicka."[/log]

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...