Spywarefri Forum | ilead.itrack.it problemer

ilead.itrack.it problemer

[ Ignorer ] BirgF
05.02.2005 20:05:30 Antal indlæg: 1	Logfile of HijackThis v1.99.0 Scan saved at 17:56:45, on 05-02-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:/WINDOWS/System32/smss.exe C:/WINDOWS/system32/winlogon.exe C:/WINDOWS/system32/services.exe C:/WINDOWS/system32/lsass.exe C:/WINDOWS/system32/svchost.exe C:/WINDOWS/System32/svchost.exe C:/WINDOWS/system32/spoolsv.exe C:/Program Files/Network Associates/VirusScan/Avsynmgr.exe C:/Program Files/Common Files/Microsoft Shared/VS7Debug/mdm.exe C:/Program Files/Network Associates/VirusScan/VsStat.exe C:/WINDOWS/System32/svchost.exe C:/Program Files/Network Associates/VirusScan/Vshwin32.exe C:/Program Files/Common Files/Network Associates/McShield/Mcshield.exe C:/Program Files/Network Associates/VirusScan/Webscanx.exe C:/Program Files/Network Associates/VirusScan/Avconsol.exe C:/WINDOWS/Explorer.EXE C:/Program Files/Winamp/Winampa.exe C:/Program Files/D-Tools/daemon.exe C:/Program Files/MSN Apps/Updater/01.02.3000.1001/en-gb/msnappau.exe C:/WINDOWS/system32/ctfmon.exe C:/Program Files/MSN Messenger/MsnMsgr.Exe C:/Program Files/Skype/Phone/Skype.exe C:/Program Files/Logitech/SetPoint/KEM.exe C:/Program Files/WinZip/WZQKPICK.EXE C:/Program Files/Logitech/SetPoint/KHALMNPR.EXE C:/WINDOWS/system32/devldr32.exe C:/Program Files/Internet Explorer/iexplore.exe D:/Birgitte/download ting/hijackthis.exe R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://best-search.cc/search.php?v=6&aff=3972664 R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Page = http://best-search.cc/index.php?v=6&aff=3972664 R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.msn.dk/ R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page_bak = http://best-search.cc/index.php?v=6&aff=3972664 O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - C:/WINDOWS/ZServ.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Program Files/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Program Files/Spybot - Search & Destroy/SDHelper.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:/Program Files/MSN Apps/ST/01.02.3000.1002/en-xu/stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:/Program Files/MSN Apps/MSN Toolbar/01.02.3000.1001/en-gb/msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:/Program Files/MSN Apps/MSN Toolbar/01.02.3000.1001/en-gb/msntb.dll O4 - HKLM/../Run: [WinampAgent] “C:/Program Files/Winamp/Winampa.exe” O4 - HKLM/../Run: [zBrowser Launcher] C:/Program Files/Logitech/iTouch/iTouch.exe O4 - HKLM/../Run: [NeroFilterCheck] C:/WINDOWS/system32/NeroCheck.exe O4 - HKLM/../Run: [msnappau] “C:/Program Files/MSN Apps/Updater/01.02.3000.1001/en-gb/msnappau.exe” O4 - HKLM/../Run: [farmmext] C:/WINDOWS/farmmext.exe O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/system32/ctfmon.exe O4 - HKCU/../Run: [MsnMsgr] “C:/Program Files/MSN Messenger/MsnMsgr.Exe” /background O4 - HKCU/../Run: [sysinfo] sysinfo.exe O4 - HKCU/../Run: [Skype] “C:/Program Files/Skype/Phone/Skype.exe” /nosplash /minimized O4 - Global Startup: Logitech SetPoint.lnk = C:/Program Files/Logitech/SetPoint/KEM.exe O4 - Global Startup: Microsoft Office.lnk = C:/Program Files/Microsoft Office/Office10/OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:/Program Files/WinZip/WZQKPICK.EXE O8 - Extra context menu item: E&xport; to Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Program Files/Messenger/msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Program Files/Messenger/msmsgs.exe O16 - DPF: Yahoo! Canasta - http://download.games.yahoo.com/games/clients/y/yt1_x.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/games/web_games/popcap/insaniquarium/popcaploader_v6.cab O23 - Service: AVSync Manager - Unknown - C:/Program Files/Network Associates/VirusScan/Avsynmgr.exe O23 - Service: McShield - Unknown - C:/Program Files/Common Files/Network Associates/McShield/Mcshield.exe
[ Ignorer ] [ # 1 ] Andersenph TeamSpywarefri
05.02.2005 23:04:12 Redaktør Supporter Emeritus Antal indlæg: 4797	Hejsa BirgF Hent og opdater Ad-Aware: http://www.spywarefri.dk/vaerktoj.htm#adaware Programmet samt brugervejledning på dansk finder du her: http://www.spywarefri.dk/vaerktoj.htm#adaware Følg også vejledningen her til udvidet søgning: http://www.spywarefri.dk/tipsogtricks.htm#adaware Sæt lige de indstillinger korrekt, så det er klar til brug senere. ——————————————————————————————————— Følg vejledningen her: http://www.spywarefri.dk/hjtanv.htm (punkt 6). Fix disse med HijackThis: R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://best-search.cc/search.php?v=6&aff=3972664 R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Page = http://best-search.cc/index.php?v=6&aff=3972664 R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page_bak = http://best-search.cc/index.php?v=6&aff=3972664 O2 - BHO: ZServObj Class - {00000000-C1EC-0345-6EC2-4D0300000000} - C:/WINDOWS/ZServ.dll O4 - HKLM/../Run: [farmmext] C:/WINDOWS/farmmext.exe O4 - HKCU/../Run: [sysinfo] sysinfo.exe —————————————————————————————————————————————————————————————— Vi skal kunne se dine skjulte filer for at finde snavs, der skal slettes manuelt. Det er en del af processen. Åbn en tilfældig mappe, klik på Funktioner=>Mappeindstillinger=>Vis. Fjern flueben ved “Skjul beskyttede operativsystemfiler”. Fjern flueben ved “Skjul filtypenavne for kendte filtyper”. Sæt prik i “Vis skjulte filer og mapper”. For Windows 98 gælder: Åbn en mappe, klik på Vis=>Mappeindstillinger=>Vis. Fjern flueben i “Skjul filtypenavne for kendte filtyper”. Sæt prik i “Vis alle filer”. —————————————————————————————————————————————————————————- Disse programmer skal slettes i fejlsikret tilstand. Du genstarter og trykker F8 når Windows starter op. Søg efter disse filer: C:/WINDOWS/ZServ.dll C:/WINDOWS/farmmext.exe Søg efter disse mapper: Ingen. ————————————————————————————————— Kør så programmet Ad-aware, fjern alt hvad den finder. ————————————————————————————————— Hent den her scanner: http://www.spywareinfo.dk/download/mwav.exe Sæt flueben i følgende: Memory, Startup folders, drive, Registry, System folders og Services. Sæt prik i følgende: All local drives og Scan all files Og så trykker du på Scan Clean Den skanner nu, og dette kan godt tage et par timer. —————————————————————————————— Derefter genstarter du og sender en ny log ind til check