Spywarefri Forum | Har fået CoolWebSearch igen

Har fået CoolWebSearch igen

[ Ignorer ] mola
05.02.2005 23:39:26 Antal indlæg: 13	Hej Spywarefri. Jeg er så “heldig” at have fået CoolWebSearch igen. (Samt NeededWare) I har tidligere hjulpet mig med at fjerne den. Vil I igen? Jeg bruger SpySweeper og Symantec Antivirus (registrerede versioner). Har desuden installeret IE spyad og SpywareBlaster og har hardware firewall, men den kom ind alligevel.[:(!] Her er min HijackThis log: Logfile of HijackThis v1.99.0 Scan saved at 21:29:12, on 05-02-2005 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:/WINDOWS/System32/smss.exe C:/WINDOWS/system32/csrss.exe C:/WINDOWS/system32/winlogon.exe C:/WINDOWS/system32/services.exe C:/WINDOWS/system32/lsass.exe C:/WINDOWS/System32/Ati2evxx.exe C:/WINDOWS/system32/svchost.exe C:/WINDOWS/system32/svchost.exe C:/WINDOWS/System32/svchost.exe C:/WINDOWS/System32/svchost.exe C:/WINDOWS/System32/svchost.exe C:/Programmer/Fælles filer/Symantec Shared/ccSetMgr.exe C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe C:/WINDOWS/system32/spoolsv.exe C:/Programmer/Symantec AntiVirus/DefWatch.exe C:/Programmer/Fælles filer/Microsoft Shared/VS7DEBUG/MDM.EXE C:/Programmer/Symantec AntiVirus/Rtvscan.exe C:/WINDOWS/System32/alg.exe C:/WINDOWS/system32/wscntfy.exe C:/WINDOWS/Explorer.EXE C:/Programmer/Java/j2re1.4.2_03/bin/jusched.exe C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe C:/WINDOWS/SOUNDMAN.EXE C:/WINDOWS/system32/pctspk.exe C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe C:/PROGRA~1/SYMANT~1/VPTray.exe C:/Programmer/Synaptics/SynTP/SynTPLpr.exe C:/Programmer/Synaptics/SynTP/SynTPEnh.exe C:/WINDOWS/system32/ctfmon.exe C:/Programmer/Webroot/Spy Sweeper/SpySweeper.exe C:/Programmer/Internet Explorer/iexplore.exe C:/EDB/Sikkerhed/HijackThis/hijackthis.exe R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.spywarefri.dk/ R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:/programmer/google/googletoolbar1.dll O3 - Toolbar: &Google; - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:/programmer/google/googletoolbar1.dll O4 - HKLM/../Run: [SunJavaUpdateSched] C:/Programmer/Java/j2re1.4.2_03/bin/jusched.exe O4 - HKLM/../Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe O4 - HKLM/../Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM/../Run: [PCTVOICE] pctspk.exe O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe” O4 - HKLM/../Run: [vptray] C:/PROGRA~1/SYMANT~1/VPTray.exe O4 - HKLM/../Run: [NeroFilterCheck] C:/WINDOWS/system32/NeroCheck.exe O4 - HKLM/../Run: [SynTPLpr] C:/Programmer/Synaptics/SynTP/SynTPLpr.exe O4 - HKLM/../Run: [SynTPEnh] C:/Programmer/Synaptics/SynTP/SynTPEnh.exe O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/system32/ctfmon.exe O4 - HKCU/../Run: [SpySweeper] “C:/Programmer/Webroot/Spy Sweeper/SpySweeper.exe” /0 O8 - Extra context menu item: &Google; Search - res://C:/Programmer/Google/GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward Links - res://C:/Programmer/Google/GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:/Programmer/Google/GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/OFFICE11/EXCEL.EXE/3000 O8 - Extra context menu item: Similar Pages - res://C:/Programmer/Google/GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://C:/Programmer/Google/GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/Programmer/Java/j2re1.4.2_03/bin/npjpi142_03.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/Programmer/Java/j2re1.4.2_03/bin/npjpi142_03.dll O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:/PROGRA~1/MICROS~2/OFFICE11/REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe O23 - Service: Ati HotKey Poller - Unknown - C:/WINDOWS/System32/Ati2evxx.exe O23 - Service: Symantec Event Manager - Symantec Corporation - C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe O23 - Service: Symantec Password Validation - Symantec Corporation - C:/Programmer/Fælles filer/Symantec Shared/ccPwdSvc.exe O23 - Service: Symantec Settings Manager - Symantec Corporation - C:/Programmer/Fælles filer/Symantec Shared/ccSetMgr.exe O23 - Service: Symantec AntiVirus Definition Watcher - Symantec Corporation - C:/Programmer/Symantec AntiVirus/DefWatch.exe O23 - Service: SAVRoam - symantec - C:/Programmer/Symantec AntiVirus/SavRoam.exe O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:/Programmer/Fælles filer/Symantec Shared/SNDSrvc.exe O23 - Service: Symantec AntiVirus - Symantec Corporation - C:/Programmer/Symantec AntiVirus/Rtvscan.exe Med venlig hilsen Morten
[ Ignorer ] [ # 1 ] Andersenph TeamSpywarefri
05.02.2005 23:50:29 Redaktør Supporter Emeritus Antal indlæg: 4797	Hejsa Mola Det lyder underligt, at du skulle have fået CWS igen. Din log er ren nemlig. Hent den her scanner: http://www.spywareinfo.dk/download/mwav.exe Sæt flueben i følgende: Memory, Startup folders, drive, Registry, System folders og Services. Sæt prik i følgende: All local drives og Scan all files Og så trykker du på Scan Clean Den skanner nu, og dette kan godt tage et par timer. Hvad finder den?
[ Ignorer ] [ # 2 ] Bertie TeamSpywarefri
15.07.2005 23:24:08 Redaktør Team Spywarefri Antal indlæg: 10177	Lukkes på grund af manglende aktivitet.