Gå til innhold

Hvordan fjerner man IExplorer?

Blårens

Av Blårens
i Operativsystemer

Anbefalte innlegg

Videoannonse

Videoannonse
Annonse
AKIRAx77

AKIRAx77

Skrevet
Skrevet

Eller du kan instalere Google toolbar og MS antispyware. Jeg har ingen nevneverdige problemer med spyware eller popups. Antivirus software er også viktig!

 

Men du kan jo bare instalere Opera eller Firefox, og når den spør deg om du vil bruke den browseren som standard så sier du ja. Så kan du slette alle shortcuts til IE så du eller andre ikke starter den av gammel vane.

 

AKIRA

Lenke til kommentar
Blårens

Blårens

Skrevet
  • Forfatter
Skrevet (endret)

problemet er at ie poper opp hele tiden

 

det gjør meg så irritert at noen blir drept snart

 

BTW: Jeg bruker Opera, men jeg var så dum at jeg brukte IE i 5 min :mad:

Etter de 5 minuttene var det masse spyware å drit som er umulig å fjerne

Endret av MongoMan
Lenke til kommentar
Blårens

Blårens

Skrevet
  • Forfatter
Skrevet (endret)

Kort liten log

 

Har poppa opp masse advarsler om de rdgNO2405.exe filene vet at det er spyware men når jeg sletter det kommer det på nytt

 

edit: fjerna linking i loggen

 

 

 

 

Logfile of HijackThis v1.99.1
Scan saved at 16:35:08, on 26.02.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programfiler\Norton SystemWorks\Norton GoBack\GBPoll.exe
C:\WINDOWS\System32\GEARSec.exe
C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programfiler\VIA\RAID\raid_tool.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programfiler\Logitech\Video\LogiTray.exe
C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe
C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe
C:\Programfiler\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\WINDOWS\?asks\w?auboot.exe
C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe
C:\Programfiler\Logitech\Video\FxSvr2.exe
C:\WINDOWS\SKS~1\chkntfs.exe
C:\Programfiler\Norton SystemWorks\Norton GoBack\GBTray.exe
C:\Programfiler\MSN Messenger\msnmsgr.exe
C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Morten\Mine dokumenter\opera\Opera.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\TEMP\win9C7.tmp.exe
C:\WINDOWS\TEMP\win9CC.tmp.exe
C:\WINDOWS\TEMP\win9C7.tmp.exe
C:\WINDOWS\TEMP\win9CC.tmp.exe
C:\Hijackthis\HijackThis.exe
C:\WINDOWS\TEMP\win9C7.tmp.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hw.no/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RaidTool] C:\Programfiler\VIA\RAID\raid_tool.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Progz\Daemon-Tools\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [WinampAgent] E:\Progz\Winamp\winampa.exe
O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programfiler\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [TaskSwitchXP] E:\Progz\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [Uyiwy] C:\WINDOWS\?asks\w?auboot.exe
O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"
O4 - HKCU\..\Run: [Caos] "C:\WINDOWS\SKS~1\chkntfs.exe" -vt ndrv
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = E:\Progz\Logitech\Setpoint\SetPoint.exe
O4 - Global Startup: Norton GoBack.lnk = C:\Programfiler\Norton SystemWorks\Norton GoBack\GBTray.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programfiler\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programfiler\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra button: GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - E:\Progz\GetWebPics\GetWebPics\Gwp4Ie.dll (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: Download pictures with GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - E:\Progz\GetWebPics\GetWebPics\Gwp4Ie.dll (file missing) (HKCU)
O16 - DPF: {04AEC6D3-01BA-1D60-75B9-11BA7D331115} - rdgNO2405.exe
O16 - DPF: {071D2C01-542B-345C-5706-23190310F6F3} - gdnNO1503.exe
O16 - DPF: {1707F61B-A262-170E-81D7-61E66ED1DC81} - gdnNO1503.exe
O16 - DPF: {1DD6397A-F145-7436-C100-468364748ED1} - http://69.50.173.166/1/gdnNO1503.exe
O16 - DPF: {23EE7B41-F801-237F-7748-47BF4616185E} -rdgNO2405.exe
O16 - DPF: {2CFC282F-C770-055A-C903-17273015FE30} -rdgNO2405.exe
O16 - DPF: {3A0E09D1-073B-65BF-DC08-35CA742BF157} - rdgNO2405.exe
O16 - DPF: {475453B9-9B44-5195-3559-236378514D11} - rdgNO2405.exe
O16 - DPF: {4C61892F-6A13-5FB2-2BDD-33D7394207C9} - rdgNO2405.exe
O16 - DPF: {4EDD7E56-3BAA-13B6-D0D4-4A6A2FE914A6} - rdgUS2405.exe
O16 - DPF: {574D7A70-C25A-0CF4-AB69-77067864EC65} - rdgNO2405.exe
O16 - DPF: {6149D8FF-B7E4-4D79-22A8-7D0C357B9A9D} - rdgNO2405.exe
O16 - DPF: {67627311-ECA9-7912-E984-512B3C1DEC1D} - rdgNO2405.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O16 - DPF: {7F9C88F2-163F-7277-1ACB-1DB15F02A2AE} - http://69.50.173.166/1/rdgNO2405.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: winxtx32 - C:\WINDOWS\SYSTEM32\winxtx32.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Norton Internet Security\comHost.exe
O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Programfiler\Norton SystemWorks\Norton GoBack\GBPoll.exe
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe
O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

 

Endret av MongoMan
Lenke til kommentar
Pozzolan

Pozzolan

Skrevet
Skrevet (endret)

Uff! Det var mye :no:

 

Du kan begynne med å fjerne følgende:

C:\WINDOWS\?asks\w?auboot.exe
C:\WINDOWS\SKS~1\chkntfs.exe


R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file
O4 - HKCU\..\Run: [Uyiwy] C:\WINDOWS\?asks\w?auboot.exe
O4 - HKCU\..\Run: [Caos] "C:\WINDOWS\SKS~1\chkntfs.exe" -vt ndrv

O9 - Extra button: GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - E:\Progz\GetWebPics\GetWebPics\Gwp4Ie.dll (file missing) (HKCU) 
O9 - Extra 'Tools' menuitem: Download pictures with GetWebPics - {4B51A27A-6F76-49E5-BC45-06AE2DDD2A1A} - E:\Progz\GetWebPics\GetWebPics\Gwp4Ie.dll (file missing) (HKCU)
O16 - DPF: {04AEC6D3-01BA-1D60-75B9-11BA7D331115} - 
O16 - DPF: {071D2C01-542B-345C-5706-23190310F6F3} - 
O16 - DPF: {1707F61B-A262-170E-81D7-61E66ED1DC81} - 
O16 - DPF: {1DD6397A-F145-7436-C100-468364748ED1} - 
O16 - DPF: {23EE7B41-F801-237F-7748-47BF4616185E} - 
O16 - DPF: {2CFC282F-C770-055A-C903-17273015FE30} - 
O16 - DPF: {3A0E09D1-073B-65BF-DC08-35CA742BF157} - 
O16 - DPF: {475453B9-9B44-5195-3559-236378514D11} - 
O16 - DPF: {4C61892F-6A13-5FB2-2BDD-33D7394207C9} - 
O16 - DPF: {4EDD7E56-3BAA-13B6-D0D4-4A6A2FE914A6} - 
O16 - DPF: {574D7A70-C25A-0CF4-AB69-77067864EC65} - 
O16 - DPF: {6149D8FF-B7E4-4D79-22A8-7D0C357B9A9D} - 
O16 - DPF: {67627311-ECA9-7912-E984-512B3C1DEC1D} - 
16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123[/url]
O16 - DPF: {7F9C88F2-163F-7277-1ACB-1DB15F02A2AE} - 
O20 - Winlogon Notify: winxtx32 - C:\WINDOWS\SYSTEM32\winxtx32.dll

 

Dette gjør du i sikkermodus

 

Etter du har gjort dette så poster du en ny logg ;)

 

Edit Bedre :)

Endret av stealthy
Lenke til kommentar
eivind04

eivind04

Skrevet
Skrevet (endret)

Hvis du går inn på "control panel" (kontrollpanel), deretter legg til/ fjern programmer, så trykker du på legg til/ fjern windowskomponenter, fjerner så avmerkingen foran explorer så tror jeg den vil bli fjernet fra windows ( har bare engelsk versjon av xp så jeg tror oversettelsen til norsk er ok)

Endret av eivind04
Lenke til kommentar
Blårens

Blårens

Skrevet
  • Forfatter
Skrevet (endret)

Ny logg

 

 

Logfile of HijackThis v1.99.1

Scan saved at 17:59:32, on 26.02.2006

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Unable to get Internet Explorer version!

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Programfiler\Norton SystemWorks\Norton GoBack\GBPoll.exe

C:\WINDOWS\System32\GEARSec.exe

C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe

C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE

C:\WINDOWS\System32\svchost.exe

C:\Programfiler\VIA\RAID\raid_tool.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Programfiler\Logitech\Video\LogiTray.exe

C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe

C:\Programfiler\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Programfiler\Messenger\msmsgs.exe

C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe

C:\Programfiler\Norton SystemWorks\Norton GoBack\GBTray.exe

C:\Programfiler\Logitech\Video\FxSvr2.exe

C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\Morten\Mine dokumenter\opera\Opera.exe

C:\WINDOWS\TEMP\win9CC.tmp.exe

C:\WINDOWS\TEMP\win9C7.tmp.exe

C:\WINDOWS\TEMP\win9CC.tmp.exe

C:\WINDOWS\TEMP\win9C7.tmp.exe

C:\WINDOWS\TEMP\win9CC.tmp.exe

C:\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.hw.no/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [RaidTool] C:\Programfiler\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [DAEMON Tools] "E:\Progz\Daemon-Tools\DAEMON Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE

O4 - HKLM\..\Run: [WinampAgent] E:\Progz\Winamp\winampa.exe

O4 - HKLM\..\Run: [Norton Ghost 10.0] "C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\GhostTray.exe"

O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Programfiler\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programfiler\Logitech\Video\ManifestEngine.exe boot

O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [TaskSwitchXP] E:\Progz\TaskSwitchXP\TaskSwitchXP.exe

O4 - HKCU\..\Run: [AWMON] "C:\PROGRA~1\Lavasoft\AD-AWA~2\Ad-Watch.exe"

O4 - HKCU\..\Run: [uyiwy] C:\WINDOWS\?asks\w?auboot.exe

O4 - HKCU\..\Run: [Caos] "C:\WINDOWS\SKS~1\chkntfs.exe" -vt ndrv

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programfiler\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Logitech SetPoint.lnk = E:\Progz\Logitech\Setpoint\SetPoint.exe

O4 - Global Startup: Norton GoBack.lnk = C:\Programfiler\Norton SystemWorks\Norton GoBack\GBTray.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programfiler\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Programfiler\Norton SystemWorks\Norton Cleanup\WCQuick.lnk

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: winxtx32 - C:\WINDOWS\SYSTEM32\winxtx32.dll

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Norton Internet Security\comHost.exe

O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Programfiler\Norton SystemWorks\Norton GoBack\GBPoll.exe

O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Ghost - Symantec Corporation - C:\Programfiler\Norton SystemWorks\Norton Ghost\Agent\VProSvc.exe

O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\NPROTECT.EXE

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe

O23 - Service: SPBBCSvc - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~2\NORTON~2\SPEEDD~1\NOPDB.EXE

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe

 

 

 

Endret av MongoMan
Lenke til kommentar
Pozzolan

Pozzolan

Skrevet
Skrevet (endret)

Den ser bedre ut men det er fortsatt noe snusk igjen.

Fjern følgende i sikkermodus:

 

C:\WINDOWS\TEMP\win9CC.tmp.exe
C:\WINDOWS\TEMP\win9C7.tmp.exe
C:\WINDOWS\TEMP\win9CC.tmp.exe
C:\WINDOWS\TEMP\win9C7.tmp.exe
C:\WINDOWS\TEMP\win9CC.tmp.exe
O4 - HKCU\..\Run: [Uyiwy] C:\WINDOWS\?asks\w?auboot.exe
O4 - HKCU\..\Run: [Caos] "C:\WINDOWS\SKS~1\chkntfs.exe" -vt ndrv
O20 - Winlogon Notify: winxtx32 - C:\WINDOWS\SYSTEM32\winxtx32.dll
O18 - Protocol: talkto - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

 

Du kan også prøve å skanne med Spybot i sikkermodus

 

Håper dette tar knekken på faenskapet!!

Endret av stealthy
Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
Gå til emneliste
×
×
  • Opprett ny...