Kan noen her hjelpe meg med HJT-loggen?

[canto83]

Hei. Har problemer med popups og en irriterende searchbar-lignende ting som dukker opp hver gang jeg starter Internett Explorer.

 

Searchbaren tilhører searchweb2.com (som jeg tror jeg fikk fra msnpluss som jeg selvfølgelig har avinnstalert) og dukker opp nederst på skjermen over startlinja.

Den er alltid foran vinduene og programmene og det går ikke an å få fjerna den, noen ganger er det kun reklame med masse linker på den linja.

 

Jeg er ikke flink med pc i det hele tatt men jeg har fulgt guiden på forumet her og prøvd alle mulige typer spyware og adaware til liten nytte.

Det eneste jeg ikke har prøvd er Hijackthis fordi jeg ikke vet hva jeg bør fjerne.

 

Derfor lurer jeg på om det er noen eksperter her som vil sjekke loggen for meg hvis jeg poster den her?

Takk for oppmerksomheten.

[zjulik]

Post i vei:) Men regn med litt svartid.

[canto83]

Tusen takk for hjelpa

Her kommer loggen, tok ikke med running processes..

 

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.waaeffitughkgktssxvi.net/SsPM2y...Vnsbbk1hhE.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dagbladet.no/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Telenor Internett ADSL

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

O4 - HKLM\..\Run: [s3Hotkey] s3hotkey.exe

O4 - HKLM\..\Run: [s3TRAY2] S3Tray2.exe

O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe

O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe

O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE

O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [TouchED] C:\Programfiler\TOSHIBA\TouchED\TouchED.Exe

O4 - HKLM\..\Run: [TFNF5] TFNF5.exe

O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Programfiler\Creative\PC-CAM Center\CAMTRAY.EXE

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP

O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Programfiler\Java\jre1.5.0_05\bin\jusched.exe

O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [gcasServ] "C:\Programfiler\Microsoft AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [dmibz.exe] C:\WINDOWS\system32\dmibz.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [antiburn] C:\DOCUME~1\LUKASA~1.JOH\PROGRA~1\WAITDE~1\partmagssafe.exe

O4 - Startup: fix.bat.lnk = C:\fix.bat

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.5.0_05\bin\npjpi150_05.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe

O14 - IERESET.INF: START_PAGE_URL=http://adsl.online.no

O16 - DPF: Yahoo! Go - http://download.games.yahoo.com/games/clients/y/gt2_x.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab30149.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab

O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) - http://housecall65.trendmicro.com/housecal...ivex/hcImpl.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMesse...pDownloader.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab30149.cab

O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab30149.cab

O16 - DPF: {E13F1132-4CA0-4005-84D3-51406E27D269} (BTDownloadCtrl Control) - http://www.shockwave.com/content/thinktank...ownloadCtrl.cab

O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab30149.cab

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://chat.msn.com/bin/msnchat45.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{05B11D97-E774-4A98-85BA-3A0F3BC780EF}: NameServer = 85.255.113.115,85.255.112.70

O17 - HKLM\System\CCS\Services\Tcpip\..\{B9895B22-9D64-4600-B3DC-95BC1267ED1A}: NameServer = 85.255.113.115,85.255.112.70

O17 - HKLM\System\CS1\Services\Tcpip\..\{05B11D97-E774-4A98-85BA-3A0F3BC780EF}: NameServer = 85.255.113.115,85.255.112.70

O17 - HKLM\System\CS2\Services\Tcpip\..\{05B11D97-E774-4A98-85BA-3A0F3BC780EF}: NameServer = 85.255.113.115,85.255.112.70

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe

O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: iPodService - Apple Computer, Inc. - C:\Programfiler\iPod\bin\iPodService.exe

[berxter]

Tusen takk for hjelpa

Her kommer loggen, tok ikke med running processes..

 

 

Det synes jeg du skal, jeg..... denne var interessant ;-)

 

Bernt K

[zjulik]

Kryss av for å fikse følgende:

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.waaeffitughkgktssxvi.net/SsPM2y...Vnsbbk1hhE.html

 

O4 - HKLM\..\Run: [dmibz.exe] C:\WINDOWS\system32\dmibz.exe

 

O4 - HKCU\..\Run: [antiburn] C:\DOCUME~1\LUKASA~1.JOH\PROGRA~1\WAITDE~1\partmagssafe.exe

 

Deretter sletter du filene det refereres til i de to 04-ene. Mulig du må gjøre dette i Safe Mode.

 

Kjør et par runder m Crap Cleaner etterpå.

[canto83]

Tusen hjertelig TAKK!!

Jeg er fri fra searchweb2!!