Well here is my hjt logfile: Logfile of HijackThis v1.99.1 Scan saved at 22:48:48, on 18.08.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINNT\System32\smss.exe In the next window that opens, click the Stop button, then click on properties and under the General Tab, change the Startup Type to Disabled.

Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exeO4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /trayO4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] Von zaqw127 im Forum Archiv Antworten: 1 Letzter Beitrag: 24.07.2005, 20:25 My Logfile...is there anything wrong? Follow the onscreen prompts to start the scan.Once the scanning process has started please DO NOT click on the combofix window or attempt to use your computer as this can cause Once booted in to Safe Mode: * Run ATF-Cleaner - Double-click ATF-Cleaner.exe to open the program. - Under Main choose: Select All - Click the Empty Selected button.

These entries all indicate spyware you need to remove these entries and then run a scan so they dont re add themselves:- O8 - Extra context menu item: AVG is a good anti virus option and its free which is a bonus.

Is my proof correct? (Limits) What's the difference betwen " and ' - and when to use it? Typically there are two ... Several functions may not work. http://www.hijackthis-forum.de/archiv/23943-heres-my-logfile-please-help-me-whats-wrong-picture.html Typical Google could start sending up custom JavaScript from JavaScript repository.

Please Help Me... It is very important to get the updates When updating has finished, close Ewido. * Please download VundoFix.exe to your desktop. share|improve this answer edited Nov 23 '16 at 14:04 answered Nov 23 '16 at 13:46 Kalavan 4368 Thank you, at least I have a basis to work on! On this page you will find links to Javacool's SpywareBlaster and SpywareGuard.

a) can your system chrash down if more then 1 antvirus are running at the same time b) especially Norton is slowing down your pc. My Norton service has another 3 months to run, but now I am seriously considering switching internet security providers. But eventually I downloaded the Kaspersky AVZ tool, for people who do not have a Kaspersky product installed, that is referred to by the moderator near the start of this tread.

Run CW-Shredder - Hit the FIX button - let it run and fix what it finds.11. Put a check mark at and install all updates. Do you really need always all these programs? Newer Than: Search this thread only Search this forum only Display results as threads Useful Searches Recent Posts More...

Make sure these 3 are checked and then press *ok* to remove:Download the ccleanerI use this Program and is setup like this all boxs are check.Clean out all temp files in The offending URL is for sc.videofreeforonline.com.I've followed the instructions given so far as best I can, and have attached a avz_sysinfo.zip to this post.Some help as to what to do next David Huynh 7.10.2008 14:09 QUOTE(richbuff @ 7.10.2008 06:55) Run this script, instructions in same link above, PC will reboot:CODEbeginSetAVZGuardStatus(True);SearchRootkit(true, true); DelBHO('{6599A965-FA2D-41CD-95B1-13140F1CF8A3}'); QuarantineFile('C:\Windows\system32\rgf.dll',''); DeleteFile('C:\Windows\system32\rgf.dll');BC_ImportDeletedList;ExecuteSysClean;BC_Activate;RebootWindows(true);end.Then, post a combofix log:Download it here -> http://download.bleepingcomputer.com/sUBs/ComboFix.exe

Then go here http://spybot.eon.net.au/index.php?lang=en&page=download and download Spybot. Then I noticed the problem with navigating the file system and explorer, described by others in this forum.I searched on the name of the site the malware was forcing my browser

Get them both and check for updates frequently.

My connections log file is structured as follows: hostname direction timestamp bps Here's a fragment of my log file: www.youtube.com DOWNLOAD 1479897661131903 23508910 www.youtube.com UPLOAD

I'll see if I can make the changes. 31.07.2007,09:41 #5 Ruby Supermod a.D. Wait again a few minutes and Ewido Should Auto update itself. here's my log file again, pls help me now! Close all browser windows and "Fix checked" R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchbar.findthewebsiteyouneed.com/ O2 - BHO: (no name) - {136A9D1D-1F4B-43D4-8359-6F2382449255} - (no file) O3 - Toolbar: &WebTrad - {7056E733-8C57-4E4E-9085-E50DE6F3374E} - D:\ALEX\Software\IEETRADBANDS.DLL

I checked it for viruses with Norton and it came up clean. Several functions may not work. WHAT'S WRONG WITH THIS PICTURE!??!?! Logfile of HijackThis v1.99.1 Scan saved at 10:39:27 AM, on 7/19/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe

Restart your computer. Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dllO2 - BHO: &Yahoo! Audio Conferencing) - http://cs8.chat.sc5.yahoo.com/v45/yacscom.cab O16 - DPF: {CC05BC12-2AA2-4AC7-AC81-0E40F83B1ADF} (Live365Player Class) - http://www.live365.com/players/play365.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FE1DEE54-461C-4F86-B582-F0A7AFD6C1C4}: NameServer = Shanti, Oct I´m pretty sure you can run every single of these programs by manual starting -if you need it.

Pager"=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2004-08-04 1667584]C:\Documents and Settings\All Users\Start Menu\Programs\StartupAdobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeHP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exetisspwiz.lnk - C:\Program Files\Trend Micro\Internet Security\tisspwiz.exeC:\Documents and Settings\SkYFer\Start

Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quietO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: