Just nu i M3-nätverket
Jump to content

Vad är detta?


Ulsy

Recommended Posts

Hej!

Har fått något galet i datorn. Det jag kan förknippa till detta är:

StarPage.gr.dll

Dldr.TW.DLL

se.dll

 

Vad kan detta vara?

 

Link to comment
Share on other sites

Här är loggen från hijack this. Hur gör vi nu?

 

[log]

Logfile of HijackThis v1.99.1

Scan saved at 17:14:15, on 2005-03-30

Platform: Windows 2000 SP4 (WinNT 5.00.2195)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINNT\System32\smss.exe

C:\WINNT\system32\winlogon.exe

C:\WINNT\system32\services.exe

C:\WINNT\system32\lsass.exe

C:\WINNT\system32\svchost.exe

C:\WINNT\system32\spoolsv.exe

C:\Program\AVPersonal\AVGUARD.EXE

C:\Program\AVPersonal\AVWUPSRV.EXE

C:\WINNT\System32\svchost.exe

C:\WINNT\system32\gearsec.exe

C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe

C:\Program\VeriSign\NAVI\naviagent.exe

C:\WINNT\system32\regsvc.exe

C:\WINNT\system32\MSTask.exe

C:\WINNT\system32\stisvc.exe

C:\WINNT\System32\WBEM\WinMgmt.exe

C:\WINNT\System32\mspmspsv.exe

C:\WINNT\system32\svchost.exe

C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

C:\WINNT\Explorer.EXE

C:\WINNT\system32\Smtray.exe

C:\WINNT\system32\Promon.exe

C:\WINNT\system32\spool\DRIVERS\W32X86\2\WPSC3PSW.EXE

C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

C:\Program\QuickTime\qttask.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Delade filer\Real\Update_OB\realsched.exe

C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe

C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe

C:\Program\iPod\bin\iPodService.exe

C:\Program\Delade filer\eAcceleration\eanthology.exe

C:\Program\AVPersonal\AVGNT.EXE

C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe

C:\WINNT\system32\ctfmon.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe

C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

C:\Program\Palm\HOTSYNC.EXE

C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\WINNT\System32\HPZipm12.exe

C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\Documents and Settings\SMR\Skrivbord\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll

R3 - URLSearchHook: transURL Class - {C7EDAB2E-D7F9-11D8-BA48-C79B0C409D70} - C:\WINNT\System32\SEARCH~1.DLL (file missing)

O1 - Hosts: 60.50.170.0

O1 - Hosts: 60.50.170.0

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx

O2 - BHO: BL Class - {28F65FCB-D130-11D8-BA48-8BE0C49AF370} - (no file)

O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll

O2 - BHO: (no name) - {FF12D6BB-2C49-4647-B29A-26C76D3C8EE4} - C:\WINNT\system32\omja.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINNT\Downloaded Program Files\googlenav.dll

O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon

O4 - HKLM\..\Run: [smapp] Smtray.exe

O4 - HKLM\..\Run: [iMONTRAY] C:\Program Files\Intel\Intel® Active Monitor\imontray.exe

O4 - HKLM\..\Run: [Promon.exe] Promon.exe

O4 - HKLM\..\Run: [WpsRePsw] C:\WINNT\System32\spool\DRIVERS\W32X86\2\WpsRePsw.EXE

O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [Opware12] "C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe"

O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll,DllInstall

O4 - HKLM\..\Run: [EanthologyApp] "C:\Program\Delade filer\eAcceleration\eanthology.exe" /b Startup

O4 - HKLM\..\Run: [AVGCtrl] "C:\Program\AVPersonal\AVGNT.EXE" /min

O4 - HKLM\..\Run: [CreateCD] C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r

O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe

O4 - Startup: HotSync Manager.lnk = C:\Program\Palm\HOTSYNC.EXE

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: officejet 6100.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe

O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe

O8 - Extra context menu item: &Google Search - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Si&milar Pages - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsimilar.html

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra button: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp'>http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)

O9 - Extra 'Tools' menuitem: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)

O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll

O9 - Extra 'Tools' menuitem: i-Nav - alternativ - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://212.209.141.125/iNotes6.cab

O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/sv/big/1.1.62-big/GoogleNav.cab

O16 - DPF: {DF261D01-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v2.1 [sVE]) - https://eredovisning2.postgirot.se/ddrint/content/iejpwsve.cab

O16 - DPF: {DF261D07-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v1.3 [ENU]) - https://eredovisning.postgirot.se/ddrint/work/iedpwenu.cab

O18 - Filter: text/html - {6C43AA0E-8373-4A23-9C9D-D921E879A135} - C:\WINNT\system32\omja.dll

O18 - Filter: text/plain - {6C43AA0E-8373-4A23-9C9D-D921E879A135} - C:\WINNT\system32\omja.dll

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program\AVPersonal\AVGUARD.EXE

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program\AVPersonal\AVWUPSRV.EXE

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe

O23 - Service: Gear-säkerhetstjänster (GEARSecurity) - GEAR Software - C:\WINNT\system32\gearsec.exe

O23 - Service: Intel® Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel® Active Monitor\imonnt.exe

O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe

O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program\VeriSign\NAVI\naviagent.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe

[/log]

 

Link to comment
Share on other sites

Har nu kört SpSeHjfix110.exe och fixat lite i felsäkertläge.

 

Här är en ny Hijack logg:

 

SpSeHjfix110.exe
Logfile of HijackThis v1.99.1
Scan saved at 21:27:17, on 2005-03-30
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program\AVPersonal\AVGUARD.EXE
C:\Program\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\gearsec.exe
C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Program\VeriSign\NAVI\naviagent.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Smtray.exe
C:\WINNT\system32\Promon.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\2\WPSC3PSW.EXE
C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe
C:\Program\iPod\bin\iPodService.exe
C:\Program\AVPersonal\AVGNT.EXE
C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\WINNT\system32\ctfmon.exe
C:\Program\WinZip\WZQKPICK.EXE
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program\Palm\HOTSYNC.EXE
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINNT\System32\HPZipm12.exe
C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRAM\WINZIP\winzip32.exe
C:\Documents and Settings\SMR\Lokala inställningar\Temp\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
R3 - URLSearchHook: transURL Class - {C7EDAB2E-D7F9-11D8-BA48-C79B0C409D70} - C:\WINNT\System32\SEARCH~1.DLL (file missing)
O1 - Hosts: 60.50.170.0
O1 - Hosts: 60.50.170.0
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: BL Class - {28F65FCB-D130-11D8-BA48-8BE0C49AF370} - (no file)
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINNT\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [smapp] Smtray.exe
O4 - HKLM\..\Run: [iMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [WpsRePsw] C:\WINNT\System32\spool\DRIVERS\W32X86\2\WpsRePsw.EXE
O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Opware12] "C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [AVGCtrl] C:\Program\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [CreateCD] C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: HotSync Manager.lnk = C:\Program\Palm\HOTSYNC.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Google Search - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm
O9 - Extra button: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: i-Nav - alternativ - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://212.209.141.125/iNotes6.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/sv/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {DF261D01-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v2.1 [sVE]) - https://eredovisning2.postgirot.se/ddrint/content/iejpwsve.cab
O16 - DPF: {DF261D07-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v1.3 [ENU]) - https://eredovisning.postgirot.se/ddrint/work/iedpwenu.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program\AVPersonal\AVWUPSRV.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Gear-säkerhetstjänster (GEARSecurity) - GEAR Software - C:\WINNT\system32\gearsec.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe

 

Var gång jag öppnar en IE eller utforskaren kommer ett meddelande om att "De aktuella säkerhetsinställningarna tillåter inte att Active-X-kontroller körs på den här sidan"

Vad gör man åt det?

 

 

Link to comment
Share on other sites

 

Skapa en ny mapp på C:\ och placera HijackThis.exe dit så C:\HjT\HijackThis.exe

 

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och alla andra öppna fönster och klicka FIX checked

 

 

[log]R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\SMR\LOKALA~1\Temp\se.dll/spage.html

R3 - URLSearchHook: transURL Class - {C7EDAB2E-D7F9-11D8-BA48-C79B0C409D70} - C:\WINNT\System32\SEARCH~1.DLL (file missing)

O1 - Hosts: 60.50.170.0

O1 - Hosts: 60.50.170.0

O2 - BHO: BL Class - {28F65FCB-D130-11D8-BA48-8BE0C49AF370} - (no file)

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm

 

 

Sen töm denna Temp mappen

 

C:\DOCUME~1\SMR\LOKALA~1\Temp\ <

 

 

> Vad gör man åt det? <

 

Tror att det är nån inställning här

 

Verktyg > Internet-alternativ > Säkerhet

 

Vet inte exakt vilken,pröva med Normal[/log]

 

Link to comment
Share on other sites

Tack!

Nu har jag "fixat" de rader som Du skrev.

Har fortfarande problem när jag går in i utforskaren, mapparna på vänstersidan syns men jag kan inte se filerna på höger sida och så kommer samma medelande upp som tidigare.

 

Här är senaste logg:

 

Logfile of HijackThis v1.99.1
Scan saved at 22:37:02, on 2005-03-30
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program\AVPersonal\AVGUARD.EXE
C:\Program\AVPersonal\AVWUPSRV.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\gearsec.exe
C:\Program\Delade filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Program\VeriSign\NAVI\naviagent.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\Smtray.exe
C:\WINNT\system32\Promon.exe
C:\WINNT\system32\spool\DRIVERS\W32X86\2\WPSC3PSW.EXE
C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe
C:\Program\iPod\bin\iPodService.exe
C:\Program\AVPersonal\AVGNT.EXE
C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\WINNT\system32\ctfmon.exe
C:\Program\WinZip\WZQKPICK.EXE
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
C:\Program\Palm\HOTSYNC.EXE
C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINNT\System32\HPZipm12.exe
C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\PROGRAM\WINZIP\winzip32.exe
C:\HjT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.aftonbladet.se/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Acrobat\ActiveX\AcroIEHelper.ocx
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINNT\Downloaded Program Files\googlenav.dll
O4 - HKLM\..\Run: [synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [smapp] Smtray.exe
O4 - HKLM\..\Run: [iMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [WpsRePsw] C:\WINNT\System32\spool\DRIVERS\W32X86\2\WpsRePsw.EXE
O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [Opware12] "C:\Program\ScanSoft\OmniPagePro12.0\Opware12.exe"
O4 - HKLM\..\Run: [AVGCtrl] C:\Program\AVPersonal\AVGNT.EXE /min
O4 - HKLM\..\Run: [CreateCD] C:\Program\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: HotSync Manager.lnk = C:\Program\Palm\HOTSYNC.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE
O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe
O4 - Global Startup: officejet 6100.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hposol08.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 5.0\Distillr\AcroTray.exe
O8 - Extra context menu item: &Google Search - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmcache.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\WINNT\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 - Extra button: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra 'Tools' menuitem: i-Nav hjälp - {CE000992-A58C-4441-8938-744CD72AB27F} - http://idn.verisign-grs.com/plug-in/support/index.jsp (file missing)
O9 - Extra button: (no name) - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O9 - Extra 'Tools' menuitem: i-Nav - alternativ - {CE000996-A58C-4441-8938-744CD72AB27F} - C:\Program\VeriSign\i-Nav\i-nav_4_2_0.dll
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - https://212.209.141.125/iNotes6.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/sv/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {DF261D01-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v2.1 [sVE]) - https://eredovisning2.postgirot.se/ddrint/content/iejpwsve.cab
O16 - DPF: {DF261D07-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v1.3 [ENU]) - https://eredovisning.postgirot.se/ddrint/work/iedpwenu.cab
O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program\AVPersonal\AVGUARD.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program\AVPersonal\AVWUPSRV.EXE
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Gear-säkerhetstjänster (GEARSecurity) - GEAR Software - C:\WINNT\system32\gearsec.exe
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: VeriSign Updater (navi) - VeriSign, Inc. - C:\Program\VeriSign\NAVI\naviagent.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe

 

Link to comment
Share on other sites

Var gång jag öppnar en IE eller utforskaren kommer ett meddelande om att "De aktuella säkerhetsinställningarna tillåter inte att Active-X-kontroller körs på den här sidan"

Sökte lite på nätet hittade lite olika förslag:

Try this: Tools > Internet Options > Advanced > Browsing

Uncheck the Enable 3rd party browser extensions

internet alt>säkerhet>intenet>(välj)aktuell nivå>aktivera kör active-x kontroller

Säger dig de här sidorna något:

http://support.microsoft.com/default.aspx?scid=kb;en-us;833633

http://electra.cs.ucy.ac.cy/helpdesk/scripts/myanswer.asp?which=2157

http://channel9.msdn.com/User/Profile.aspx?UserID=7291&viewtype=1

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...