Just nu i M3-nätverket
Jump to content

ISearch: Kan någon kolla min HTJ log


alexpa

Recommended Posts

Hej,

 

Jag följde erat inlägg rörande Isearch då jag hade samma problem. Nu verkar jag vara kvitt Isearch men vet inte vad mer jag har på burken som inte borde vara där.

Finns det någon vänlig själ som kan kolla och rekommendare fler rader som borde tas bort?

 

tack på förhand och tack för hjälpen med Isearch

 

Mvh Alex

 

Logfile of HijackThis v1.99.1

Scan saved at 23:16:22, on 2005-05-18

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\CTSvcCDA.EXE

C:\Program\Norton Antivirus\navapsvc.exe

C:\Program\Norton Internet Security\NISUM.EXE

C:\WINDOWS\System32\NMSSvc.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Norton Internet Security\SymProxySvc.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\Program\Norton Internet Security\NISSERV.EXE

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe

C:\Program\Norton Internet Security\IAMAPP.EXE

C:\WINDOWS\system32\GSICON.EXE

C:\WINDOWS\system32\dslagent.exe

C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

C:\Program\HEWLET~1\HPSHAR~1\hpgs2wnf.exe

C:\Program\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe

C:\Program\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe

C:\WINDOWS\system32\hpoipm07.exe

C:\Program\MSN Apps\Updater\01.02.3000.1001\sv\msnappau.exe

C:\WINDOWS\dhsvr.exe

C:\Program\Hewlett-Packard\AiO\Shared\bin\hpOSTS07.exe

C:\Program\Hewlett-Packard\AiO\Shared\bin\hpOFXM07.exe

C:\PROGRAM\WINZIP\winzip32.exe

C:\Program\Internet Explorer\iexplore.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Alex\program\hjt\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/'>http://www.eniro.se/

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = www.eniro.se

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.eniro.se/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll

O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Antivirus\NavShExt.dll

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Antivirus\NavShExt.dll

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll

O4 - HKLM\..\Run: [iamapp] C:\Program\Norton Internet Security\IAMAPP.EXE

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [share-to-Web Namespace Daemon] C:\Program\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

O4 - HKLM\..\Run: [RealTray] C:\Program\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER

O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer

O4 - Startup: MSN Messenger 6.2.lnk = ?

O4 - Global Startup: HPAiODevice(hp psc 900 series) - 1.lnk = C:\Program\Hewlett-Packard\AiO\hp psc 900 series\Bin\hpobrt07.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html

O9 - Extra button: Informationshanteraren - {9455301C-CF6B-11D3-A266-00C04F689C50} - c:\Program\Delade filer\Microsoft Shared\Reference 2001\EROProj.dll

O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab

O16 - DPF: {2F5B39C5-C6F5-447A-A946-48B382C53985} - http://www.pacimedia.com/install/pcs_0025.exe'>http://www.pacimedia.com/install/pcs_0025.exe'>http://www.pacimedia.com/install/pcs_0025.exe

O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/20021126/qtinstall.info.apple.com/sikes/se/win/QuickTimeInstaller.exe

O16 - DPF: {47CD99DF-8BCF-4B9B-94EF-02E51B2F79DA} - http://www.alwaysupdatednews.com/install/aun_0027.exe'>http://www.alwaysupdatednews.com/install/aun_0027.exe

O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - http://www.advnt01.com/dialer/internazionale_ver3.CAB

O16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) - http://secure2.comned.com/signuptemplates/ActiveSecurity.cab

O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab

O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/ww/games3.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab

O16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} - http://www.alwaysupdatednews.com/install/aun_0027.exe

O16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} - http://www.pacimedia.com/install/pcs_0025.exe

O16 - DPF: {EC51659D-721F-4CBF-9CEA-5E776D89CEA9} - http://www.pacimedia.com/install/pcs_0025.exe

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab30149.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{D2EF24DA-B6AD-4F71-A298-C35A7DEEA249}: NameServer = 195.67.199.12 195.67.199.13

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTSvcCDA.EXE

O23 - Service: Norton AntiVirus Auto-Protect (navapsvc) - Symantec Corporation - C:\Program\Norton Antivirus\navapsvc.exe

O23 - Service: Norton Internet Security Service (NISSERV) - Symantec Corporation - C:\Program\Norton Internet Security\NISSERV.EXE

O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C:\Program\Norton Internet Security\NISUM.EXE

O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\System32\NMSSvc.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe

O23 - Service: Norton Internet Security Proxy Service (SymProxySvc) - Symantec Corporation - C:\Program\Norton Internet Security\SymProxySvc.exe

O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe

 

 

 

[inlägget ändrat 2005-05-18 23:25:18 av alexpa]

[inlägget ändrat 2005-05-18 23:26:31 av alexpa]

Link to comment
Share on other sites

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

'

Är denna ovanför du har satt själv? Har du mixtrat något med kontrollpanelen, så att andra inte får tillgång eller något sånt? OM inte, bocka i O6:an

 

Dessa är jag lite misstänksam mot, så bocka dem eftersom de är onödiga och kan laddas ner pånytt om de behövs.

O16 - DPF: {2F5B39C5-C6F5-447A-A946-48B382C53985} - http://www.pacimedia.com/install/pcs_0025.exe'>http://www.pacimedia.com/install/pcs_0025.exe'>http://www.pacimedia.com/install/pcs_0025.exe

O16 - DPF: {47CD99DF-8BCF-4B9B-94EF-02E51B2F79DA} -http://www.alwaysupdatednews.com/install/aun_0027.exe

O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} - http://www.advnt01.com/dialer/internazionale_ver3.CAB

O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

O16 - DPF: {B4831DED-3A57-4CC6-9E4B-0E7C5B08DBF4} - http://www.alwaysupdatednews.com/install/aun_0027.exe

O16 - DPF: {C0B285F6-DB2B-4908-9C58-F6D95397D747} - http://www.pacimedia.com/install/pcs_0025.exe

O16 - DPF: {EC51659D-721F-4CBF-9CEA-5E776D89CEA9} - http://www.pacimedia.com/install/pcs_0025.exe

 

Klicka på Fix Checked

Det var det.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...