Just nu i M3-nätverket
Jump to content

HiJackThis-loggfil


Mellanslag1

Recommended Posts

Mellanslag1

Tja!

 

Kan någon tyda denna loggfil åt mig. Den tillhör en kompis dator.

 

Logfile of HijackThis v1.97.7

Scan saved at 17:19:56, on 2004-06-11

Platform: Windows XP SP1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Symantec Shared\ccApp.exe

C:\WINDOWS\System32\P2P Networking\P2P Networking.exe

C:\Program\FIRSTD~1\axiswma.exe

C:\Program\Logitech\Video\LogiTray.exe

C:\Program\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

C:\WINDOWS\System32\LVComS.exe

C:\Program\Logitech\Video\LowLight.exe

C:\Program\Delade filer\EPSON\EBAPI\SAgent2.exe

C:\Program\Norton AntiVirus\navapsvc.exe

C:\Program\Norton AntiVirus\AdvTools\NPROTECT.EXE

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Messenger\msmsgs.exe

F:\Sankan\HiJack This\HijackThis.exe

 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = 143

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = searchweb2.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.aftonbladet.se

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 143

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = 143

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = 143

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll

O2 - BHO: (no name) - {DCCA5042-58D4-55B4-0620-7DD72612F6C4} - C:\Program\SHIMEL~1\flaw army.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: MSN Verktygslåda - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Toolbar\01.01.1629.0\sv\msntb.dll

O3 - Toolbar: Tick Meta Bird - {BBD94A99-F915-18A2-110B-A1BE79074E14} - C:\Program\SHIMEL~1\flaw army.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [ccRegVfy] "C:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"

O4 - HKLM\..\Run: [Advanced Tools Check] C:\Program\NORTON~1\AdvTools\ADVCHK.EXE

O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART

O4 - HKLM\..\Run: [mags less] C:\Program\FIRSTD~1\axiswma.exe

O4 - HKLM\..\Run: [GQT] C:\WINDOWS\GQT.exe

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe

O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Messenger (HKLM)

 

 

 

Tack på förhand!

--------------------------------------------------

Windows XP Home Edition

AMD Athlon TM XP 1800+

NVIDIA Geforce3 Ti 200, 64 MB

DirectX 9.0b

1 GB/RAM

160GB HD

 

Spelar just nu: Serious Sam 2 och Painkiller

 

Link to comment
Share on other sites

Hej Mellanslag :)

 

Gör så här:

 

Stäng ner Internet (logga ut):

Öppna HJT. Klicka på Scan-knapen. Bocka för nedanstående detaljer. Klicka på Fix Checked-knappen. Starta om datorn.

 

[FET]

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = 143

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = searchweb2.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 143

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = 143

[/FET]

 

 

De här två nedanstående finns det ingen som helst information om vad det kan vara. Ser ut att inte ha någon som helst funktion.

Troligtvis kan de bockas för också.

Men det får du avgöra:

[FET]

O2 - BHO: (no name) - {DCCA5042-58D4-55B4-0620-7DD72612F6C4} - C:\Program\SHIMEL~1\flaw army.dll

O4 - HKLM\..\Run: [mags less] C:\Program\FIRSTD~1\axiswma.exe

O4 - HKLM\..\Run: [GQT] C:\WINDOWS\GQT.exe

[/FET]

 

 

 

Rekomenderar att göra nedanstående:

 

Gör så här:

 

Ladda ner Ad-Aware till datorn.

Läs/följ anvisningarna noga på sidan du får upp.

Uppdatera till senaste referensfilen innan du kör programmet på datorn:

 

Här hämtar du programmet:

Ad-Aware 6 Version 181 (Gratis):

http://lavasoft.element5.com/swedish/support/download/

 

Här läser du instruktionerna om hur du ställer in programmet:

Steg 4 och 5: Ställ in programmet på Custome Scan:

http://www.lavasoftsupport.com/index.php?showtopic=14136

 

Gör online-scanningar:

 

TrendMicro:

http://housecall.trendmicro.com/

 

Panda-Onlinescanning:

http://www.pandasoftware.com/activescan/com/activescan_principal.htm

 

 

MVH/Malou

 

 

 

 

***** Ha En Fortsatt Underbar Dag *****

 

 

 

 

 

 

Link to comment
Share on other sites

Hej Mellanslag :)

 

Tackar för poängen *ler*

 

 

MVH/Malou

***** Ha En Fortsatt Underbar Dag *****

 

Mail: janssonmalou@idgmail.se

 

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...