Just nu i M3-nätverket
Jump to content

Startsidan ändras ??


Patte_81

Recommended Posts

Hej när jag startar ie så koommer jag till msn.se

när jag har lunarstorm.se som start sida men när jag tittar om sidan blivit ändrad så står de lunarstorm.se startar om Ie så är lunarstom tillbaka som startsida.Kan de ha men panda å göra? verkar hel skumt de händer rätt ofta men inte varje dag utan nångång bara. Skickar med en logg. Logfile of HijackThis v1.99.1

Scan saved at 22:10:54, on 2006-10-23

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

C:\WINDOWS\system32\svchost.exe

C:\Program\Windows Defender\MsMpEng.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\AVENGINE.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

c:\program\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\WINDOWS\System32\alg.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\apvxdwin.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\CyberLink\PowerDVD\PDVDServ.exe

C:\Program\Java\jre1.5.0_06\bin\jusched.exe

C:\ACER\PSM.EXE

C:\Program\Telia\Supportassistent\bin\tgcmd.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

C:\Program\Windows Defender\MSASCui.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\GoGoData.com\GoGoData Toolbar\GoGoTray.exe

C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

C:\Program\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

C:\Program\GoGoData.com\GOGODA~1\ADBUST~1.EXE

C:\Program\Logitech\SetPoint\KEM.exe

C:\Program\Logitech\SetPoint\KHALMNPR.EXE

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\SRVLOAD.EXE

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\WebProxy.exe

C:\Program\Secretmaker\secretmaker.exe

c:\program\winamp\winamp.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\avciman.exe

C:\Program\Panda Software\Panda Platinum 2006 Internet Security\psimreal.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Hijackthis\This.exe.exe

C:\Hijackthis\Hijackthis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lunarstorm.se/'>http://www.lunarstorm.se/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lunarstorm.se/

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.se/0SESVSE/SAOS01?FORM=TOOLBR

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

F2 - REG:system.ini: UserInit=C:\WINDOWS\regedit /s C:\pav.reg,C:\WINDOWS\system32\pavdr.exe,C:\WINDOWS\system32\userinit.exe,

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll

O2 - BHO: IeHelper Class - {A491D208-B353-490F-B81A-A8A3DC97042D} - C:\WINDOWS\system32\smiehlp.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: GoGoData AdBuster - {3EB9C349-7473-48AC-A59B-42F31751974B} - C:\Program\GoGoData.com\GOGODA~1\TOMAHA~1.DLL

O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587A44A73} - C:\PROGRAM\POPUPCOP\PopUpCop.dll

O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\Windows Live Toolbar\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [MPS] C:\ACER\PSM.EXE

O4 - HKLM\..\Run: [Alaunch] C:\Windows\alaunch.exe

O4 - HKLM\..\Run: [tgcmd] "C:\Program\Telia\Supportassistent\bin\tgcmd.exe" /server /startmonitor /deaf

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [CTSysVol] "C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" /r

O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

O4 - HKLM\..\Run: [sBDrvDet] "C:\Program\Creative\SB Drive Det\SBDrvDet.exe" /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [Windows Defender] "C:\Program\Windows Defender\MSASCui.exe" -hide

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Platinum 2006 Internet Security\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [sCANINICIO] "C:\Program\Panda Software\Panda Platinum 2006 Internet Security\Inicio.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\DOCUME~1\FÄRJES~1\LOKALA~1\Temp\SSUPDATE.EXE Software\SUPERAntiSpyware.com\SUPERAntiSpyware

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [GoGoTray.exe] "C:\Program\GoGoData.com\GoGoData Toolbar\GoGoTray.exe"

O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

O4 - HKCU\..\Run: [bitTorrent] "C:\Program\BitTorrent\bittorrent.exe" --force_start_minimized

O4 - HKCU\..\Run: [swg] C:\Program\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program\Logitech\SetPoint\KEM.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: SECRETMAKER.lnk = C:\Program\Secretmaker\secretmaker.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: &Windows Live Search - res://C:\Program\Windows Live Toolbar\msntb.dll/search.htm

O8 - Extra context menu item: Open Image in New Window - res://C:\Program\PopUpCop\popupcop.dll/imagenew

O10 - Broken Internet access because of LSP provider 'smnsp.dll' missing

O14 - IERESET.INF: START_PAGE_URL=http://global.acer.com/

O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=58813

O16 - DPF: {10ABC6DB-E091-4EAE-98DD-21B5A2460714} (DetInstaller Class) - http://www.pandasoftware.es/avchecker/controles/AvDetInst.cab

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {31E68DE2-5548-4B23-88F0-C51E6A0F695E} (Microsoft PID Sniffer) - https://support.microsoft.com/OAS/ActiveX/odc.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158258325343

O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program\MSNMES~1\MSGRAP~1.DLL

O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program\Panda Software\Panda Platinum 2006 Internet Security\PavFnSvr.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program\Delade filer\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program\Panda Software\Panda Platinum 2006 Internet Security\pavsrv51.exe

O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program\Panda Software\Panda Platinum 2006 Internet Security\AntiSpam\pskmssvc.exe

O23 - Service: Panda Network Manager (PNMSRV) - Panda Software - c:\program\panda software\panda platinum 2006 internet security\firewall\PNMSRV.EXE

O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program\Panda Software\Panda Platinum 2006 Internet Security\PsImSvc.exe

O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program\Panda Software\Panda Platinum 2006 Internet Security\TPSrv.exe

 

 

 

[inlägget ändrat 2006-10-23 22:19:04 av Patte_81]

Link to comment
Share on other sites

 

jag vet inte hur det funkar med msn för jag har aldrig använt det programmet men kanske har att göra med att det startar med windows...

om du vill att du alltid ska komma till lunar när du startar ie så kan du ta bort ie ikonen och/eller lägga till en genväg till lunar

 

det är ju möjligt att spybot, panda och windows defender kan låsa/skydda din startsida men varför det varierar vet jag ej

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...