Gå til innhold

search2web - trenger hjelp!


Anbefalte innlegg

Trenger hjelp for å fjerne en "verktøylinje" i bunnen av webbrowseren min. Er blå med følgende ikoner: make money, music, casino, investing, travel etc. -Tror den kom i sammenheng med at jeg installerte MSN plus, som forøvrig er slettet nå.

Har kjørt både adawre og spybot uten resultater...

Kan noen hjelpe meg!?

 

Under følger logg fra hijack this:

 

Logfile of HijackThis v1.98.2

Scan saved at 19:28:17, on 12.09.04

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

 

Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\NORMAN\NVC\BIN\ZANDA.EXE

C:\WINDOWS\SYSTEM\SSDPSRV.EXE

C:\NORMAN\NVC\BIN\CCLAW.EXE

C:\NORMAN\NVC\BIN\NVCSCHED.EXE

C:\NORMAN\NVC\BIN\NJEEVES.EXE

C:\NORMAN\NVC\BIN\NIP.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAMFILER\SYNAPTICS\SYNTP\SYNTPLPR.EXE

C:\PROGRAMFILER\SYNAPTICS\SYNTP\SYNTPENH.EXE

C:\WINDOWS\SYSTEM\PRPCUI.EXE

C:\WINDOWS\DITASK.EXE

C:\PROGRAMFILER\LOGITECH\MOUSEWARE\SYSTEM\EM_EXEC.EXE

C:\WINDOWS\LOADQM.EXE

D:\PROGRAMMER\RFA\RFAGENT.EXE

C:\NORMAN\NVC\BIN\ZLH.EXE

C:\WINDOWS\RUNDLL32.EXE

C:\WINDOWS\SYSTEM\LVCOMSX.EXE

C:\PROGRAMFILER\LOGITECH\VIDEO\LOGITRAY.EXE

C:\NORMAN\NVC\BIN\NYMSE.EXE

C:\WINDOWS\SYSTEM\STIMON.EXE

C:\PROGRAMFILER\MSN MESSENGER\MSNMSGR.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAMFILER\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAMFILER\LOGITECH\VIDEO\FXSVR2.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\WINDOWS\SYSTEM\PSTORES.EXE

C:\HIJACKTHIS\HIJACKTHIS.EXE

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\SYSTEM\OOBE\BLANK.HTM

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\SYSTEM\OOBE\BLANK.HTM

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.:8080

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger

R3 - Default URLSearchHook is missing

O2 - BHO: (no name) - {183D1D88-911D-C185-8EEF-0408DE543B63} - (no file)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Programmer\Spybot\SDHelper.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [scanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [systemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [synTPLpr] C:\Programfiler\Synaptics\SynTP\SynTPLpr.exe

O4 - HKLM\..\Run: [synTPEnh] C:\Programfiler\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [PRPCMonitor] PRPCUI.exe

O4 - HKLM\..\Run: [DiTask] c:\windows\ditask.exe

O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\LOGITECH\MOUSEW~1\SYSTEM\EM_EXEC.EXE

O4 - HKLM\..\Run: [LoadQM] loadqm.exe

O4 - HKLM\..\Run: [rfagent] D:\PROGRAMMER\RFA\rfagent.exe

O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [iCSDCLT] c:\windows\rundll32.exe c:\windows\SYSTEM\icsdclt.dll,ICSClient

O4 - HKLM\..\Run: [OmgStartup] C:\Programfiler\Fellesfiler\Sony Shared\OpenMG\OmgStartup.exe

O4 - HKLM\..\Run: [LVCOMSX] c:\windows\SYSTEM\LVCOMSX.EXE

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programfiler\Logitech\Video\ISStart.exe

O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programfiler\Logitech\Video\LogiTray.exe

O4 - HKLM\..\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE

O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup

O4 - HKLM\..\Run: [Time grim blah junk] C:\WINDOWS\Application Data\Kind Burn Time Grim\BowsOnce.exe

O4 - HKLM\..\RunServices: [schedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZANDA.EXE /LOAD

O4 - HKLM\..\RunServices: [sSDPSRV] c:\windows\SYSTEM\ssdpsrv.exe

O4 - HKCU\..\Run: [msnmsgr] "C:\PROGRAMFILER\MSN MESSENGER\MSNMSGR.EXE" /background

O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\PROGRAMFILER\LOGITECH\VIDEO\MANIFESTENGINE.EXE boot

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://c:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) - http://fdl.msn.com/public/chat/msnchat45.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...StatsClient.cab

O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061...all/xscan53.cab

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab28578.cab

O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Solit...wn.cab28578.cab

Lenke til kommentar
Videoannonse
Annonse

O4 - HKLM\..\Run: [Time grim blah junk] C:\WINDOWS\Application Data\Kind Burn Time Grim\BowsOnce.exe

O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://c:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

 

Et raskt overblikk sier meg iallfall at disse er mistenkelige, men ikke slett noe før du er sikker. Gå til ComputerCops.biz og post loggen din der.

Lenke til kommentar

Opprett en konto eller logg inn for å kommentere

Du må være et medlem for å kunne skrive en kommentar

Opprett konto

Det er enkelt å melde seg inn for å starte en ny konto!

Start en konto

Logg inn

Har du allerede en konto? Logg inn her.

Logg inn nå
  • Hvem er aktive   0 medlemmer

    • Ingen innloggede medlemmer aktive
×
×
  • Opprett ny...