|
| ||
| Any bad lines in my log? 1 Attachment(s) Any bad lines in my HJT-log? |
| ||
| Re: Any bad lines in my log? Going to hang it up here to make it easier to diagnose. Log file of ahlzper Logfile of HijackThis v1.97.7 Scan saved at 09:44:11, on 2004-04-26 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v5.00 SP1 (5.00.2920.0000) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\SYSTEM32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\WINNT\System32\CTSvcCDA.exe C:\WINNT\System32\svchost.exe C:\Program\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe C:\Program\Panda Software\Panda Antivirus Platinum\pavsrv50.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\Program\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE C:\WINNT\system32\stisvc.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\WINNT\anvshell.exe C:\Program\Creative\ShareDLL\CtNotify.exe C:\Program\Creative\Audio2K\PROGRAM\CTMIX32.EXE C:\Program\QuickTime\qttask.exe C:\Program\MusicMatch\MusicMatch Jukebox\mm_tray.exe C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE C:\Program\Creative\ShareDLL\MediaDet.Exe C:\Program\Ahead\InCD\InCD.exe C:\Program\Delade filer\Real\Update_OB\realsched.exe C:\WINNT\SM1BG.EXE C:\Program\Logitech\Video\LogiTray.exe C:\Program\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe C:\Program\Winamp\winampa.exe C:\Program\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE C:\Program\DELADE~1\ADAPTE~1\CreateCD\CREATE~1.EXE C:\WINNT\system32\internat.exe C:\Program\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe C:\Program\Sony Corporation\Image Transfer\SonyTray.exe C:\Program\WinZip\WZQKPICK.EXE C:\WINNT\System32\svchost.exe C:\WINNT\system32\LVComS.exe C:\Program\Panda Software\Panda Antivirus Platinum\pavProxy.exe C:\Program\Internet Explorer\iexplore.exe C:\Documents and Settings\pelle\Lokala inställningar\Temporary Internet Files\Content.IE5\UT5YV214\HijackThis[1].exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://login1.telia.com/ R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {029CA12C-89C1-46a7-A3C7-82F2F98635CB} - C:\Program\Kontiki\bin\bh309190.dll O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program\MyWay\myBar\1.bin\MYBAR.DLL O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program\MyWay\myBar\1.bin\MYBAR.DLL O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [anvshell] anvshell.exe O4 - HKLM\..\Run: [NewsUpd] C:\Program\Creative\News\NewsUpd.EXE /q O4 - HKLM\..\Run: [Disc Detector] C:\Program\Creative\ShareDLL\CtNotify.exe O4 - HKLM\..\Run: [CreativeMixer] C:\Program\Creative\Audio2K\PROGRAM\CTMIX32.EXE /t O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [MMTray] C:\Program\MusicMatch\MusicMatch Jukebox\mm_tray.exe O4 - HKLM\..\Run: [cellulari-us] c:\cellulari-us\cellulari-us.exe u O4 - HKLM\..\Run: [EM_EXEC] C:\Program\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SM1BG] C:\WINNT\SM1BG.EXE O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program\Logitech\Video\ISStart.exe O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program\Logitech\Video\LogiTray.exe O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe" O4 - HKLM\..\Run: [WinampAgent] C:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [SCANINICIO] "C:\Program\Panda Software\Panda Antivirus Platinum\Inicio.exe" O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [CreateCD50] C:\Program\DELADE~1\ADAPTE~1\CreateCD\CREATE~1.EXE -r O4 - HKCU\..\Run: [internat.exe] internat.exe O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe O4 - Global Startup: Image Transfer.lnk = C:\Program\Sony Corporation\Image Transfer\SonyTray.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINNT\system32\NNTOOL~1.DLL/MENUSEARCH.HTM O9 - Extra button: Real.com (HKLM) O12 - Plugin for .nwc: C:\Program\NoteWorthy Software\NWC Browser Plugin\npnwcw32.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab O16 - DPF: {093F9CF8-0DE1-491C-95D5-5EC257BD4CA3} - http://akamai.downloadv3.com/binaries/IA/dtc32_EN.cab O16 - DPF: {0DCABC94-5086-4E08-A4C9-BF284A614E81} (WwwPlugin Class) - http://espana.netvenda.com/perf/WwwPlugin.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/s...irector/sw.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/fu...tup1.0.0.6.cab O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/...eInstaller.exe O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/01cd8f1aecc7eaf...p/RdxIE601.cab O16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) - http://office.microsoft.com/productu...ntent/opuc.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...tatsClient.cab O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.co...7603.852662037 O16 - DPF: {A5B4176A-5347-4CEC-AB75-26947BB34183} (InstaladorBetyByte Control) - http://www.redzone.nu/uploads/cab/in...betybyteuk.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/p...tx/install.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/s...sh/swflash.cab O16 - DPF: {DF261D07-7E99-11D4-B2C7-009027A1F18A} (DDI Print Control Class v1.3 [ENU]) - https://eredovisning.postgirot.se/dd...k/iedpwenu.cab O16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) - http://dgl.microsoft.com/downloads/outc.cab |
| ||
| Re: Any bad lines in my log? Hi :D .If possible, uninstall Mybar from add/remove programs. Unzip HJT into it's own permanent folder before doing anything in order for it to create backups. (Not a temporary folder & not on the desktop). Close all (browser) windows & have HJT fix these entries by placing a check in the appropriate box= R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program\MyWay\myBar\1.bin\MYBAR.DLL O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file) O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program\MyWay\myBar\1.bin\MYBAR.DLL O8 - Extra context menu item: &Sample Toolband Serach - res://C:\WINNT\system32\NNTOOL~1.DLL/MENUSEARCH.HTM O16 - DPF: {0DCABC94-5086-4E08-A4C9-BF284A614E81} (WwwPlugin Class) - http://espana.netvenda.com/perf/WwwPlugin.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://imgfarm.com/images/nocache/f...etup1.0.0.6.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/01cd8f1aecc7ea...ip/RdxIE601.cab O16 - DPF: {AB29A544-D6B4-4E36-A1F8-D3E34FC7B00A} - http://install.wildtangent.com/bgn/...stx/install.cab Reboot into safe mode following the instructions here & navigate to & delete C:\Program\MyWay< this folder Reboot normally & you will be ok. Couple of good programs to have & run once a week, keeping them updated. Download & instal Adaware from here & update it B4 scanning. In settings under 'scanning,' have it set to 'scan within archives,' 'scan active processes,' 'scan registry,' 'deepscan registry' 'scan my IE Favourites for banned URL's,' 'scan my host's file.' In 'tweaks' under 'scanning engine' set it to 'unload recognised processes during scanning.' Also in 'tweaks' under 'cleaning engine' set it to 'Automatically try to unregister objects prior to deletion' & 'let Windows remove files in use at next reboot.' Select 'activate in-depth scan' before starting scan. When the scan is finished select 'next.' Remove what it finds by placing a check in the box to the left of the object. Reboot Download & instal Spybot S&D from here Update it B4 scanning. Go into settings & have it check for Beta releases also & download if available. After the scan is complete, have spybot fix everything marked RED. On the page that first opens when you start Spybot there is an option to immunise, you should do this. In the immunise section there is also a link to download Spywareblaster. Download that & you can keep it updated by selecting the same link that you use to download it. Reboot |
| ||
| Re: Any bad lines in my log? Thank you very much. Per |
| All times are GMT -4. The time now is 6:54 am. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC