Logfile

Discussion in 'adware, spyware & hijack cleaning' started by Salixs, Jul 5, 2004.

Thread Status:
Not open for further replies.
  1. Salixs

    Salixs Registered Member

    Joined:
    Jul 5, 2004
    Posts:
    1
    Wilders Security Forums!
    I wonder if You Can help me with the following problems?
    What can I remove and don´t remove from the registry?

    Result from scanning registry with "Hijack this":


    Logfile of HijackThis v1.97.7
    Scan saved at 14:40:45, on 2004-07-05
    Platform: Windows 98 SE (Win9x 4.10.2222A)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\SYSTEM\KERNEL32.DLL
    C:\WINDOWS\SYSTEM\MSGSRV32.EXE
    C:\WINDOWS\SYSTEM\SPOOL32.EXE
    C:\WINDOWS\SYSTEM\MPREXE.EXE
    C:\WINDOWS\SYSTEM\SMARTSCAPS.EXE
    C:\PROGRAM\AGNITUM\OUTPOST FIREWALL\OUTPOST.EXE
    C:\WINDOWS\SYSTEM\SSDPSRV.EXE
    C:\WINDOWS\SYSTEM\MSTASK.EXE
    C:\WINDOWS\SYSTEM\mmtask.tsk
    C:\WINDOWS\TASKMON.EXE
    C:\WINDOWS\SYSTEM\SYSTRAY.EXE
    C:\WINDOWS\SYSTEM\STIMON.EXE
    C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE
    C:\WINDOWS\RUNDLL32.EXE
    C:\PROGRAM\PANDA SOFTWARE\PANDA ANTIVIRUS TITANIUM\APVXDWIN.EXE
    C:\WINDOWS\SYSTEM\WMIEXE.EXE
    C:\PROGRAM\PANDA SOFTWARE\PANDA ANTIVIRUS TITANIUM\PAVPROXY.EXE
    C:\PROGRAM\INTERNET EXPLORER\IEXPLORE.EXE
    C:\WINDOWS\EXPLORER.EXE
    C:\PROGRAM\INTERNET EXPLORER\IEXPLORE.EXE
    C:\TEMP. NEDLADDNINGAR\HIJACKTHIS.EXE

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eniro.se/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
    R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRAM\PERFEC~1\BHO\PERFEC~1.DLL
    O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
    O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:\PROGRAM\PERFEC~1\BHO\PERFEC~1.DLL
    O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM\MYWAY\MYBAR\1.BIN\MYBAR.DLL
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRAM\SPYBOT~1\SDHELPER.DLL
    O3 - Toolbar: (no name) - {0E1230F8-EA50-42A9-983C-D22ABC2EED3B} - (no file)
    O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM\MYWAY\MYBAR\1.BIN\MYBAR.DLL
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
    O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
    O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
    O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
    O4 - HKLM\..\Run: [Aktivitetsfältet] SysTray.Exe
    O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
    O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRAM\AGNITUM\OUTPOST FIREWALL\OUTPOST.EXE /waitservice
    O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
    O4 - HKLM\..\Run: [P2P NETWORKING] C:\WINDOWS\SYSTEM\P2P NETWORKING\P2P NETWORKING.EXE /AUTOSTART
    O4 - HKLM\..\Run: [ICSDCLT] C:\WINDOWS\rundll32.exe C:\WINDOWS\SYSTEM\icsdclt.dll,ICSClient
    O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s
    O4 - HKLM\..\RunServices: [SmartScaps] C:\WINDOWS\SYSTEM\Smartscaps.exe
    O4 - HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAM\AGNITUM\OUTPOST FIREWALL\OUTPOST.EXE /service
    O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
    O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
    O4 - HKLM\..\RunServices: [SchedulingAgent] C:\WINDOWS\SYSTEM\mstask.exe
    O4 - Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE
    O4 - Startup: BHODemon 2.0.lnk = C:\Program\BHODemon 2.0\BHODemon.exe
    O8 - Extra context menu item: Sök med Eniro - res://C:\WINDOWS\SYSTEM\TOOLBAND_SV.DLL/MENUSEARCH.HTM
    O9 - Extra 'Tools' menuitem: Sun Java-konsol (HKLM)
    O9 - Extra button: Trashcan (HKCU)
    O9 - Extra 'Tools' menuitem: Show Trashcan (HKCU)
    O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38002.4050347222
    O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
    O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - http://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
    O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 212.214.126.18,212.214.126.20


    For your information concerning security on my computr,
    I use Outpost firewall and Panda virusprogram

    Regards
    Salixs
     
Thread Status:
Not open for further replies.