Assistance til HijackThis-log ønsket
Hej.Er der nogen, der vil være så venlige at kigge på denne HijackThis-logfil og guide mig til at komme af med alt det "uønskede"...?
På forhånd mange tak.
Logfile of HijackThis v1.98.0
Scan saved at 13:00:02, on 29-07-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\odClientService.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programmer\Ahead\InCD\InCDsrv.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\NORMAN\Nvc\BIN\NPFSVICE.EXE
C:\Norman\NVC\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\NJEEVES.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\Wireless 11Mbps Network\XPFix.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\NORMAN\Nvc\BIN\ZLH.EXE
C:\NORMAN\Nvc\BIN\NYMSE.EXE
C:\NORMAN\Nvc\BIN\NIP.EXE
C:\Programmer\Ahead\InCD\InCD.exe
C:\NORMAN\Nvc\BIN\cclaw.exe
C:\Programmer\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\NORMAN\Nvc\BIN\npfmsg2.exe
C:\Programmer\Messenger Plus! 3\MsgPlus.exe
c:\progra~1\intern~1\iexplore.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\AIM\aim.exe
C:\Programmer\Spybot - Search & Destroy\TeaTimer.exe
C:\Programmer\Sony Corporation\Image Transfer\SonyTray.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\WINDOWS\webshots.scr
C:\Programmer\Microsoft Office\Office10\msoffice.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\NoAdware\NoAdware.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Download\HijackThis\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jpoqglhfkqigh.us/UFgXfqI3LviadlQbKLm6yhV9c8xt8uJ77gO0SKuJUPE.jpg
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.doozrwwsrybivstyfreml.info/UFgXfqI3Lvj1o48chiU5dUHLe6y6uazAsX1NAszVwD8RA4xwi4dn9e7VouOLhoOQ.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F1 - win.ini: run= C:\WESTWOOD\LOLG\ICONS95.EXE
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {B00C600C-133E-E316-74B5-2AD1EB23105E} - C:\PROGRA~1\OPTION~1\program info.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar\01.01.1629.0\da\msntb.dll
O4 - HKLM\..\Run: [Alice] C:\Program Files\Wireless 11Mbps Network\XPFix.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Programmer\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [OdTray.exe] "C:\Programmer\Fujitsu Siemens Computers\Odyssey Client for Fujitsu Siemens Computers\OdTray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [third delete] C:\PROGRA~1\DEAFLI~1\support up obj.exe
O4 - HKLM\..\Run: [BookDebugKindWait] C:\Documents and Settings\All Users\Application Data\ModeIdolBookDebug\Great inside.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [IncrediMail] C:\PROGRA~1\INCRED~1\bin\IncMail.exe /c
O4 - HKCU\..\Run: [AIM] C:\Programmer\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Programmer\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Webshots.lnk = C:\Programmer\Webshots\Launcher.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Programmer\AIM\aim.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {1663ed61-23eb-11d2-b92f-008048fdd814} (MeadCo ScriptX Basic) - http://www.meadroid.com/scriptx/ScriptX.cab
O16 - DPF: {5D9E4B6D-CD17-4D85-99D4-6A52B394EC3B} (WSDownloader Control) - http://www.webshots.com/samplers/WSDownloader.ocx
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) - http://www2.incredimail.com/contents/setup/downloader/imloader.cab