Hijackthis log.
Heey.Jeg har denne log fra en ven, og vil lige høre hvad i sir til den.
Logfile of HijackThis v1.98.2
Scan saved at 16:40:59, on 01-09-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Div. Programmer\Cobian Backup 5\cbs.exe
C:\WINDOWS\system32\CTSVCCDA.EXE
C:\Programmer\Symantec\NAV\DefWatch.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Symantec\NAV\SavRoam.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Symantec\NAV\Rtvscan.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Div. Programmer\Logitech\iTouch\iTouch.exe
C:\WINDOWS\System32\CTHELPER.EXE
C:\Programmer\Div. Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\PROGRA~1\Symantec\NAV\VPTray.exe
C:\Programmer\Fælles filer\Logitech\QCDriver3\LVCOMS.EXE
C:\Programmer\Div. Programmer\Messenger Plus\MsgPlus.exe
C:\Programmer\Div. Programmer\Cobian Backup 5\cobui.exe
C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\PROGRA~1\NOKIAN~1\NOKIAP~1\TRAYAP~1.EXE
C:\Programmer\Div. Programmer\MusicMatch Jukebox\mmtask.exe
C:\PROGRA~1\FLLESF~1\PCSuite\Services\SERVIC~1.EXE
C:\Programmer\Div. Programmer\Winamp\winamp.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Div. Programmer\NetLimiter\NetLimiter.exe
C:\Programmer\DVD Decrypter\DVDDecrypter.exe
C:\WINDOWS\System32\mstsc.exe
C:\Programmer\Div. Programmer\FlashFXP\FlashFXP.exe
C:\Documents and Settings\Ulle\Skrivebord\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 192.138.1.3 www.webmail.freez.dk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Zero Popup - {2EF37A01-884F-11d5-AC99-B112050ECB4F} - C:\PROGRA~1\DIV~1.PRO\ZEROPO~1\HTMLEdit.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:\PROGRA~1\DIV~1.PRO\FlashFXP\IEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Div. Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Programmer\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\Symantec\NAV\VPTray.exe
O4 - HKLM\..\Run: [LVCOMS] C:\Programmer\Fælles filer\Logitech\QCDriver3\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Programmer\Div. Programmer\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Programmer\Div. Programmer\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\Div. Programmer\Messenger Plus\MsgPlus.exe"
O4 - HKLM\..\Run: [Cobian Backup Interface 5] "C:\Programmer\Div. Programmer\Cobian Backup 5\cobui.exe" /SERVICE
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\FLLESF~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\NOKIAN~1\NOKIAP~1\TRAYAP~1.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [mmtask] C:\Programmer\Div. Programmer\MusicMatch Jukebox\mmtask.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programmer\Div. Programmer\ICQ\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Programmer\Div. Programmer\ICQ\ICQ.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093477581937
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F176D10F-CB1E-445A-89AE-63E1AC64C3A6}: NameServer = 212.242.40.3,212.242.40.51
Er der noget af det som skal fjernes?
Ikke fordi han har haftn ogle problemmer, vi sad bare og snakkede om at det var ret så effektivt (Jeg mente det var effektivt) - og ville derfor lige se om han havde noget på sin computer.
Mvh. Thomas