Logfile of HijackThis v1.98.2
Scan saved at 13:28:31, on 07-11-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\spoolsv.exe
F:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\isafe.exe
F:\WINDOWS\system32\nvsvc32.exe
F:\WINDOWS\system32\ZoneLabs\vsmon.exe
F:\Programmer\Microsoft IntelliPoint\point32.exe
F:\Programmer\Logitech\iTouch\iTouch.exe
F:\Programmer\MSN Apps\Updater\01.02.3000.1001\da\msnappau.exe
F:\WINDOWS\System32\RUNDLL32.EXE
F:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
F:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
F:\WINDOWS\System32\ctfmon.exe
D:\spil\steam\steam.exe
F:\Programmer\MSN Messenger\MsnMsgr.Exe
F:\Programmer\CA\eTrust EZ Armor\eTrust EZ Antivirus\VetMsg.exe
D:\Spil\Hitman2\GammaPanel\gapa.exe
E:\c drev\Rainlendar.exe
D:\Spil\RefreshLock\RefreshLock.exe
D:\Spil\Cs ting\WKeyKill\WKeyKill.exe
F:\Programmer\Internet Explorer\iexplore.exe
F:\WINDOWS\System32\wuauclt.exe
F:\Programmer\K-Lite Codec Pack\media player classic\mplayerc.exe
F:\WINDOWS\explorer.exe
C:\Hijackthis\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.ooc.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - F:\Programmer\MSN Apps\ST\01.02.3000.1002\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Programmer\MSN Apps\MSN Toolbar\01.02.3000.1001\da\msntb.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - F:\Programmer\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Programmer\MSN Apps\MSN Toolbar\01.02.3000.1001\da\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\system32\msdxm.ocx
O4 - HKLM\..\Run: [IntelliPoint] "F:\Programmer\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] F:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [msnappau] "F:\Programmer\MSN Apps\Updater\01.02.3000.1001\da\msnappau.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [VetTray] F:\PROGRA~1\CA\ETRUST~1\ETRUST~1\VetTray.exe
O4 - HKLM\..\Run: [Zone Labs Client] F:\PROGRA~1\CA\ETRUST~1\ETRUST~2\ca.exe
O4 - HKLM\..\RunOnce: [Q828026] "F:\WINDOWS\INF\unregmp2.exe" /UpdateWMP
O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "d:\spil\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MsnMsgr] "F:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [STYLEXP] F:\Programmer\TGTSoft\StyleXP\StyleXP.exe -Hide
O4 - HKCU\..\Run: [MemoryOptimizer] memtuneup.exe
O4 - Startup: Genvej til gapa.lnk = D:\Spil\Hitman2\GammaPanel\gapa.exe
O4 - Startup: Genvej til Rainlendar.lnk = E:\c drev\Rainlendar.exe
O4 - Startup: Genvej til RefreshLock.lnk = D:\Spil\RefreshLock\RefreshLock.exe
O4 - Startup: Genvej til WKeyKill.lnk = D:\Spil\Cs ting\WKeyKill\WKeyKill.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://F:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: F:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cabO16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com/fpdlmgr/cabs/FPDC_1_0_0_44.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cabO16 - DPF: {B3872502-F9FD-4E96-93FF-0D37298F0689} (SOESysInfo Control) -
http://eq2beta.station.sony.com/beta_reg/soesysinfo.cabO16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://scanner.virus112.com/cabs/cssweb.cabMin Hijackthis log!
HiJackThis har jeg brugt et par gange, og jeg kører Ad-Aware og "Spybot - Search & Destroy" ofte!
Jeg tror ikke det er virus eller lign. der er problemet, men det finder vi vel hurtigt ud af :)
Jeg har også lige installeret og brugt Bootvis!