Hjælp til hijack
Er der nogen der gider kigge denne log igennem for snavs eller andet der ikke burde være tilstede på min pc.Logfile of HijackThis v1.99.1
Scan saved at 06:29:39, on 22-03-2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
D:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\WINDOWS\system32\LEXBCES.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\LEXPPS.EXE
D:\Programmer\Netropa\Multimedia Keyboard\nhksrv.exe
D:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
D:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
D:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\Programmer\QuickTime\qttask.exe
D:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe
D:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
I:\HPPhotoImaging20\Digital Imaging\Unload\hpqcmon.exe
D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
D:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
D:\Programmer\Messenger Plus! 3\MsgPlus1.exe
D:\Programmer\Netropa\Multimedia Keyboard\MMKeybd.exe
I:\Winamp\winampa.exe
D:\WINDOWS\System32\RUNDLL32.EXE
D:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Programmer\Messenger\msmsgs.exe
D:\Programmer\MSN Messenger\msnmsgr.exe
D:\Programmer\Skype\Phone\Skype.exe
D:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
D:\Programmer\Logitech\MouseWare\system\em_exec.exe
D:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe
D:\Programmer\Netropa\Multimedia Keyboard\TrayMon.exe
D:\Programmer\Netropa\Onscreen Display\OSD.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Programmer\Outlook Express\msimn.exe
I:\Netscape Browser\netscape.exe
D:\Documents and Settings\Henrik Gøttrup\Skrivebord\Highjacklog\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/advanced_search?hl=da
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.wmbizpffghfllvpgoc.com/30dn5Ne4lNL5pJ1Bsp0A5O2aNWHfpTng9CRf57zNjc_MsNqho2LUfHqYmNvyODNo.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - {CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
R3 - URLSearchHook: (no name) - _{CE000994-A58C-4441-8938-744CD72AB27F} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - D:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\programmer\google\googletoolbar2.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - D:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] D:\Programmer\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Lexmark X1100 Series] "D:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [InteliSys] D:\WINDOWS\smss.exe
O4 - HKLM\..\Run: [xiopihdohxyv] D:\WINDOWS\System32\qtjufv.exe
O4 - HKLM\..\Run: [Windows SA] D:\Program Files\WindowsSA\omniscient.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] D:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [CamMonitor] I:\HPPhotoImaging20\Digital Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] D:\Programmer\Fælles filer\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] D:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus1.exe"
O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] D:\Programmer\Netropa\Multimedia Keyboard\MMKeybd.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [WinampAgent] I:\Winamp\winampa.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Programmer\Messenger Plus! 3\MsgPlus1.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "D:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Google Search - res://D:\Programmer\Google\googletoolbar.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://D:\Programmer\Google\googletoolbar.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://D:\Programmer\Google\googletoolbar.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://D:\Programmer\Google\googletoolbar.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://D:\Programmer\Google\googletoolbar.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Programmer\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: @D:\Programmer\Messenger2\im2_ie_plugin.dll,-4 - {410C30C7-098A-4090-928E-F1D356D34C7F} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: Store link with e-Stalker - {410C30C7-098A-4090-928E-F1D356D34C7F} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Programmer\Messenger\MSMSGS.EXE
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab28177.cab
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/12415019cde36a58a105/netzip/RdxIE601.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.lizardtech.com/software/expressview/webinstall/isetup.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lniamalfi.dnsalias.com:81/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/activedata/SymAData.cab
O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211/speedtest/SpeedTest_2.cab
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp02.photoprintit.de/microsite/defaults/activex/ImageUploader3.cab
O16 - DPF: {E77C0D62-882A-456F-AD8F-7C6C9569B8C7} (ActiveDataObj Class) - https://www-secure.symantec.com/techsupp/activedata/ActiveData.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect (navapsvc) - Symantec Corporation - D:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - D:\Programmer\Netropa\Multimedia Keyboard\nhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - I:\SiSoftware Sandra Lite 2005\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - I:\SiSoftware Sandra Lite 2005\RpcSandraSrv.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\FÆLLES~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - D:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe