En grim Log..
Er lige igang med at rydde op på en vens comp, og ville da gerne lige have den her log "tydet" af hvad jeg kan se er der MANGE grimme ting:Logfile of HijackThis v1.99.1
Scan saved at 15:55:56, on 19-08-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\McAfee\McAfee Firewall\CPD.EXE
C:\Programmer\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Documents and Settings\Sebastian\Skrivebord\iclogin1.2.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
C:\WINDOWS\SOINTGR.EXE
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\System32\kernels32.exe
C:\WINDOWS\System32\explorer6s4.exe
C:\WINDOWS\System32\polo.exe
C:\WINDOWS\System32\vxh8jkdq2.exe
C:\WINDOWS\System32\vxh8jkdq6.exe
C:\Programmer\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\maxd1.exe
C:\winstall.exe
C:\WINDOWS\System32\vxh8jkdq2.exe
C:\WINDOWS\System32\symcsvc.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Logitech\SetPoint\KEM.exe
C:\Programmer\Logitech\SetPoint\KHALMNPR.EXE
C:\Programmer\SpywareGuard\sgmain.exe
C:\Programmer\SpywareGuard\sgbhp.exe
C:\WINDOWS\System32\winlogons.exe
C:\WINDOWS\System32\vxgame2.exe
C:\WINDOWS\System32\vxgame3.exe
C:\WINDOWS\System32\vxgame4.exe
C:\WINDOWS\System32\vxgame6.exe
C:\WINDOWS\System32\vxgame4.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Sebastian\Skrivebord\Sikkerhed\hijackthis.exe
C:\Programmer\Internet Explorer\iexplore.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tweak.dk/forum
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: Shell=Explorer.exe init32m.exe
O2 - BHO: Control Popups in Internet Explorer - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\Programmer\PopupPopper\PopLib.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmer\SpywareGuard\dlprotect.dll
O2 - BHO: NTIECatcher Class - {C56CB6B0-0D96-11D6-8C65-B2868B609932} - C:\Programmer\Xi\NetTransport 2\NTIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ZToolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} - C:\WINDOWS\System32\ztoolb009.dll
O4 - HKLM\..\Run: [McAfee Guardian] "C:\Programmer\McAfee\McAfee Shared Components\Guardian\CMGrdian.exe" /SU
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IC Login] "C:\Documents and Settings\Sebastian\Skrivebord\iclogin1.2.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Windows Update 32] winlogons.exe
O4 - HKLM\..\Run: [System] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\Run: [Explorer32] C:\WINDOWS\System32\explorer6s4.exe
O4 - HKLM\..\Run: [polo.exe] polo.exe
O4 - HKLM\..\Run: [polo.exe] polo.exe
O4 - HKLM\..\RunServices: [Windows Update 32] winlogons.exe
O4 - HKLM\..\RunServices: [SystemTools] C:\WINDOWS\System32\kernels32.exe
O4 - HKLM\..\RunServices: [Explorer64] C:\WINDOWS\System32\explorer6s4.exe
O4 - HKLM\..\RunOnce: [Windows Update 32] winlogons.exe
O4 - HKCU\..\Run: [McAfee.InstantUpdate.Monitor] "C:\Programmer\McAfee\McAfee Shared Components\Instant Updater\RuLaunch.exe" /STARTMONITOR
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Windows Update 32] winlogons.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - HKCU\..\Run: [SNInstall] C:\WINDOWS\System32\vxh8jkdq2.exe
O4 - HKCU\..\Run: [aupd] C:\WINDOWS\System32\symcsvc.exe
O4 - HKCU\..\RunOnce: [Windows Update 32] winlogons.exe
O4 - Startup: SpywareGuard.lnk = C:\Programmer\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\KEM.exe
O8 - Extra context menu item: Download alle med Net Transport - C:\Programmer\Xi\NetTransport 2\NTAddList.html
O8 - Extra context menu item: Download med Net Transport - C:\Programmer\Xi\NetTransport 2\NTAddLink.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: PopupPopper Kontrol Panel - {3E94F358-9537-4BBA-8D12-D7F8A0136973} - C:\Programmer\PopupPopper\SiteList.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 67.19.178.84
O15 - Trusted IP range: 67.19.178.84 (HKLM)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O21 - SSODL: System - {8EC18CA5-A22C-4C19-91A7-4D0B1AB16A91} - vr_sys.dll (file missing)
O23 - Service: Adobe LM Service - Unknown owner - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: McAfee Firewall - Unknown owner - C:\Programmer\McAfee\McAfee Firewall\CPD.EXE" /SERVICE (file missing)
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Programmer\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe