Hej. Kan jeg lige få checket min log, tak? Jeg er godt og grundig træt af de adware-ting..! [:(!]:)
Logfile of HijackThis v1.97.7
Scan saved at 10:50:54 PM, on 4/4/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/SYSTEM32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/Programmer/Fælles filer/Symantec Shared/ccSetMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/WINDOWS/Explorer.EXE
C:/WINDOWS/system32/spoolsv.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton AntiVirus/AdvTools/NPROTECT.EXE
C:/WINDOWS/System32/nvsvc32.exe
C:/WINDOWS/System32/svchost.exe
C:/Programmer/Fælles filer/Symantec Shared/CCPD-LC/symlcsvc.exe
C:/Programmer/Norton AntiVirus/SAVScan.exe
C:/Programmer/Winamp3/winampa.exe
C:/Programmer/Fælles filer/Real/Update_OB/realsched.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/WINDOWS/System32/rundll32.exe
C:/Programmer/QuickTime/qttask.exe
C:/spil/D-Tools/daemon.exe
C:/Programmer/STOPzilla!/Stopzilla.exe
C:/WINDOWS/System32/ctfmon.exe
C:/WINDOWS/System32/RUNDLL32.EXE
C:/Programmer/PocketCam 3Mega/ICON.EXE
C:/WINDOWS/System32/@tKeysH@@kH.exe
C:/WINDOWS/System32/bnetlibd.exe
C:/WINDOWS/System32/srfaxau.exe
C:/WINDOWS/System32/32tmw.exe
C:/Programmer/Internet Explorer/iexplore.exe
C:/Documents and Settings/Michael jespersen/Dokumenter/HijackThis.exe
C:/Programmer/Messenger/msmsgs.exe
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = about:blank
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.kolding-gym.dk/
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Default_Page_URL = about:blank
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Default_Search_URL = about:blank
R1 - HKCU/Software/Microsoft/Internet Explorer/Search,SearchAssistant = about:blank
R1 - HKCU/Software/Microsoft/Internet Explorer/Search,CustomizeSearch = about:blank
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Search Bar = http://server224.smartbotpro.net/7search/?hklm
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Default_Search_URL = about:blank
R0 - HKLM/Software/Microsoft/Internet Explorer/Search,CustomizeSearch = about:blank
R0 - HKLM/Software/Microsoft/Internet Explorer/Search,SearchAssistant = about:blank
R1 - HKCU/Software/Microsoft/Windows/CurrentVersion/Internet Settings,AutoConfigURL = http://signon.stofanet.dk/proxy.pac
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page_bak = http://in.webcounter.cc/-/?ydtfs about:blank (obfuscated)
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,HomeOldSP = http://www.search-2003.com/
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
R1 - HKCU/Software/Microsoft/Internet Explorer,Search = http://in.webcounter.cc/—/?ydtfs (obfuscated)
R1 - HKLM/Software/Microsoft/Internet Explorer,Search = http://in.webcounter.cc/—/?ydtfs (obfuscated)
R3 - URLSearchHook: IncrediFindBHO Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:/PROGRA~1/INCRED~1/BHO/INCFIN~1.DLL
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 5.0/Reader/ActiveX/AcroIEHelper.ocx
O2 - BHO: NavErrRedir Class - {5D60FF48-95BE-4956-B4C6-6BB168A70310} - C:/PROGRA~1/INCRED~1/BHO/INCFIN~1.DLL
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O2 - BHO: (no name) - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:/WINDOWS/System32/StopzillaBHO.dll
O2 - BHO: (no name) - {FBED6A02-71FB-11D8-86B0-0002441A9695} - C:/WINDOWS/5_0_1browserhelper5.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [KernelFaultCheck] %systemroot%/system32/dumprep 0 -k
O4 - HKLM/../Run: [WinampAgent] “C:/Programmer/Winamp3/winampa.exe”
O4 - HKLM/../Run: [TkBellExe] “C:/Programmer/Fælles filer/Real/Update_OB/realsched.exe” -osboot
O4 - HKLM/../Run: [Lwinst Run Profiler] ./Lwtest.exe /detect /quiet /launch “./Lwpevntm.exe”
O4 - HKLM/../Run: [NvCplDaemon] RUNDLL32.EXE C:/WINDOWS/System32/NvCpl.dll,NvStartup
O4 - HKLM/../Run: [nwiz] nwiz.exe /install
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [Advanced Tools Check] C:/PROGRA~1/NORTON~1/AdvTools/ADVCHK.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/System32//NeroCheck.exe
O4 - HKLM/../Run: [DAEMON Tools-1033] “C:/spil/D-Tools/daemon.exe” -lang 1033
O4 - HKLM/../Run: [Soundmx] C:/WINDOWS/System32/soundmx.exe
O4 - HKLM/../Run: [alchem] C:/WINDOWS/alchem.exe
O4 - HKLM/../Run: [STOPzilla] C:/Programmer/STOPzilla!/Stopzilla.exe /autorun
O4 - HKLM/../Run: [@tKeysH@@kH] C:/WINDOWS/System32/@tKeysH@@kH.exe
O4 - HKLM/../Run: [32tmw] C:/WINDOWS/System32/32tmw.exe
O4 - HKLM/../Run: [srfaxau] C:/WINDOWS/System32/srfaxau.exe
O4 - HKLM/../Run: [bnetlibd] C:/WINDOWS/System32/bnetlibd.exe
O4 - HKCU/../Run: [CTFMON.EXE] C:/WINDOWS/System32/ctfmon.exe
O4 - HKCU/../Run: [NvMediaCenter] RUNDLL32.EXE C:/WINDOWS/System32/NVMCTRAY.DLL,NvTaskbarInit
O4 - HKLM/../RunOnce: [SpyBotSnD] “C:/Programmer/Spybot - Search & Destroy/SpybotSD.exe” /autocheck
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: PocketCam 3Mega Monitor.lnk = ?
O4 - Global Startup: updater.lnk = C:/Programmer/Common files/updater/wupdater.exe
O8 - Extra context menu item: E&xport; to Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O9 - Extra ‘Tools’ menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra ‘Tools’ menuitem: Show &Related; Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra ‘Tools’ menuitem: Messenger (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} (MiniBugTransporterX Class) - http://download.weatherbug.com/minibug/tricklers/AWS/MiniBugTransporter.cab?
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab
O16 - DPF: {486E48B5-ABF2-42BB-A327-2679DF3FB822} - http://akamai.downloadv3.com/binaries/IA/ia_XP.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37966.5751157407
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) - https://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
På forhånd tak.
