Er jeg blevet Hijacket??
HejInternet Explorer 6 startsiden er sat til en skummel side, og jeg kan ikke ændre den til noget andet. Jeg tror at den er hijacket, har ihvertfald haft webhancer men vist fået den fjernet.
Computeren er ifølge ad-aware6 clean.
Jeg har følgende log fra Hijackthis:
Logfile of HijackThis v1.97.7
Scan saved at 21:55:45, on 08-03-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
D:\WINDOWS\System\wininet.exe
D:\Programmer\MSN Messenger\MsnMsgr.Exe
D:\Programmer\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
D:\Programmer\Norton AntiVirus\navapsvc.exe
D:\Programmer\Norton AntiVirus\AdvTools\NPROTECT.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\WINDOWS\System32\devldr32.exe
D:\Programmer\Messenger\msmsgs.exe
D:\diverse\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 213.159.117.235 auto.search.msn.com
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ccApp] "D:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "D:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] D:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKCU\..\Run: [System Update] D:\WINDOWS\System\wininet.exe
O4 - HKCU\..\Run: [MsnMsgr] "D:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: 3DO - Might and Magic VII Registration.lnk = D:\Spil\MightMagic7\Register\Remind32.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Acrobat Assistant.lnk = D:\Programmer\Adobe\Acrobat 4.0\Distillr\AcroTray.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {11111111-1111-1111-1111-111111111111} - mhtml:file://C:NXSFT.MHT!http://66.117.38.54:80/iex/ofile.exe?xdat=&url=http://66.117.38.54:80/dexDK534.exe
O16 - DPF: {11111111-1111-1111-1111-111111111123} - ms-its:mhtml:file://C:\ss.MHT!http://209.8.161.56/buka.chm::/hz.exe
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F57D17AE-CE37-4BC8-B232-EA57747BE5E7} - http://66.230.146.53/EPlugin.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{289DC536-BEB3-4F23-A28F-D05F429E2032}: NameServer = 193.162.153.164 194.239.134.83
O18 - Protocol hijack: about - {53B95211-7D77-11D2-9F80-00104B107C96}
Er der nogen der kan se om jeg har problemer?
Cone
