Spyware i logfil !
Hej eksperterEfter at have kørt et halvt år uden de store forstyrrelser har jeg fået spyware ind , formoder jeg. Jeg kan se at min logfil indeholder langt mere end tidligere så noget af det er sandsynligvis skidt. Kan I hjælpe med at rense min PC ?
Logfile of HijackThis v1.98.2
Scan saved at 12:00:42, on 20-09-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\ZoneLabs\vsmon.exe
H:\WINDOWS\system32\wscntfy.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\SOUNDMAN.EXE
H:\Programmer\Real\RealPlayer\RealPlay.exe
H:\Programmer\QuickTime\qttask.exe
H:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
H:\Programmer\iTunes\iTunesHelper.exe
H:\Programmer\ICQLite\ICQLite.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Programmer\Yahoo!\Messenger\ypager.exe
H:\Programmer\iPod\bin\iPodService.exe
H:\Programmer\Internet Explorer\iexplore.exe
H:\Programmer\hijackthis.exe
H:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customize/ie/defaults/sb/ymsgr6/*http://www.yahoo.com/ext/search/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customize/ie/defaults/sp/ymsgr6/*http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ie/defaults/su/ymsgr6/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: UberButton Class - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Programmer\Yahoo!\Common\yiesrvc.dll
O2 - BHO: YahooTaggedBM Class - {65D886A2-7CA7-479B-BB95-14D1EFB7946A} - H:\Programmer\Yahoo!\Common\YIeTagBm.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Programmer\Yahoo!\Companion\Installs\cpn2\yt.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [RealTray] H:\Programmer\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [QuickTime Task] "H:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Zone Labs Client] "H:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] H:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] H:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [ICQ Lite] H:\Programmer\ICQLite\ICQLite.exe -minimize
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] H:\Programmer\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU\..\Run: [NBJ] "H:\Programmer\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\RunOnce: [ICQ Lite] H:\Programmer\ICQLite\ICQLite.exe -trayboot
O4 - Startup: Registration-Studio 8.lnk = H:\Programmer\Pinnacle\Studio 8\Register\RegTool.exe
O8 - Extra context menu item: &Yahoo! Search - file:///H:\Programmer\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///H:\Programmer\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///H:\Programmer\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///H:\Programmer\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - H:\Programmer\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programmer\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Programmer\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .spop: H:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - H:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
enco
