jeg vil høre om der er noget mystik på flg. hijakc rapport

ja spørgemåles title siger vel det hele
--------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 16:28:59, on 29-12-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\LXSUPMON.EXE
C:\Programmer\1st Security Agent\newadmin.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
G:\Programmer\Gaim\gaim.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
F:\Programmer\Mozilla Fireforx\firefox.exe
G:\prg\Microsoft AntiSpyware\gcasDtServ.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmer\Apache Group\Apache\Apache.exe
C:\Programmer\Apache Group\Apache\Apache.exe
F:\Programmer\AnalogX\MaxMem\maxmem.exe
C:\PROGRA~1\SONYER~1\MOBILE~1\DbgOut.exe
C:\WINDOWS\System32\svchost.exe
G:\hijack\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dyndns.dk/start.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dyndns.dk/start.php
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 127.0.0.1:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [Cyberp1] :F:\Programmer\Cyberprinter\CyPMon.exe 1
O4 - HKLM\..\Run: [00saskda] "C:\Programmer\1st Security Agent\newadmin.exe" saskda
O4 - HKLM\..\Run: [gcasServ] "G:\prg\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - Startup: Ubisoft register.lnk = C:\Programmer\Ubisoft\Register\schedule.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars\Restrictions present
O8 - Extra context menu item: &Download with DownloadPlus! - G:\znap\Download Plus VBsource\downloadplus.htm
O8 - Extra context menu item: Get It With Kontiki - res://C:\Programmer\Kontiki\bin\bh309190.dll/201
O8 - Extra context menu item: validate_w3clinks - file://C:\dw\validate_w3clinks\doc\validate_w3clinks.htm
O8 - Extra context menu item: Wayback Versions... - file://C:\dw\wayback_versions\doc\wayback_versions.htm
O8 - Extra context menu item: webpoll - file://C:\dw\webpoll_plugin\doc\webpoll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - F:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O15 - Trusted Zone: http://www.si.1go.dk
O15 - Trusted Zone: http://*.a4esl.org
O15 - Trusted Zone: http://*.alessandro.it
O15 - Trusted Zone: http://www.billedjournalist.dk
O15 - Trusted Zone: www.bob.dk
O15 - Trusted Zone: http://www.bordergatewayprotocol.net
O15 - Trusted Zone: http://dsel.brisling.net
O15 - Trusted Zone: http://www.codenamevice.co.uk
O15 - Trusted Zone: http://www.dabbolig.dk
O15 - Trusted Zone: http://cisco.datamek.dk
O15 - Trusted Zone: http://web.datamek.dk
O15 - Trusted Zone: http://msn-messenger.descargas-p2p.com
O15 - Trusted Zone: http://www.dril.dk
O15 - Trusted Zone: http://www.dsel.dk
O15 - Trusted Zone: http://mirrored.flabber.nl
O15 - Trusted Zone: http://www.flabber.nl
O15 - Trusted Zone: http://www.frac.dk
O15 - Trusted Zone: http://*.frac.dk
O15 - Trusted Zone: http://www.frborg-gymhf.dk
O15 - Trusted Zone: http://www.free2read.com
O15 - Trusted Zone: http://www.garfield.com
O15 - Trusted Zone: http://www.goodnites.com
O15 - Trusted Zone: gmail.google.dk
O15 - Trusted Zone: http://www.google.dk
O15 - Trusted Zone: http://www.handytel.com
O15 - Trusted Zone: http://kom.jubii.dk
O15 - Trusted Zone: http://www.krak.dk
O15 - Trusted Zone: http://www.l1h.net
O15 - Trusted Zone: http://www.marco.it
O15 - Trusted Zone: http://www.mosquitoweb.nl
O15 - Trusted Zone: http://www.mrtones.com
O15 - Trusted Zone: http://www.nerd-star.com
O15 - Trusted Zone: http://cisco.netacad.net
O15 - Trusted Zone: http://www.news24houston.com
O15 - Trusted Zone: http://www.ots.dk
O15 - Trusted Zone: http://www.planet-source-code.com
O15 - Trusted Zone: http://www.post-center.dk
O15 - Trusted Zone: http://www.quakenet.org
O15 - Trusted Zone: http://www.rlt.dk
O15 - Trusted Zone: http://www.rockstargames.com
O15 - Trusted Zone: http://www.skivets.dk
O15 - Trusted Zone: http://server1.cof.smhost.net
O15 - Trusted Zone: http://*.sophusn.dk
O15 - Trusted Zone: http://www.spywarefri.dk
O15 - Trusted Zone: http://www.terkeliknibe.dk
O15 - Trusted Zone: http://www2001168.thinkquest.dk
O15 - Trusted Zone: http://www.thomasc.tk
O15 - Trusted Zone: http://*.travlang.com
O15 - Trusted Zone: http://www.try2hack.nl
O15 - Trusted Zone: http://www.tsw.dk
O15 - Trusted Zone: http://www.tvdanmark.dk
O15 - Trusted Zone: http://www.tweakup.dk
O15 - Trusted Zone: http://www.udvikleren.dk
O15 - Trusted Zone: *.www.dr.dk
O15 - Trusted Zone: www.dr.dk" target="_blank">http://*.www.dr.dk
O15 - Trusted IP range: http://130.228.229.67
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: InterBase Server (InterBaseServer) - Unknown owner - F:\Programmer\Menesk\APAL\fb\bin\ibserver.exe (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: MySql - Unknown owner - C:/mysql/bin/mysqld-nt.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pcounter Data Server (PcounterData) - A.N.D. Technologies - C:\WINDOWS\System32\PCNTDATA.EXE
O23 - Service: Pcounter Printer Control (PcounterPrint) - A.N.D. Technologies - C:\WINDOWS\System32\PCOUNTER.EXE
O23 - Service: PGPsdkService (PGPsdkServ) - PGP Corporation - C:\WINDOWS\System32\PGPsdkServ.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: ScriptBasic httpd server 1.0 (sbhttpd) - Unknown owner - g:\prgproj\objectbasic\objectbasic\compilers\scriptbasic\bin\sbhttpd.exe

-Thomas