Hijackthis log
HejEr der nogle der kan hjælp med råd til denne log?
Logfile of HijackThis v1.99.1
Scan saved at 21:27:51, on 31-01-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Norton SystemWorks\Norton Ghost\GhostStartService.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\securitysuite.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Software\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.findthewebsiteyouneed.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.tdconline.dk/start
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {EA0D26BD-9029-431A-86E0-83152D67828A} - (no file)
O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Programmer\TheSearchAccelerator\UCMTSAIE.dll (file missing)
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [winsysupd] c:\windows\winsysupd4.exe
O4 - HKLM\..\Run: [myupdates] c:\windows\myupdates.exe
O4 - HKLM\..\RunServices: [Microsoft Update] asn.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Windows Taskmanager Data] csrrss.exe
O4 - HKCU\..\Run: [Windows pad] qpad.exe
O4 - HKCU\..\Run: [mrfo] C:\PROGRA~1\FLLESF~1\mrfo\mrfom.exe
O4 - HKCU\..\Run: [WinFixer 2005] C:\Programmer\WinFixer 2005\uwfx5.exe /scan
O4 - HKCU\..\Run: [WinFixer2005] "C:\Programmer\WinFixer 2005\uwfx5.exe" /min
O4 - HKCU\..\Run: [Microsoft Spng] stfnplug.exe
O4 - HKCU\..\RunServices: [Windows pad] qpad.exe
O4 - HKCU\..\RunServices: [Microsoft Spng] stfnplug.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Expekt.com Poker - {3852AC86-965F-4abe-A75F-3DCB7E81A4B2} - C:\Programmer\expektMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.tdconline.dk/start
O15 - Trusted Zone: *.elitemediagroup.net
O15 - Trusted Zone: *.media-motor.net
O15 - Trusted Zone: *.popuppers.com
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?6147574641778
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\YnJ1Z2Vy\command.exe (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: GhostStartService - Symantec Corporation - C:\Programmer\Norton SystemWorks\Norton Ghost\GhostStartService.exe
O23 - Service: mansorr here (mans0r) - Unknown owner - C:\WINDOWS\finderd.exe (file missing)
O23 - Service: cyberz mansor (mansor) - Unknown owner - C:\WINDOWS\mansor.exe (file missing)
O23 - Service: msinit (Microsoft Scheduling Agent) - Unknown owner - C:\WINDOWS\msinit.exe (file missing)
O23 - Service: Network Monitor - Unknown owner - C:\Programmer\Network Monitor\netmon.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Programmer\Norton SystemWorks\Norton Utilities\NPROTECT.EXE
O23 - Service: SmartLinkService (SLService) - Unknown owner - slserv.exe (file missing)
O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\SPEEDD~1\nopdb.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
