Dette er min fætters log. Jeg sidder desværre ikke ved hans computer, så kan ikke ordne problemerne, så hvis I vil være så venlige at forklare hvordan han skal fjerne tingene så præcist som overhovedet muligt, så selv en skindød 90-årig gammel dame kan finde ud af det.
På forhånd tak :)
Logfile of HijackThis v1.97.7
Scan saved at 20:19:06, on 08-09-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINNTSystem32smss.exe
C:WINNTsystem32winlogon.exe
C:WINNTsystem32services.exe
C:WINNTsystem32lsass.exe
C:WINNTsystem32svchost.exe
C:WINNTsystem32spoolsv.exe
C:WINNTSystem32svchost.exe
C:WINNTSystem32
vsvc32.exe
C:WINNTsystem32msmn.exe
C:WINNTsystem32
egsvc.exe
C:WINNTsystem32MSTask.exe
C:ProgrammerTrend MicroPC-cillin 2002Tmntsrv.exe
C:WINNTSystem32WBEMWinMgmt.exe
C:WINNTsystem32svchost.exe
C:ProgrammerTrend MicroPC-cillin 2002PCCPFW.exe
C:WINNTSystem32svchost.exe
C:WINNTExplorer.EXE
C:ProgrammerTrend MicroPC-cillin 2002pccguide.exe
C:ProgrammerTrend MicroPC-cillin 2002PCCClient.exe
C:ProgrammerTrend MicroPC-cillin 2002Pop3trap.exe
C:winntsystem32sncntr.exe
C:ProgrammerFælles filerRealUpdate_OBevntsvc.exe
C:WINNTsystem32P2P NetworkingP2P Networking.exe
C:ProgrammerMessenger Plus! 2MsgPlus.exe
C:WheelMouwh_exec.exe
C:WINNTsysul.exe
C:WINNTsystem32fcrwjxee.exe
C:winntsystem32sp2ctr.exe
C:WINNTsystem32internat.exe
C:ProgrammerWinZipWZQKPICK.EXE
C:ProgrammerMSN Messengermsnmsgr.exe
C:ProgrammerMicrosoft OfficeOfficeFINDFAST.EXE
C:ProgrammerMicrosoft OfficeOfficeOSA.EXE
C:WINNTsystem32wuauclt.exe
C:ProgrammerWindows Media Playerwmplayer.exe
C:ProgrammerMicrosoft OfficeOfficeWINWORD.EXE
C:WINNTsystem32scopedll.exe
C:winntsystem32xwrheuuw.exe
C:ProgrammerInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsNicolai KaasDokumenterModtagne filerHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://www.008i.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
http://ie.search.msn.com[...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = res://C:WINNTsystem32pfgyl.dll/sp.html#37049
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://home.microsoft.com[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchAssistant =
http://www.008i.com[...]
R1 - HKCUSoftwareMicrosoftInternet Explorer,CustomizeSearch =
http://www.008i.com[...]
F1 - win.ini: run=c:winntsystem32scopedll.exe
O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:WINNT waintec.dll
O2 - BHO: (no name) - {2E9CAFF6-30C7-4208-8807-E79D4EC6F806} - C:Program FilesSubmitsubmithook.dll
O2 - BHO: (no name) - {7AA3C3AD-EE12-504D-6535-C7286E210221} - C:WINNTsystem32syssk.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINNTSystem32msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar�1.01.1601.0damsntb.dll
O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [pccguide.exe] "C:ProgrammerTrend MicroPC-cillin 2002pccguide.exe"
O4 - HKLM..Run: [PCCClient.exe] "C:ProgrammerTrend MicroPC-cillin 2002PCCClient.exe"
O4 - HKLM..Run: [Pop3trap.exe] "C:ProgrammerTrend MicroPC-cillin 2002Pop3trap.exe"
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [NeroCheck] C:WINNTsystem32NeroCheck.exe
O4 - HKLM..Run: [WinampAgent] "C:ProgrammerWinamp3winampa.exe"
O4 - HKLM..Run: [sncntr] c:winntsystem32sncntr.exe /nocomm
O4 - HKLM..Run: [TkBellExe] C:ProgrammerFælles filerRealUpdate_OBevntsvc.exe -osboot
O4 - HKLM..Run: [Popup Defence Updater] regsvr32 /s C:WINNTsystem32PDF17a2.dll
O4 - HKLM..Run: [P2P Networking] C:WINNTsystem32P2P NetworkingP2P Networking.exe /AUTOSTART
O4 - HKLM..Run: [MessengerPlus2] "C:ProgrammerMessenger Plus! 2MsgPlus.exe"
O4 - HKLM..Run: [WheelMouse] C:WheelMouwh_exec.exe
O4 - HKLM..Run: [SafeGuard Popup Updater (required)] regsvr32 /s C:WINNTsystem32PDF4123.dll
O4 - HKLM..Run: [sysul.exe] C:WINNTsysul.exe
O4 - HKLM..Run: [gnaxog] C:WINNTsystem32fcrwjxee.exe
O4 - HKLM..Run: [sp2ctr] c:winntsystem32sp2ctr.exe /nocomm
O4 - HKLM..Run: [Scopedll] c:winntsystem32scopedll.exe
O4 - HKLM..Run: [XWRHEUUW] c:winntsystem32xwrheuuw.exe /install
O4 - HKCU..Run: [internat.exe] internat.exe
O4 - HKCU..Run: [MessengerPlus2] "C:ProgrammerMessenger Plus! 2MsgPlus.exe" /WinStart
O4 - HKCU..Run: [Skype] "C:ProgrammerSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [Pribi.exe] C:DOCUME~1ALLUSE~1APPLIC~1PribiPribi.exe
O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background
O4 - HKCU..Run: [Scopedll] c:winntsystem32scopedll.exe
O4 - HKLM..RunOnce: [appij32.exe] C:WINNTsystem32appij32.exe
O4 - Startup: Microsoft Hurtig søgning.lnk = C:ProgrammerMicrosoft OfficeOfficeFINDFAST.EXE
O4 - Startup: Microsoft Office-start.lnk = C:ProgrammerMicrosoft OfficeOfficeOSA.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = C:ProgrammerWinZipWZQKPICK.EXE
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {30000273-8230-4DD4-BE4F-6889D1E74167} -
http://download.abetterinternet.com[...]
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com[...]
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) -
http://appdirectory.messenger.msn.com[...]
O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} (VacPro.internazionale_ver3) -
http://www.advnt01.com[...]
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) -
http://www.installengine.com[...]
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com[...]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com[...]
O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) -
http://81.19.245.211[...]
--
Kast Ikke Med Brændt Barn, Når Du Selv Bor På Den Anden Side Af Åen!