HiJackThis log
HejJeg sidder ved en computer, hvor der ligger en toolbar i IE fra mysearchbar.com, og jeg kan simpelthen ikke få den væk... Nogen der kan hjælpe?!?
HiJackThis loggen ser således ud:
Logfile of HijackThis v1.97.7
Scan saved at 16:16:13, on 01-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\Programmer\VeriSign\NAVI\naviagent.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\00THotkey.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\TOSHIBA\TOSHIBA-programmer\TFncKy.exe
C:\Programmer\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Programmer\Apoint2K\Apoint.exe
C:\Programmer\TOSHIBA\TouchED\TouchED.Exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Apoint2K\Apntex.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Bårdur\Skrivebord\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://uczufuuqyrjzughfb.info/N5fmbse0sh7mwhpwNBsQYCV7nWJzdNJdPzXLyzhpedDubvIEJVyunHSXjfLMUV73.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://212.10.10.20/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,Shellnext = http://www.daekxperten.dk/
R3 - URLSearchHook: i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O2 - BHO: i-Nav IDN Resolver - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Programmer\VeriSign\i-Nav\i-nav_4_2_0.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /nodetect /keeploaded
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Programmer\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [TouchED] C:\Programmer\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [System Tray] C:\Documents and Settings\Bårdur\Lokale indstillinger\Temporary Internet Files\Content.IE5\4DEBWL6B\your_details.pif
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] C:\Programmer\Fælles filer\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [System Tray] C:\Documents and Settings\Bårdur\Lokale indstillinger\Temporary Internet Files\Content.IE5\4DEBWL6B\your_details.pif
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\BÅRDUR\LOKALE~1\Temp\MsgPlusUninst.bat"
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: i-Nav Hjælp (HKLM)
O9 - Extra 'Tools' menuitem: i-Nav Hjælp (HKLM)
O9 - Extra 'Tools' menuitem: i-Nav Indstillinger (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab