hijackthis log.

[busen]

ursäkta att det har tagit tid att skicka en ny log fil efter att jag hade tagit bort vissa filer men här kLogfile of HijackThis v1.99.0

Scan saved at 17:42:09, on 2004-12-27

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program\Logitech\iTouch\iTouch.exe

C:\Program\QuickTime\qttask.exe

C:\NORMAN\Nvc\BIN\ZLH.EXE

C:\Program\Ahead\InCD\InCD.exe

C:\Program\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE

C:\ATI-CPanel\atiptaxx.exe

C:\Program\Spyware Doctor\swdoctor.exe

C:\Program\Webroot\Spy Sweeper\SpySweeper.exe

C:\Program\MSN Messenger\MsnMsgr.Exe

C:\Program\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

C:\Program\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Program\Logitech\MouseWare\system\em_exec.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\GIANT Company Software\GIANT AntiSpyware\gcasDtServ.exe

C:\WINDOWS\System32\CTsvcCDA.exe

C:\Program\Ahead\InCD\InCDsrv.exe

C:\Program\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\NORMAN\Nvc\BIN\NPFSVICE.EXE

C:\Norman\NVC\BIN\Zanda.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\NORMAN\Nvc\BIN\NYMSE.EXE

C:\NORMAN\Nvc\BIN\NIP.EXE

C:\NORMAN\Nvc\BIN\npfmsg2.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\HPZipm12.exe

C:\Program\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

C:\NORMAN\Nvc\BIN\nvcoas.exe

C:\NORMAN\Nvc\BIN\cclaw.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program\Internet Explorer\iexplore.exe

C:\PROGRAM\WINZIP\winzip32.exe

C:\Documents and Settings\Jonas Gunnarsson\Lokala inställningar\Temp\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se'>http://www.google.se

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.se

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [MMTray] C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe

O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [TrojanScanner] C:\Program\Trojan Remover\Trjscan.exe

O4 - HKLM\..\Run: [sBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe

O4 - HKLM\..\Run: [inCD] C:\Program\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [gcasServ] "C:\Program\GIANT Company Software\GIANT AntiSpyware\gcasServ.exe"

O4 - HKLM\..\Run: [ElbyCheckAnyDVD] "C:\Program\DVD\Anydvd\ElbyCheck.exe" /L AnyDVD

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [CTDVDDet] C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE

O4 - HKLM\..\Run: [CloneDVDElbyDelay] "C:\Program\DVD\CLONE DVD\CloneDVD\ElbyCheck.exe" /L ElbyDelay

O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe

O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL

O4 - HKCU\..\Run: [spyware Doctor] "C:\Program\Spyware Doctor\swdoctor.exe" /Q

O4 - HKCU\..\Run: [spySweeper] "C:\Program\Webroot\Spy Sweeper\SpySweeper.exe" /0

O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: hp psc 2000 Series.lnk = C:\Program\Hewlett-Packard\Digital Imaging\bin\hpobnz08.exe

O4 - Global Startup: hpoddt01.exe.lnk = ?

O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program\InterVideo\Common\Bin\WinCinemaMgr.exe

O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Google Search - res://c:\program\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: Similar Pages - res://c:\program\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program\google\GoogleToolbar1.dll/cmtrans.html

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab30149.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1095361377296

O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com/data/sv/big/1.1.62-big/GoogleNav.cab

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab30149.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{03812725-674D-4667-8770-ADC08B1BF8C4}: NameServer = 81.216.65.11,81.216.65.12

O17 - HKLM\System\CS1\Services\Tcpip\..\{03812725-674D-4667-8770-ADC08B1BF8C4}: NameServer = 81.216.65.11,81.216.65.12

O17 - HKLM\System\CS2\Services\Tcpip\..\{03812725-674D-4667-8770-ADC08B1BF8C4}: NameServer = 81.216.65.11,81.216.65.12

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: InCD File System Service - AHEAD Software - C:\Program\Ahead\InCD\InCDsrv.exe

O23 - Service: Norman API-hooking helper - Unknown - C:\NORMAN\Nvc\BIN\nipsvc.exe

O23 - Service: Norman NJeeves - Unknown - C:\NORMAN\Nvc\BIN\NJEEVES.EXE

O23 - Service: Norman Type-R - Unknown - C:\NORMAN\Nvc\BIN\NPFSVICE.EXE

O23 - Service: Norman ZANDA - Unknown - C:\Norman\NVC\BIN\Zanda.exe

O23 - Service: Norman Virus Control on-access component - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe

 

ommer den .

 

[Zipp.]

 

I mina ögon är den ren.