her kommer min HijackThis-log til aovergaard:
Logfile of HijackThis v1.96.1
Scan saved at 20:20:39, on 20-08-2003
Platform: Windows 2000 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Programmer\Network Associates\VirusScan\avsynmgr.exe
C:\WINNT\System32\svchost.exe
c:\jetsuite\jsdaemon.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\System32\ZipToA.exe
C:\Programmer\Network Associates\VirusScan\VsStat.exe
C:\Programmer\Network Associates\VirusScan\Vshwin32.exe
C:\Programmer\Network Associates\VirusScan\Avconsol.exe
C:\WINNT\Explorer.exe
C:\Programmer\Fælles filer\Network Associates\McShield\mcshield.exe
C:\WINNT\loadqm.exe
C:\Programmer\Iomega\DriveIcons\ImgIcon.exe
C:\PROGRA~1\Logitech\iTouch\iTouch.exe
C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
C:\Programmer\Fælles filer\Logitech\QCDriver\LVCOMS.EXE
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\WINNT\System32\internat.exe
C:\Programmer\Messenger\msmsgs.exe
C:\jetsuite\JETSTAT.EXE
C:\Programmer\Fælles filer\efax\dllcmd32.exe
C:\PROGRA~1\Logitech\iTouch\kbdtray.exe
C:\Programmer\Sony Ericsson\Mobile\audevicemgr.exe
C:\Programmer\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CONNMN~1.EXE
c:\jetsuite\JSFMAN.EXE
c:\PROGRA~1\INTUWA~1\Shared\MROUTE~1\mRouterRuntime.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\CapMan.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\ElogErr.exe
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\BROADC~1.EXE
C:\PROGRA~1\SONYER~1\Mobile\CONNEC~1\SCRFS.exe
C:\PROGRA~1\SONYER~1\Mobile\MOBILE~1\EPMWOR~1.EXE
C:\WINNT\system32\msiexec.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\ZONEAL~1.EXE
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\GuildFTPd\GuildFTPd.exe
C:\WINNT\hh.exe
C:\Documents and Settings\Maybritt\Skrivebord\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://216.65.101.250/sbms/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 216.65.3.76 auto.search.msn.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Programmer\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Programmer\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\PROGRA~1\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LVCOMS] C:\Programmer\Fælles filer\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DXM6Patch_981116] C:\WINNT\p_981116.exe /Q:A
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - Global Startup: HP LaserJet 3150 Status.lnk = C:\jetsuite\JETSTAT.EXE
O4 - Global Startup: Live Menu.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Phone Connection Monitor.lnk = C:\Programmer\Sony Ericsson\Mobile\audevicemgr.exe
O4 - Global Startup: Reality Fusion GameCam SE.lnk = C:\Programmer\Reality Fusion\Reality Fusion GameCam SE\Program\RFTRay.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Programmer\Zone Labs\ZoneAlarm\zonealarm.exe
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O13 - DefaultPrefix:
http://www.pixpox.com/cgi-bin/click.pl?url=O14 - IERESET.INF: START_PAGE_URL=http://www.msn.dk
O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.dk
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/ProductUpdates/content/opuc.cabO16 - DPF: {5B27C20D-FFB6-4054-BA78-DE4A059BC75A} (Microsoft Office Template Downloader) -
http://office.microsoft.com/danmark/templateGallery/msotd.cabO16 - DPF: {75D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin.SecureControl) -
http://secure2.comned.com/signuptemplates/ActiveSecurity.cabO16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN Chat Control 4.2) -
http://fdl.msn.com/public/chat/msnchat42.cabO16 - DPF: {906B2DD5-A85F-11D5-B841-00D009D64870} (FujiKlient.UserControl1) -
http://fj_nt4/fujiweb/FujiKlient.CABO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37431.6286111111O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -
http://dload.ipbill.com/del/loader.cabO16 - DPF: {C7B05B62-C8D7-438C-840B-4994DAAA8EEE} -
http://webpdp.gator.com/v3/download/pdpplugin5094_hd3ptdmgainads.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {DF6A0F17-0B1E-11D4-829D-00C04F6843FE} (Microsoft Office Tools on the Web Control) -
http://officeupdate.microsoft.com/TemplateGallery/downloads/outc.cabO16 - DPF: {E87A6788-1D0F-4444-8898-1D25829B6755} -
http://fdl.msn.com/public/chat/msnchat4.cabO16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) -
https://netbank.danskebank.dk/netbank/activex/DanskeSikker.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{036EAC26-6EA0-4C4B-A843-A7DB2546B344}: NameServer = 10.1.0.60,193.162.159.194,193.162.145.130
O17 - HKLM\System\CS1\Services\Tcpip\..\{036EAC26-6EA0-4C4B-A843-A7DB2546B344}: NameServer = 10.1.0.60,193.162.159.194,193.162.145.130
O17 - HKLM\System\CS2\Services\Tcpip\..\{036EAC26-6EA0-4C4B-A843-A7DB2546B344}: NameServer = 10.1.0.60,193.162.159.194,193.162.145.130