Her er logfilen så!
Logfile of HijackThis v1.97.7
Scan saved at 11:27:15, on 20-12-2003
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\SYSTEM32\DNTUS26.EXE
C:\WINNT\System32\svchost.exe
C:\winnt\system32\mui\dispspec\bin\svchost.exe
c:\winnt\system32\mui\dispspec\bin\ntsys.exe
C:\WINNT\system32\nvsvc32.exe
C:\WINNT\System32\netsrv.exe
c:\winnt\system32\dllcache\bin\lsass.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\winnt\system32\mui\dispspec\bin\svchost.exe
C:\WINNT\system32\usrinit.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe
C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE
C:\WINNT\system32\RUNDLL32.EXE
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\c21\Connect21.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\Hijack This\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://mysearchnow.com/searchbar.htmlR1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://mysearchnow.com/searchbar.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.signon.stofanet.dk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://mysearchnow.com/searchbar.htmlR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://mysearchnow.com/searchbar.htmlR0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://mysearchnow.com/searchbar.htmlR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {151aa2db-0a69-4b2d-942c-33e31dfc8d1a} - C:\DOCUME~1\ADMINI~1\APPLIC~1\glqouchzeeth.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: yllbichqumo - {2781310c-b5cc-4648-9e8f-99a3b3a81c24} - C:\DOCUME~1\ADMINI~1\APPLIC~1\glqouchzeeth.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\System32\spool\drivers\w32x86\3\hpztsb03.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 3.7\THGuard.exe"
O4 - HKLM\..\Run: [CreateCD] C:\PROGRA~1\Adaptec\EASYCD~1\CreateCD\CreateCD.exe -r
O4 - HKCU\..\Run: [WeatherWatcher] C:\PROGRA~1\WEATHE~1\ww.exe
O4 - HKCU\..\Run: [PopUpStopperFreeEdition] "C:\PROGRA~1\PANICW~1\POP-UP~1\PSFREE.EXE"
O4 - HKCU\..\Run: [MessengerPlus2] "C:\Programmer\Messenger Plus! 2\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\system32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Connect21.lnk = C:\Programmer\c21\Connect21.exe
O4 - Startup: DLHelperEXE.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://imgfarm.com/images/nocache/funwebproducts/SmileyCentralInitialSetup1.0.0.6.cabO16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cabO16 - DPF: {6BB594E2-6E4D-4CC9-98B0-931C323F9165} (DepHlp Control) -
http://mirror.worldwinner.com/games/shared/dephlp.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2003120501/housecall.antivirus.com/housecall/xscan53.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37662.4747685185O16 - DPF: {AC2881FD-5760-46DB-83AE-20A5C6432A7E} (SwapIt Control) -
http://mirror.worldwinner.com/games/v49/swapit/swapit.cabO16 - DPF: {AED98630-0251-4E83-917D-43A23D66D507} (WebHandler Class) -
http://activex.microgaming.com/DLhelper/version7/dlhelper.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) -
https://register3.valueactive.com/322/webolr/OCX/FlashAX.cabO16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) -
https://netbank.danskebank.dk/html/activex/danskesikker/DB/DanskeSikker.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{9A3183DF-E4DB-4E2A-840F-5CE26E2740A5}: NameServer = 212.10.10.4,212.10.10.5
O17 - HKLM\System\CCS\Services\Tcpip\..\{E352CEF8-98A7-4C88-B337-A3F950F194AC}: NameServer = 212.10.10.4,212.10.10.5