uønskede emails
jeg får emails fra 2 uønskede udgivere af hjemmesider WebProWorld og fra secunia Security AdvisoriesHer er logfilen fra Hijackthis er der en af jer der har forstand på det så vil jeg meget gerne have hjælp med udlusning.
Logfile of HijackThis v1.97.7
Scan saved at 21:08:23, on 13-03-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
E:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\System32\cisvc.exe
d:\Programmer\DefragMentor Premium\DPSV.exe
C:\WINDOWS\System32\gearsec.exe
e:\Programmer\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
e:\Programmer\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE
C:\Programmer\iPod\bin\iPodService.exe
e:\Programmer\Panda Software\Panda Antivirus Titanium\apvxdwin.exe
e:\Programmer\Panda Software\Panda Antivirus Titanium\pavProxy.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\System32\cidaemon.exe
C:\Documents and Settings\Thomas Bang Pedersen\Lokale indstillinger\Temp\Midlertidig mappe 2 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tv2.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - (no file)
O4 - HKLM\..\Run: [Zone Labs Client] E:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Programmer\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpyHunter] E:\programmer\SpyHunter\SpyHunter.exe
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O10 - Unknown file in Winsock LSP: e:\programmer\spamfighter\proxy\proxy.dll
O10 - Unknown file in Winsock LSP: e:\programmer\spamfighter\proxy\proxy.dll
O10 - Unknown file in Winsock LSP: e:\programmer\spamfighter\proxy\proxy.dll
O10 - Unknown file in Winsock LSP: e:\programmer\spamfighter\proxy\proxy.dll
O10 - Unknown file in Winsock LSP: e:\programmer\spamfighter\proxy\proxy.dll
O16 - DPF: Nordea Online investering - https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://host.cycore.net/plugins/windows/ie/Cult3D_IE_5.3.0.228.cab
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) - http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38013.4257175926
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F9408298-9658-482C-8B02-93F09A80225F} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0104.exe
