Her er den så, har godt nok haft nogle problemer de sidste to måneder, med pop-ups og det er de samme 5-6 sider(danske) som bliver ved med at komme8(
Logfile of HijackThis v1.97.7
Scan saved at 00:29:31, on 19-07-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\System32\RUNDLL32.EXE
G:\WINDOWS\SOUNDMAN.EXE
G:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
G:\Programmer\Microsoft IntelliPoint\point32.exe
G:\Programmer\NavNT\vptray.exe
G:\Programmer\Logitech\Profiler\lwemon.exe
G:\Programmer\Spamihilator\spamihilator.exe
G:\Programmer\NavNT\defwatch.exe
G:\WINDOWS\System32\DVDRAMSV.exe
G:\WINDOWS\system32\cba\pds.exe
G:\Programmer\NavNT\rtvscan.exe
G:\WINDOWS\System32\nvsvc32.exe
G:\WINDOWS\system32\cba\xfr.exe
G:\WINDOWS\system32\MsgSys.EXE
G:\Programmer\Internet Explorer\IEXPLORE.EXE
D:\Temp\hjt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.jubii.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - G:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: (no name) - {ACB1E670-3217-45C4-A021-6B829A8A27CB} - (no file)
O4 - HKLM\..\Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE G:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE G:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] G:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [TkBellExe] "G:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "G:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "G:\Programmer\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [IntelliPoint] "G:\Programmer\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [MsgApi] G:\WINDOWS\System32\csmss.exe
O4 - HKLM\..\Run: [PopUp Stopper] NO POP.EXE
O4 - HKLM\..\Run: [vptray] G:\Programmer\NavNT\vptray.exe
O4 - HKCU\..\Run: [Start WingMan Profiler] "G:\Programmer\Logitech\Profiler\lwemon.exe" /noui
O4 - HKCU\..\Run: [Spamihilator] "G:\Programmer\Spamihilator\spamihilator.exe"
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://G:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Opslag (HKLM)
O9 - Extra button: ICQ Lite (HKLM)
O9 - Extra 'Tools' menuitem: ICQ Lite (HKLM)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) -
http://files.ea.com/downloads/rtpatch/v2/EARTPX.cabO16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
http://software-dl.real.com/29d60cd0eb33119de220/netzip/RdxIE601.cabO16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) -
http://shopping.jubii.dk/foto/components/photoupload.ocxO16 - DPF: {5F0C30E4-1E72-4DCC-85E5-57810F1CA97B} (McUpdatePortalFactory Class) -
https://mysupport.nai.com/AmIUpToDate/bin/1,0,0,7/McUpdatePortal.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38074.5578472222O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://scanner.virus112.com/cabs/cssweb.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) -
http://www.123hjemmeside.dk/builder/pages/KvikFoto.cab