Tjek venligst min log fil fra Hijack this.
Logfile of HijackThis v1.97.7Scan saved at 15:35:27, on 24-08-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\CTsvcCDA.exe
C:\WINNT\System32\svchost.exe
C:\Programmer\VeriSign\NAVI\naviagent.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\tcpsvcs.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Programmer\RealVNC\WinVNC\WinVNC.exe
C:\WINNT\System32\MsPMSPSv.exe
C:\WINNT\system32\svchost.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
C:\WINNT\system32\lsassx.exe
C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINNT\system32\lsassx.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\wuauclt.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\WINNT\explorer.exe
C:\Hijack this\hjt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.dk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.helgolandwindsurfers.dk/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.dk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.dk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.dk
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.dk
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: VeriSign Inc. i-Nav IDN SearchHook - {CE000994-A58C-4441-8938-744CD72AB27F} - C:\Programmer\VeriSign\i-Nav\i-nav_4_1_4.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {CE000992-A58C-4441-8938-744CD72AB27F} - C:\Programmer\VeriSign\i-Nav\i-nav_4_1_4.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O4 - HKLM\..\Run: [WinVNC] "C:\Programmer\RealVNC\WinVNC\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINNT\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [Symantec Security] symantec32.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [netservices] svchostn.exe
O4 - HKLM\..\Run: [WinHelp] C:\WINNT\system32\WinHelp.exe
O4 - HKLM\..\Run: [Remote Procedure Call Locator] RUNDLL32.EXE reg678.dll ondll_reg
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\Avast4\ashmaisv.exe
O4 - HKLM\..\Run: [DSACD] sbnfggnf.exe
O4 - HKLM\..\Run: [Microsoft Windows GUI] msmonk32.exe
O4 - HKLM\..\Run: [Configuration Loader] ymsgf.exe
O4 - HKLM\..\Run: [Windows Updates] lsassx.exe
O4 - HKLM\..\Run: [Configuration Loaded] lssas.exe
O4 - HKLM\..\Run: [Yahoo2000] C:\WINNT\system32\hell\Anti.exe
O4 - HKLM\..\Run: [desktop] C:\WINNT\system32\desktop.exe
O4 - HKLM\..\RunServices: [Symantec Security] symantec32.exe
O4 - HKLM\..\RunServices: [CRSS] C:\WINNT\system32\lssas.exe
O4 - HKLM\..\RunServices: [Windows User Starter] winuser32.exe
O4 - HKLM\..\RunServices: [Microsoft Windows GUI] msmonk32.exe
O4 - HKLM\..\RunServices: [Configuration Loader] ymsgf.exe
O4 - HKLM\..\RunServices: [Windows Updates] lsassx.exe
O4 - HKLM\..\RunServices: [Configuration Loaded] lssas.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - HKCU\..\Run: [Symantec Security] symantec32.exe
O4 - HKCU\..\Run: [Windows User Starter] winuser32.exe
O4 - HKCU\..\Run: [Windows Updates] lsassx.exe
O9 - Extra button: i-Nav Hjælp (HKLM)
O9 - Extra 'Tools' menuitem: i-Nav Hjælp (HKLM)
O9 - Extra 'Tools' menuitem: i-Nav Indstillinger (HKLM)
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) - http://shopping.jubii.dk/foto/components/photoupload.ocx
O16 - DPF: {7AEBACC1-D7E4-4360-B520-6DA4C565B42C} (UploaderCtrl Class) - http://foto.tdconline.dk/upload-classes/Uploader.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.installengine.com/engine/isetup.cab
O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exe
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
