Logfile of HijackThis v1.99.1
Scan saved at 13:23:04, on 24-02-05
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\NORMAN\NVC\BIN\ZANDA.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\NORMAN\NVC\BIN\CCLAW.EXE
C:\NORMAN\NVC\BIN\NVCSCHED.EXE
C:\NORMAN\NVC\BIN\NJEEVES.EXE
C:\NORMAN\NVC\BIN\NIP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\ATITASK.EXE
C:\WINDOWS\SYSTEM\ATICWD32.EXE
C:\WINDOWS\LOADQM.EXE
C:\NORMAN\NVC\BIN\ZLH.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
D:\LOGITRAY.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\NORMAN\NVC\BIN\NYMSE.EXE
C:\PROGRAMMER\HP\HP SOFTWARE UPDATE\HPWUSCHD.EXE
C:\PROGRAMMER\PC MIGHTYMAX\PCMM.EXE
D:\WCESCOMM.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SKRIVEBORD\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.danbolig.dk/R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.jubii.dkR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAMMER\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 - Toolbar: Jubii - {4E7BD74F-2B8D-469E-DBF7-FD79BED5FA7D} - C:\WINDOWS\DOWNLO~1\JUBII.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Skan registreringsdatabase] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [Job-oversigt] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [Atikey] Atitask.exe
O4 - HKLM\..\Run: [AtiCwd32] Aticwd32.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\ISStart.exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [LogitechVideoTray] D:\LogiTray.exe
O4 - HKLM\..\Run: [LVComs] c:\windows\SYSTEM\LVComS.exe
O4 - HKLM\..\Run: [CriticalUpdate] c:\windows\SYSTEM\wucrtupd.exe -startup
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [HP Software Update] "c:\Programmer\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [PCMMRealtime] C:\PROGRAMMER\PC MIGHTYMAX\pcmm.exe /R
O4 - HKLM\..\RunServices: [Norman ZANDA] C:\NORMAN\NVC\BIN\ZANDA.EXE /LOAD
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [Planlægningsagent] c:\windows\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKCU\..\Run: [H/PC Connection Agent] "D:\WCESCOMM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: &Google Search -
res://C:\PROGRAMMER\GOOGLE\GOOGLETOOLBAR1.DLL/cmsearch.htmlO8 - Extra context menu item: Cached Snapshot of Page -
res://C:\PROGRAMMER\GOOGLE\GOOGLETOOLBAR1.DLL/cmcache.htmlO8 - Extra context menu item: Backward Links -
res://C:\PROGRAMMER\GOOGLE\GOOGLETOOLBAR1.DLL/cmbacklinks.htmlO8 - Extra context menu item: Translate into English -
res://C:\PROGRAMMER\GOOGLE\GOOGLETOOLBAR1.DLL/cmtrans.htmlO9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - D:\INETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\INETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - D:\INETREPL.DLL
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00614BD01001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1401ib100.cabO16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00616BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1600ib100.cabO16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00615BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1500ib100.cabO16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00617BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1700ib100.cabO16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00618BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1800ib100.cabO16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk/ssydbankibp1900ib100.cabO16 - DPF: {7AEBACC1-D7E4-4360-B520-6DA4C565B42C} (UploaderCtrl Class) -
http://fotoalbum.teledanmark.dk/upload-classes/Uploader.cabO16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) -
http://foto.jubii.dk/components/photoupload.ocxO16 - DPF: {4E7BD74F-2B8D-469E-DBF7-FD79BED5FA7D} (Jubii) -
http://toolbar.min.jubii.dk/toolbar/dk/jubii.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com/download/cult.cabO16 - DPF: {71AEE1E3-1B65-41FA-BBD2-565CBD1359D8} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSPInstall0703.exeO16 - DPF: {F9408298-9658-482C-8B02-93F09A80225F} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0104.exeO16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/virusinfo/webscan.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com/activescan/as5/asinst.cabO16 - DPF: {638AF6A2-81A1-4655-9FFA-9FC09CDE22CF} (CScanner Object) -
http://www.pestscan.com/scanner/ppctlcab.cabO16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) -
http://www.pestscan.com/scanner/axscanner.cabO16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) -
http://81.19.245.211/speedtest/SpeedTest_2.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/7d90ae05585062/housecall.antivirus.com/housecall/xscan53.cabO16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/1,5,0,4349/mcfscan.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {A3009861-330C-4E10-822B-39D16EC8829D} (CRAVOnline Object) -
http://www.ravantivirus.com/scan/ravonline.cabO16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exeO16 - DPF: {62789780-B744-11D0-986B-00609731A21D} (Autodesk MapGuide ActiveX Control) -
http://80.63.33.37/viewer/mgaxctrl.cabO16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cabO16 - DPF: {62475759-9E84-458E-A1AB-5D2C442ADFDE} -
http://a1540.g.akamai.net/7/1540/52/20040428/qtinstall.info.apple.com/saba/dk/win/QuickTimeFullInstaller.exeO16 - DPF: {A8482EAF-A1F3-4934-AE3F-56EB195A50BF} (DeskUpdate - Activex Control) -
http://support.fujitsu-siemens.de/DeskUpdate/isapi/activex.cab