Her er hijack filen:
Logfile of HijackThis v1.99.1
Scan saved at 07:53:45, on 11/7/2005
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\System32\cisvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
C:\PROGRA~1\Navnt\navapsvc.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINNT\system32\NMSSvc.exe
C:\PROGRA~1\Navnt\npssvc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\msdtc.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\mqsvc.exe
C:\WINNT\Explorer.EXE
C:\PROGRA~1\Navnt\alertsvc.exe
C:\WINNT\system32\rundll32.exe
C:\Programmer\Kerio\Personal Firewall 4\kpf4gui.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Navnt\POPROXY.EXE
C:\WINNT\system32\Promon.exe
C:\Programmer\HP\hpcoretech\hpcmpmgr.exe
C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
C:\Programmer\Microsoft AntiSpyware\gcasServ.exe
C:\WINNT\system32\internat.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmer\Microsoft AntiSpyware\gcasDtServ.exe
C:\Programmer\Navnt\navapw32.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\System32\cidaemon.exe
C:\WINNT\system32\NOTEPAD.EXE
C:\Programmer\Microsoft Office\Office\OUTLOOK.EXE
C:\WINNT\msagent\AgentSvr.exe
\Hans\Program Files\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.msn.dkR0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: ExactSeek Toolbar - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - C:\Programmer\ExactSeekToolbar\eseek.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ExactSeek Toolbar - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - C:\Programmer\ExactSeekToolbar\eseek.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NPS Event Checker] C:\PROGRA~1\Navnt\npscheck.exe
O4 - HKLM\..\Run: [NAV DefAlert] C:\PROGRA~1\Navnt\defalert.exe
O4 - HKLM\..\Run: [Norton eMail Protect] C:\Programmer\Navnt\POPROXY.EXE
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Programmer\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Programmer\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Google Desktop Search] "C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Norton AntiVirus Auto-Protect.lnk = C:\Programmer\Navnt\navapw32.exe
O4 - Global Startup: Norton AntiVirus AutoProtect.lnk = C:\Programmer\Navnt\navapw32.exe
O4 - Global Startup: WinZip Quick Pick.lnk = WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google-søgning -
res://C:\Programmer\Google\GoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &Oversæt engelsk ord -
res://C:\Programmer\Google\GoogleToolbar1.dll/cmwordtrans.htmlO8 - Extra context menu item: Lignende sider -
res://C:\Programmer\Google\GoogleToolbar1.dll/cmsimilar.htmlO8 - Extra context menu item: Tilbage via links -
res://C:\Programmer\Google\GoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Øjebliksbillede af side i cache -
res://C:\Programmer\Google\GoogleToolbar1.dll/cmcache.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: ExactSeek Toolbar - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - C:\Programmer\ExactSeekToolbar\eseek.dll
O9 - Extra 'Tools' menuitem: ExactSeek Toolbar - {EC52BEDA-CCF3-45E1-AFFD-03618DB9F10A} - C:\Programmer\ExactSeekToolbar\eseek.dll
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) -
http://us.dl1.yimg.com/download.yahoo.com/dl/yinst/yinst_current.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{3B957DAD-639C-40E6-8FE9-5105A91E0FBC}: NameServer = 195.130.224.18,195.130.225.129
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\RWxsZW4\command.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Programmer\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NAV Alert - Symantec Corporation - C:\PROGRA~1\Navnt\alertsvc.exe
O23 - Service: NAV Auto-Protect - Symantec Corporation - C:\PROGRA~1\Navnt\navapsvc.exe
O23 - Service: Intel(R) NMS (NMSSvc) - Intel Corporation - C:\WINNT\system32\NMSSvc.exe
O23 - Service: Norton Program Scheduler - Symantec Corporation - C:\PROGRA~1\Navnt\npssvc.exe
Og her er l2mfix filen:
L2MFIX find log 1.04a
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage]
"Asynchronous"=dword:00000000
"DllName"="C:\\WINNT\\system32\\irr6l59s1.dll"
"Impersonate"=dword:00000000
"Logon"="WinLogon"
"Logoff"="WinLogoff"
"Shutdown"="WinShutdown"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000
RegDACL 5.1 - Permissions Manager for Registry keys for Windows NT 4 and above
Copyright (c) 1999-2001 Frank Heyne Software (
http://www.heysoft.de)
This program is Freeware, use it on your own risk!
Access Control List for Registry key HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify:
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(NI) ALLOW Full access NT AUTHORITY\SYSTEM
(IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-NI) ALLOW Read BUILTIN\Brugere
(ID-IO) ALLOW Read BUILTIN\Brugere
(ID-NI) ALLOW Read BUILTIN\Superbrugere
(ID-IO) ALLOW Read BUILTIN\Superbrugere
(ID-NI) ALLOW Full access BUILTIN\Administratorer
(ID-IO) ALLOW Full access BUILTIN\Administratorer
(ID-NI) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access NT AUTHORITY\SYSTEM
(ID-IO) ALLOW Full access CREATOR OWNER
**********************************************************************************
useragent:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"{38E8EE89-6973-673F-C031-73662D16D269}"=""
**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Egenskabsark for multimediefiler"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-scannerstyring"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS Sikkerhedsside"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="Egenskabsside for OLE-dokumentfil"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Shell-udvidelser for deling"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL-fil"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rmkort"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rm"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Kontrolpanel-udvidelse til sk‘rmpanorering"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="DS Security-side"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="Shell-fragmentdatahandler"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Udvidelsen Diskcopy"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Shell-udvidelser til Microsoft Windows-netv‘rksobjekter"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-sk‘rmstyring"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-printerstyring"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Shell-udvidelser til filkomprimering"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Web Printer shell-udvidelse"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Kontekstmenu til kryptering"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Rejsetaske"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-ikon"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profil"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Printers Sikkerhedsside"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Shell-udvidelser for deling"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Shell extensions for Windows Script Host"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO-filtype"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto signeringsfiltype"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Netv‘rks- og opkaldsforbindelser"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Planlagte opgaver"
"{1A9BA3A0-143A-11CF-8350-444553540000}"="Mappen Foretrukne i shell"
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"="Denne computer"
"{86747AC0-42A0-1069-A2E6-08002B30309D}"="Mappen Rejsetaske"
"{0AFACED1-E828-11D1-9187-B532F1E9575D}"="Mappegenvej"
"{12518493-00B2-11d2-9FA5-9E3420524153}"="Forbundet enhed"
"{21B22460-3AEA-1069-A2DC-08002B30309D}"="Udvidelse til filegenskabsside"
"{B091E540-83E3-11CF-A713-0020AFD79762}"="Filtypeside"
"{FBF23B41-E3F0-101B-8488-00AA003E56F8}"="Hook til MIME-filtyper"
"{C2FBB630-2971-11d1-A18C-00C04FD75D13}"="Microsoft CopyTo Service"
"{C2FBB631-2971-11d1-A18C-00C04FD75D13}"="Microsoft MoveTo Service"
"{13709620-C279-11CE-A49E-444553540000}"="Shell Automation Service"
"{62112AA1-EBE4-11cf-A5FB-0020AFE7292D}"="Shell Automation-mappevisning"
"{4622AD11-FF23-11d0-8D34-00A0C90F2719}"="Menuen Start"
"{7BA4C740-9E81-11CF-99D3-00AA004AE837}"="Microsoft SendTo Service"
"{D969A300-E7FF-11d0-A93B-00A0C90F2719}"="Microsoft New Object Service"
"{09799AFB-AD67-11d1-ABCD-00C04FC30936}"="ben med genvejsmenubehandleren"
"{3FC0B520-68A9-11D0-8D77-00C04FD70822}"="Vis HTML-udvidelser i Kontrolpanel"
"{75048700-EF1F-11D0-9888-006097DEACF9}"="ActiveDesktop"
"{6D5313C0-8C62-11D1-B2CD-006097DF8C11}"="Udvidelse til egenskabsside for mappeindstillinger"
"{57651662-CE3E-11D0-8D77-00C04FC99D61}"="CmdFileIcon"
"{4657278A-411B-11d2-839A-00C04FD918D0}"="Hj‘lpeprogram til tr‘k-og-slip i shell"
"{A470F8CF-A1E8-4f65-8335-227475AA5C46}"="Tilf›j krypteringselement til genvejsmenuerne i Stifinder."
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet Toolbar"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Download Status"
"{568804CA-CBD7-11d0-9816-00C04FD91972}"="Menu Shell Folder"
"{5b4dae26-b807-11d0-9815-00c04fd91972}"="Menu Band"
"{8278F931-2A3E-11d2-838F-00C04FD918D0}"="Tracking Shell Menu"
"{E13EF4E4-D2F2-11d0-9816-00C04FD91972}"="Menu Site"
"{ECD4FC4F-521C-11D0-B792-00A0C90312E1}"="Menu Desk Bar"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{D82BE2B0-5764-11D0-A96E-00C04FD705A2}"="IShellFolderBand"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="Search Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{0E5CBF21-D15F-11d0-8301-00AA005B4383}"="&Links"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&Address"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7487cd30-f71a-11d0-9ea7-00805f714772}"="Thumbnail Image"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="History"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{8BEBB290-52D0-11D0-B7F4-00C04FD706EC}"="Miniaturer"
"{EAB841A0-9550-11CF-8C16-00805F1408F3}"="Udpakning af HTML-miniaturer"
"{1AEB1360-5AFC-11D0-B806-00C04FD706EC}"="Udpakning af miniaturer til Office-grafikfiltre"
"{9DBD2C50-62AD-11D0-B806-00C04FD706EC}"="Dokumentinfo om miniaturehandler (DOCFILES)"
"{500202A0-731E-11D0-B829-00C04FD706EC}"="Uddelegering af miniaturer til lnk-filer"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="Shell Programstyring"
"{0B124F8C-91F0-11D1-B8B5-006008059382}"="Opt‘lling af installerede programmer"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{fe1290f0-cfbd-11cf-a330-00aa00c16e65}"="Directory Namespace"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{450D8FBA-AD25-11D0-98A8-0800361B1103}"="MyDocs Folder"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Menuen Offlinefiler"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Indstillinger for Mappen Offlinefiler"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Mappen Offlinefiler"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{0006F045-0000-0000-C000-000000000046}"="Microsoft Outlook Custom Icon Handler"
"{32683183-48a0-441b-a342-7c2a440a9478}"="Media Band"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{E0E11A09-5CB8-4B6C-8332-E00720A168F2}"="Address Bar Parser"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{f39a0dc0-9cc8-11d0-a599-00c04fd64433}"="Channel File"
"{f3aa0dc0-9cc8-11d0-a599-00c04fd64434}"="Channel Shortcut"
"{f3ba0dc0-9cc8-11d0-a599-00c04fd64435}"="Channel Handler Object"
"{f3da0dc0-9cc8-11d0-a599-00c04fd64437}"="Channel Menu"
"{f3ea0dc0-9cc8-11d0-a599-00c04fd64438}"="Channel Properties"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="For &People..."
"{ED65AB21-B24F-11d3-BA80-00C0CA16AA37}"="Mobile"
"{ED65AB22-B24F-11d3-BA80-00C0CA16AA37}"="Mobile ContextMenuHandler"
"{ED65AB23-B24F-11d3-BA80-00C0CA16AA37}"="Mobile PropertySheetHandler"
"{5a61f7a0-cde1-11cf-9113-00aa00425c62}"="IIS Shell Extention"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79307-84BE-11CE-9641-444553540000}"="WinZip"
"{CBE544FB-6EFA-4B15-B4FC-C9E279EB9640}"=""
**********************************************************************************
HKEY ROOT CLASSIDS:
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\CLSID\{CBE544FB-6EFA-4B15-B4FC-C9E279EB9640}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CBE544FB-6EFA-4B15-B4FC-C9E279EB9640}\Implemented Categories]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CBE544FB-6EFA-4B15-B4FC-C9E279EB9640}\Implemented Categories\{00021492-0000-0000-C000-000000000046}]
@=""
[HKEY_CLASSES_ROOT\CLSID\{CBE544FB-6EFA-4B15-B4FC-C9E279EB9640}\InprocServer32]
@="C:\\WINNT\\system32\\sqimgvw.dll"
"ThreadingModel"="Apartment"
**********************************************************************************
Files Found are not all bad files:
C:\WINNT\SYSTEM32\
catsrv.dll Mon 5 Sep 2005 9.18.06 A.... 165.648 161,77 K
catsrvut.dll Mon 5 Sep 2005 9.18.06 A.... 595.728 581,77 K
cdosys.dll Tue 30 Aug 2005 10.29.26 A.... 2.532.112 2,41 M
clbcatex.dll Mon 5 Sep 2005 9.18.06 A.... 97.040 94,77 K
clbcatq.dll Mon 5 Sep 2005 9.18.06 A.... 551.184 538,27 K
colbact.dll Mon 5 Sep 2005 9.18.06 A.... 41.744 40,77 K
comrepl.dll Mon 5 Sep 2005 9.18.06 A.... 98.576 96,27 K
comsvcs.dll Mon 5 Sep 2005 9.18.08 A.... 1.471.760 1,40 M
comuid.dll Mon 5 Sep 2005 9.18.08 A.... 628.496 613,77 K
danim.dll Fri 2 Sep 2005 10.08.16 A.... 988.160 965,00 K
dxtrans.dll Fri 2 Sep 2005 15.35.16 A.... 192.000 187,50 K
es.dll Mon 5 Sep 2005 9.18.06 A.... 242.448 236,77 K
irr6l5~1.dll Sun 6 Nov 2005 9.13.20 ..S.R 235.967 230,43 K
l0j8la~1.dll Sun 6 Nov 2005 11.39.26 ..S.R 234.272 228,78 K
linkinfo.dll Fri 23 Sep 2005 12.02.58 A.... 17.680 17,27 K
msdtclog.dll Mon 5 Sep 2005 9.18.08 A.... 96.016 93,77 K
msdtcprx.dll Mon 5 Sep 2005 9.18.08 A.... 728.848 711,77 K
msdtctm.dll Mon 5 Sep 2005 9.18.10 A.... 1.200.400 1,14 M
msdtcui.dll Mon 5 Sep 2005 9.18.10 A.... 153.872 150,27 K
mshtml.dll Tue 4 Oct 2005 11.33.32 A.... 2.700.288 2,57 M
mstime.dll Fri 2 Sep 2005 16.31.12 A.... 496.128 484,50 K
mtxclu.dll Mon 5 Sep 2005 9.18.10 A.... 52.496 51,27 K
mtxdm.dll Mon 5 Sep 2005 9.18.10 A.... 26.896 26,27 K
mtxlegih.dll Mon 5 Sep 2005 9.18.10 A.... 35.600 34,77 K
mtxoci.dll Mon 5 Sep 2005 9.18.10 A.... 122.640 119,77 K
netman.dll Tue 16 Aug 2005 9.34.56 A.... 100.112 97,77 K
nwwks.dll Mon 22 Aug 2005 10.20.18 A.... 61.200 59,77 K
ole32.dll Mon 5 Sep 2005 9.18.06 A.... 957.712 935,27 K
olecnv32.dll Mon 5 Sep 2005 9.18.06 A.... 36.624 35,77 K
quartz.dll Tue 30 Aug 2005 8.14.00 A.... 1.227.776 1,17 M
rpcss.dll Mon 5 Sep 2005 9.18.06 A.... 212.240 207,27 K
shell32.dll Fri 23 Sep 2005 12.02.58 A.... 2.369.296 2,26 M
shlwapi.dll Mon 12 Sep 2005 5.00.26 A.... 409.088 399,50 K
spmsg.dll Wed 17 Aug 2005 0.31.22 ..... 14.048 13,72 K
sqimgvw.dll Sun 6 Nov 2005 11.43.30 ..S.R 235.967 230,43 K
stclient.dll Mon 5 Sep 2005 9.18.10 A.... 71.440 69,77 K
txfaux.dll Mon 5 Sep 2005 9.18.06 A.... 398.608 389,27 K
umpnpmgr.dll Fri 2 Sep 2005 10.23.56 A.... 95.504 93,27 K
urlmon.dll Fri 2 Sep 2005 16.31.14 A.... 458.240 447,50 K
webvw.dll Fri 23 Sep 2005 12.03.00 A.... 1.122.064 1,07 M
winsrv.dll Fri 23 Sep 2005 12.03.02 A.... 245.520 239,77 K
xolehlp.dll Mon 5 Sep 2005 9.18.10 A.... 19.728 19,27 K
42 items found: 42 files (3 H/S), 0 directories.
Total of file sizes: 21.741.166 bytes 20,73 M
Locate .tmp files:
C:\WINNT\SYSTEM32\
atmtdd~1.tmp Sun 6 Nov 2005 7.52.34 A.... 0 0,00 K
1 item found: 1 file, 0 directories.
Total of file sizes: 0 bytes 0,00 K
**********************************************************************************
Directory Listing of system files:
Disken i drev C har ikke noget navn.
Diskens serienummer er B408-9BA4
Indhold af C:\WINNT\System32
11/06/2005 11:43 235.967 sqimgvw.dll
11/06/2005 11:39 234.272 l0j8la1u1d.dll
11/06/2005 09:13 235.967 irr6l59s1.dll
10/30/2005 08:48 <DIR> dllcache
3 fil(er) 706.206 byte
1 mappe(r) 2.695.708.672 byte ledig
