Logfile of HijackThis v1.97.7
Scan saved at 13:18:51, on 09-02-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\connect.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\sndloader.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\Programmer\Common files\updater\wupdater.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\Programmer\Fælles filer\CMEII\CMESys.exe
C:\Programmer\Save\Save.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Fælles filer\GMT\GMT.exe
C:\PROGRA~2\Altnet\DOWNLO~1\asm.exe
C:\Programmer\Linksys\Wireless-G Notebook Adapter\OdHost.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Jørn Pedersen\Skrivebord\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.couldnotfind.com/search_page.html?&account_id=134993
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.couldnotfind.com/search_page.html?&account_id=134993
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: PerfectNavBHO Class - {A045DC85-FC44-45be-8A50-E4F9C62C9A84} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programmer\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - E:\Programmer\WS_FTP Pro\wsbho2k0.dll
O2 - BHO: NavErrRedir Class - {A045DC85-FC44-45be-8A50-E4F9C62C9A84} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programmer\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\Programmer\ISTbar\istbar.dll
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [Sound Loader] sndloader.exe
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [updater] C:\Programmer\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [AltnetPointsManager] c:\program files\altnet\points manager\points manager.exe -s
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [CMESys] "C:\Programmer\Fælles filer\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [WhenUSave] C:\Programmer\Save\Save.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [connection] connect.exe
O4 - HKLM\..\RunServices: [Sound Loader] sndloader.exe
O4 - HKLM\..\RunServices: [connection] connect.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ClockSync] C:\PROGRA~1\CLOCKS~1\Sync.exe /q
O4 - Global Startup: GStartup.lnk = ?
O4 - Global Startup: Hurtig start af Microsoft Office OneNote 2003.lnk = E:\programmer\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Wireless-G Notebook Adapter Utility.lnk = C:\Programmer\Linksys\Wireless-G Notebook Adapter\Startup.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: {018B7EC3-EECA-11D3-8E71-0000E82C6C0D} (Installer Class) -
http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) -
http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1075452017359
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {3E68E405-C6DE-49FF-83AE-41EE9F4C36CE} (Office Update Installation Engine) -
http://office.microsoft.com/officeupdate/content/opuc.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {91413D86-9F27-402C-B5E3-DEBDD122C339} -
http://content.netvenda.com/sites/games-intl/dk/games4.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37976.4542592593
O16 - DPF: {BD092CD7-AA66-4FF6-8CE1-D4E01489ED2B} (VacPro.UserControl1) -
http://www.7adpower.com/dialer/EMSAT.CAB
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) -
http://www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
----------------------
sådan