Logfile of HijackThis v1.97.7
Scan saved at 11:58:15, on 09.12.03
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Network Associates\VirusScan\Avsynmgr.exe
C:\WINNT\system32\hidserv.exe
C:\WINNT\System32\inetsrv\inetinfo.exe
C:\WINNT\System32\mgabg.exe
C:\Programmer\Network Associates\VirusScan\VsStat.exe
C:\Programmer\Network Associates\VirusScan\Vshwin32.exe
C:\WINNT\system32\regsvc.exe
C:\Programmer\Network Associates\VirusScan\Avconsol.exe
C:\Programmer\Network Associates\VirusScan\Webscanx.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\System32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\Programmer\Fælles filer\Network Associates\McShield\Mcshield.exe
C:\WINNT\Explorer.EXE
C:\WINNT\System32\PDesk\PDesk.exe
C:\WINNT\system32\Promon.exe
C:\WINNT\system32\Smtray.exe
C:\WINNT\system32\NWTRAY.EXE
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Programmer\Logitech\iTouch\iTouch.exe
C:\Programmer\Java\j2re1.4.2_02\bin\jusched.exe
C:\WINNT\system32\Keyhost.exe
C:\Programmer\Atomic Clock Sync\Atomic.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Nokia\PC Suite for Nokia 7650\connmngmntbox.exe
C:\Programmer\Nokia\PC Suite for Nokia 7650\ectaskscheduler.exe
C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe
C:\Programmer\3M\PSN2Lite\Psn2Lite.exe
C:\Programmer\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe
C:\Programmer\Trillian\trillian.exe
C:\Programmer\United Devices\UD.EXE
C:\PROGRA~1\3M\PSN2Lite\PSNGive.exe
C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE
C:\Programmer\Microsoft Office\Office\MSACCESS.EXE
C:\Programmer\Microsoft Office\Office\OUTLOOK.EXE
C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe
C:\Programmer\United Devices\ud_1706422.exe
C:\WINNT\system32\ntvdm.exe
C:\Programmer\United Devices\ud_1706422_0.dir\ud_ligfit_Release.exe
C:\Programmer\NetCaptor\NetCaptor.exe
C:\Programmer\WinRAR\WinRAR.exe
C:\DOCUME~1\AWJ\LOKALE~1\Temp\Rar$EX00.640\HijackThis.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [Matrox Powerdesk] C:\WINNT\System32\PDesk\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [Smapp] Smtray.exe
O4 - HKLM\..\Run: [NWTRAY] NWTRAY.EXE
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_02\bin\jusched.exe
O4 - HKLM\..\Run: [WinEssential] C:\WINNT\system32\Keyhost.exe
O4 - HKLM\..\Run: [Atomic.exe] C:\Programmer\Atomic Clock Sync\Atomic.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - Startup: Trillian.lnk = C:\Programmer\Trillian\trillian.exe
O4 - Startup: UD Agent.lnk = C:\Programmer\United Devices\UD.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: PCSuiteForNokia7650 Detect.lnk = C:\Programmer\Nokia\PC Suite for Nokia 7650\connmngmntbox.exe
O4 - Global Startup: PCSuiteForNokia7650 TS.lnk = C:\Programmer\Nokia\PC Suite for Nokia 7650\ectaskscheduler.exe
O4 - Global Startup: Post-it® Software Notes Lite.lnk = C:\Programmer\3M\PSN2Lite\Psn2Lite.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... (HKLM)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cabO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cabO16 - DPF: {03F998B2-0E00-11D3-A498-00104B6EB52E} (MetaStreamCtl Class) -
https://components.viewpoint.com/MTSInstallers/MetaStream3.cab?url=www.viewpoint.comO16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) -
http://www.ipix.com/viewers/ipixx.cabO16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/sw.cabO16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) -
http://www.skylinesoft.com/interactive/TerraExplorer/Install/TEInstallPlugIn.cabO16 - DPF: {23B7A816-3647-49D2-9756-6F41CE8F9201} (ddm_download.ddm_control) -
http://download.rfwnad.com/cab/ddm_control.CABO16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cabO16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com/download/cult.cabO16 - DPF: {597C45C2-2D39-11D5-8D53-0050048383FE} (OPUCatalog Class) -
http://office.microsoft.com/productupdates/content/opuc.cabO16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/0fb5e03023def1/housecall.antivirus.com/housecall/xscan53.cabO16 - DPF: {82774781-8F4E-11D1-AB1C-0000F8773BF0} (DLC Class) -
http://transfers.one.microsoft.com/FTM/TransferSource/grTransferCtrl.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37602.1220833333O16 - DPF: {A16E6189-A1DD-4696-9806-0324C145D794} (KeyActivex Control) -
http://www.jraun.com/activex/src/KeyActivex.ocxO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com/binary/SolitaireShowdown.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{03E00286-686D-4CED-99A4-6CC68B87D4C8}: NameServer = 192.142.7.100,195.82.195.100,194.239.134.83
O17 - HKLM\System\CS1\Services\Tcpip\..\{03E00286-686D-4CED-99A4-6CC68B87D4C8}: NameServer = 192.142.7.100,195.82.195.100,194.239.134.83
O17 - HKLM\System\CS2\Services\Tcpip\..\{03E00286-686D-4CED-99A4-6CC68B87D4C8}: NameServer = 192.142.7.100,195.82.195.100,194.239.134.83