Logfile of HijackThis v1.97.7
Scan saved at 19:38:07, on 18-12-03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\STARTER.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAMMER\FæLLES FILER\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMER\NETSCAPE\NETSCAPE 6\NETSCP.EXE
C:\PROGRAMMER\WINZIP\WZQKPICK.EXE
C:\UNZIPPED\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.worldonline.dk:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;127.0.0.1;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
N3 - Netscape 7: user_pref("browser.search.defaultengine", "
engine://C%3A%5CPROGRAMMER%5CNETSCAPE%5CNETSCAPE%206%5Csearchplugins%5CSBWeb_01.src"); (C:\WINDOWS\Application Data\Mozilla\Profiles\default\8u490xt2.slt\prefs.js)
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000000} - C:\PROGRAMMER\COMMONNAME\TOOLBAR\CNBABE.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [Skan registreringsdatabase] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [Job-oversigt] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [EnsoniqMixer] starter.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [QuickTime Task] C:\WINDOWS\SYSTEM\QTTASK.EXE
O4 - HKLM\..\Run: [PC Booster] C:\Programmer\inKline Global\PC Booster\pcbooster.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Norton Auto-Protect] C:\PROGRA~1\NORTON~1\NAVAPW32.EXE /LOADQUIET
O4 - HKLM\..\Run: [CTStartup] C:\PROGRAMMER\CREATIVE\SPLASH SCREEN\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [Jet Detection] C:\Programmer\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [Xanadu] C:\Programmer\Foreignword\Xanadu\Xanadu.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Programmer\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRAMMER\GRISOFT\AVG6\avgcc32.exe /startup
O4 - HKLM\..\Run: [SENTRY] C:\WINDOWS\SENTRY.exe
O4 - HKLM\..\Run: [Disc Detector] C:\Programmer\Creative\ShareDLL\CtNotify.exe
O4 - HKLM\..\Run: [WhenUSave] C:\Programmer\Save\Save.exe
O4 - HKLM\..\Run: [Trickler] "c:\windows\system\fsg_3202.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [BearShare] "C:\PROGRAMMER\BEARSHARE\BEARSHARE.EXE" /pause
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [TrueVector] C:\WINDOWS\SYSTEM\ZONELABS\VSMON.EXE -service
O4 - HKLM\..\RunServices: [MiniLog] C:\WINDOWS\SYSTEM\ZONELABS\MINILOG.EXE -service
O4 - HKLM\..\RunServices: [Planlægningsagent] C:\WINDOWS\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [Avgserv9.exe] C:\PROGRA~1\GRISOFT\AVG6\Avgserv9.exe
O4 - HKCU\..\Run: [AOL Instant Messenger (TM)] C:\Programmer\Netscape\Communicator\Program\AIM\aim.exe -cnetwait.odl
O4 - HKCU\..\Run: [media_stub] C:\Program Files\ebkrdr\stub.exe
O4 - HKCU\..\Run: [media_manager] C:\Program Files\ebkrdr\mediaman.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\PROGRAMMER\YAHOO!\MESSENGER\ypager.exe -quiet
O4 - Startup: WinZip Quick Pick.lnk = C:\Programmer\WINZIP\WZQKPICK.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Programmer\Zone Labs\ZoneAlarm\zonealarm.exe
O9 - Extra button: Xanadu (HKLM)
O9 - Extra button: Yahoo! Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {8D37126F-C08C-11D4-A248-005056BF3741} (plug Class) -
http://dist02.chargitdial.com/chargitplug.dllO16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net/7/1540/52/20011002/qtinstall.info.apple.com/qt502/dk/win/QuickTimeInstaller.exeO16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cabO16 - DPF: {CD17FAAA-17B4-4736-AAEF-436EDC304C8C} (ContentAuditX Control) -
http://a840.g.akamai.net/7/840/5805/v1503/www.contentwatch.com/audit/includes/ContentAuditControl.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: Yahoo! Chat -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/c381/chat.cabO16 - DPF: DigiChat Applet -
http://digichat.gochat.com/DigiChat/DigiClasses/Client_IE.cabO16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) -
http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v43/yacscom.cabO16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?37663.5025694444O16 - DPF: {DC187740-46A9-11D5-A815-00B0D0428C0C} -
http://www.pcpowerscan.com/pcpowerscan.cabO16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
http://www.pcpitstop.com/pcpitstop/PCPitStop.CABO17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = 2
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 212.54.64.170,212.54.64.171