Logfile of HijackThis v1.97.3
Scan saved at 20:13:18, on 24-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Intel\ASF Agent\ASFAgent.exe
C:\PROGRA~1\Grisoft\AVG6\avgserv.exe
C:\WINDOWS\system32\cisvc.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\crypserv.exe
C:\Programmer\GFI\LANguard Network Security Scanner 3\sscansvc.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PLServ.exe
C:\WINDOWS\System32\tcpsvcs.exe
C:\WINDOWS\System32\snmp.exe
C:\WINDOWS\System32\svchost.exe
C:\InetPub\wwwroot\VistaWebstation\Scripts\TACrdSvr.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\system32\fxssvc.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Real\RealJukebox\tsystray.exe
C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe
C:\Programmer\Real\RealPlayer\realplay.exe
C:\Programmer\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE
C:\Programmer\Elaborate Bytes\CloneCD\CloneCDTray.exe
C:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\devldr32.exe
c:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Programmer\Microsoft Office\OFFICE11\ONENOTEM.EXE
C:\Programmer\Digital Image\Monitor.exe
C:\Programmer\Mouse\Mouse Control\Panel.exe
C:\Programmer\MailWasher\MailWasher.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\System32\WISPTIS.EXE
C:\Programmer\Windows Media Player\wmplayer.exe
C:\WINDOWS\System32\taskmgr.exe
C:\PROGRA~1\Grisoft\AVG6\AVGCC32.EXE
C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\TF\Skrivebord\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://ni.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O2 - BHO: (no name) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: Guard-IE - {D2F719F3-106A-402B-9996-3A5B12ACA564} - C:\Programmer\Failsafe\GuardIE\PnIE.dll
O2 - BHO: (no name) - {EBCDDA60-2A68-11D3-8A43-0060083CFB9C} - C:\WINDOWS\System32\nzdd0.dll
O3 - Toolbar: Guard-IE - {37C8204D-97C3-4127-BB28-1BFF3FA2F7DA} - C:\Programmer\Failsafe\GuardIE\PnIE.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programmer\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVG_CC] C:\PROGRA~1\Grisoft\AVG6\avgcc32.exe /STARTUP
O4 - HKLM\..\Run: [RealJukeboxSystray] "C:\Programmer\Real\RealJukebox\tsystray.exe"
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Programmer\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Programmer\Winamp3\winampa.exe"
O4 - HKLM\..\Run: [RealTray] C:\Programmer\Real\RealPlayer\realplay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [DIAGENT] C:\Programmer\Creative\SBLive\Creative Diagnostics 2.0\DIAGENT.EXE startup
O4 - HKLM\..\Run: [AHQInit] C:\Programmer\Creative\SBLive\Program\AHQInit.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmer\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [CloneCDTray] "C:\Programmer\Elaborate Bytes\CloneCD\CloneCDTray.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] c:\Programmer\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Systweak Ad and Popup Blocker] "C:\Programmer\Advanced System Optimizer\adblock.exe"
O4 - Global Startup: Acrobat Assistant.lnk = C:\Programmer\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Programmer\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Monitor.lnk = ?
O4 - Global Startup: Mouse Control.lnk = C:\Programmer\Mouse\Mouse Control\Panel.exe
O8 - Extra context menu item: &Google Search -
res://c:\programmer\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: Backward &Links -
res://c:\programmer\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:\programmer\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Si&milar Pages -
res://c:\programmer\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate into English -
res://c:\programmer\google\GoogleToolbar2.dll/cmtrans.htmlO9 - Extra button: Research (HKLM)
O9 - Extra button: @C:\Programmer\Failsafe\GuardIE\PnIE.dll,-100 (HKLM)
O9 - Extra 'Tools' menuitem: @C:\Programmer\Failsafe\GuardIE\PnIE.dll,-100 (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O16 - DPF: Nordea Online investering -
https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cabO16 - DPF: Nordea Online investering 4.1 -
https://www.onlineinvestering.nordea.dk/oiclient.nsf/files/client/$FILE/oiclient.cabO16 - DPF: {5B27C20D-FFB6-4054-BA78-DE4A059BC75A} (Microsoft Office Template Downloader) -
http://office.microsoft.com/danmark/templateGallery/msotd.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{2C81202C-7075-4A1A-A02B-F390C2DC03F1}: NameServer = 194.239.134.83,193.162.153.164