den popper up mange gange men her er en fisk highjack logLogfile of HijackThis v1.97.7
Scan saved at 21:09:56, on 26-05-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\gearsec.exe
C:\WINDOWS\System32\inetsrv\inetinfo.exe
C:\WINDOWS\System32\msdtc.exe
C:\Programmer\Fælles filer\Panda Software\PavShld\pavprsrv.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2004\Pavsrv51.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\mqsvc.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
C:\WINDOWS\System32\mqtgsvc.exe
C:\Programmer\Fælles filer\Stardock\SDMCP.exe
C:\Programmer\Stardock\Object Desktop\ThemeManager\wbload.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2004\apvxdwin.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\RunDll32.exe
C:\Programmer\BearShare\BearShare.exe
C:\Programmer\Java\j2re1.4.2_04\bin\jusched.exe
C:\Programmer\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe
C:\Programmer\Lexmark X74-X75\lxbbbmon.exe
C:\cleandiskpro\cleandisk.exe
C:\Programmer\BearShare\BearShare.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
C:\DOCUME~1\c\LOKALE~1\Temp\{3FEE0EB9-4395-4A42-BCFF-A9378CF400B3}\UniverseMetal2004Bar.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\C_DILLA\setup\cdremove.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_wp.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\dllhost.exe
C:\Documents and Settings\c\Skrivebord\værktøj\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.google.dk/O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {41353F8B-78CE-48A5-BE44-153ED293D192} - C:\Programmer\PopupPopper\PopLib.dll
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\ALTAVI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~2\FlashGet\jccatch.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\windows\googletoolbar2.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AltaVista Toolbar - {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} - C:\WINDOWS\DOWNLO~1\ALTAVI~1.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\windows\googletoolbar2.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 /s mqrt.dll
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [BearShare] "C:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_04\bin\jusched.exe
O4 - HKLM\..\Run: [mmtask] C:\Programmer\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Lexmark X74-X75] "C:\Programmer\Lexmark X74-X75\lxbbbmgr.exe"
O4 - HKLM\..\Run: [CleanDiskAutoRun] c:\cleandiskpro\cleandisk.exe -boot
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 3.8\THGuard.exe"
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmer\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [TrojanScanner] C:\Programmer\Trojan Remover\Trjscan.exe
O4 - HKLM\..\Run: [cupdate] C:\DOCUME~1\c\LOKALE~1\Temp\SFX70.tmp\cupdate.exe
O4 - HKLM\..\Run: [bcray] C:\DOCUME~1\c\LOKALE~1\Temp\SFX70.tmp\1002\bcray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKLM\..\RunOnce: [tv_enua] RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\tv_enua.inf, RemoveCabinet
O4 - Startup: UniverseMetal2004.lnk = C:\Programmer\Stardock\Object Desktop\ThemeManager\themes\UniverseMetal2004Bar.exe
O8 - Extra context menu item: &Google Search -
res://c:\windows\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: AltaVista Search -
file://C:\Programmer\ALTAVISTA Toolbar\Cache\SelectedContextSearch.htm
O8 - Extra context menu item: Backward &Links -
res://c:\windows\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cac&hed Snapshot of Page -
res://c:\windows\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: Download alle med FlashGet - C:\Programmer\FlashGet\jc_all.htm
O8 - Extra context menu item: Download med FlashGet - C:\Programmer\FlashGet\jc_link.htm
O8 - Extra context menu item: Save with Download Manager... - C:\Programmer\J River\Media Jukebox\DMDownload.htm
O8 - Extra context menu item: Si&milar Pages -
res://c:\windows\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate -
file://C:\Programmer\ALTAVISTA Toolbar\Cache\SelectedContextTranslation.htm
O8 - Extra context menu item: Translate into English -
res://c:\windows\GoogleToolbar2.dll/cmtrans.htmlO9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: PopupPopper Kontrol Panel (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com/pub/shockwave/cabs/director/swdir.cabO16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
http://download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1083691020843O16 - DPF: {4E7BD74F-2B8D-469E-92EA-EC65A294AE31} (AltaVista Toolbar) -
http://toolbar.altavista.com/static/toolbar/altavista.cab?r=1080835067O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab28177.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) -
http://cabs.roings.com/cabs/mp3.cab
Ny bruger
Nybegynder
Opret
Preview
