Logfile of HijackThis v1.99.1
Scan saved at 22:27:41, on 20-03-2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE
C:\WINDOWS\System32\MSPRCSS32.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\System32\MSPRCSS32.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
C:\Programmer\Fælles filer\Panda Software\PavShld\pavprsrv.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\WebProxy.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\Programmer\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Bidske Bjørn\Lokale indstillinger\Temp\Midlertidig mappe 1 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [Windows Network Firewall] C:\WINDOWS\System32\firewall.exe
O4 - HKLM\..\Run: [Samsung] Samsungs.exe
O4 - HKLM\..\Run: [Windows pack service] MsnMsgr.exe
O4 - HKLM\..\Run: [Media service] svchost32.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Programmer\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [m0D2] C:\WINDOWS\qawgov.exe
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\RunServices: [Samsung] Samsungs.exe
O4 - HKLM\..\RunServices: [Windows pack service] MsnMsgr.exe
O4 - HKLM\..\RunServices: [Media service] svchost32.exe
O4 - HKLM\..\RunServices: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Microsoft Windows Update] svcshost.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MS Windows Process Class] MSPRCSS32.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O15 - Trusted Zone:
http://ny.contentmatch.net (HKLM)
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c267.cabO16 - DPF: {AD0B8220-7DA4-4C0A-8532-B25A9F631D3D} (VacPro.internazionale_ver10) -
http://advnt01.com/dialer/internazionale_ver10.CABO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cabO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\Pavkre.exe
O23 - Service: Panda PavProt (PavProt) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PavProt.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Programmer\Fælles filer\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\pavsrv51.exe
O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\prevsrv.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional - C:\Programmer\Panda Software\Panda Titanium Antivirus 2005\PsImSvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Windows 32-bit PnP Driver (winpnp32) - Unknown owner - C:\WINDOWS\System32\winpnp32.exe (file missing)