Logfile of HijackThis v1.99.1
Scan saved at 21:35:14, on 01-08-2006
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
D:\Programmer\Winamp\winampa.exe
C:\Programmer\Support.com\bin\tgcmd.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbOEAddOn.exe
C:\PROGRA~1\SPAMBL~1\Bin\480~1.0\SBInst.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\l?gonui.exe
C:\Programmer\ncwd\oeue.exe
C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Programmer\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\PROGRA~1\FLLES~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\RECYCLER\service.exe
C:\RECYCLER\service.exe
C:\Programmer\Flles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\RealVNC\VNC4\WinVNC4.exe
C:\Programmer\Flles filer\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbSrv.exe
D:\Downloads\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.dk/0SEDADK/SAOS01R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - {295B953F-50D5-0725-A1EA-01D5FD27E3E8} - C:\WINDOWS\System32\nio.dll
R3 - URLSearchHook: (no name) - {2F57CE61-028A-5628-A1EA-01D5FD27E3E9} - C:\WINDOWS\System32\nio.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {295B953F-50D5-0725-A1EA-01D5FD27E3E8} - C:\WINDOWS\System32\nio.dll
O2 - BHO: (no name) - {2F57CE61-028A-5628-A1EA-01D5FD27E3E9} - C:\WINDOWS\System32\nio.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SpamBlockerUtility - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbHostIE.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] D:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [hcenter] "C:\Programmer\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Microsoft sdk temp] sdktemp.exe
O4 - HKLM\..\Run: [MCX Updte] scorti.exe
O4 - HKLM\..\Run: [MICROSFT MX UPDATE SUPPORT] taskmngrs.exe
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\printray.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Monitor] C:\PROGRA~1\LEXMAR~1\ACMonitor_X73.exe
O4 - HKLM\..\Run: [Lexmark X73 Button Manager] C:\PROGRA~1\LEXMAR~1\AcBtnMgr_X73.exe
O4 - HKLM\..\Run: [Zone Labs Client] C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [SpamBlocker] C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbOEAddOn.exe
O4 - HKLM\..\Run: [Spam Blocker for Outlook Express] C:\PROGRA~1\SPAMBL~1\Bin\480~1.0\SBInst.exe
O4 - HKLM\..\Run: [twzuufbq] C:\WINDOWS\System32\soagvkcn.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Programmer\SpamBlockerUtility\Bin\4.8.0.0\SbWeatherOnTray.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\RunServices: [Microsoft sdk temp] sdktemp.exe
O4 - HKLM\..\RunServices: [MCX Updte] scorti.exe
O4 - HKLM\..\RunServices: [MICROSFT MX UPDATE SUPPORT] taskmngrs.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Mgghaa] C:\WINDOWS\System32\l?gonui.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Idua] "C:\Programmer\ncwd\oeue.exe" -vt mt
O4 - HKCU\..\Run: [PcSync] C:\Programmer\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: LG SyncManager.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Programmer\Zone Labs\ZoneAlarm\zapro.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: bn billede i &Microsoft PhotoDraw -
res://C:\PROGRA~1\MICROS~2\Office\1030\phdintl.dll/phdContext.htmO9 - Extra button: Poker.com - {6FDD5236-C9F0-49ef-935D-385F5E21991A} - C:\Program Files\Poker.com\poker.exe
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-9F63-900533FAFE15} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE (file missing)
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cabO16 - DPF: {11818680-FCF6-11D0-9808-0800092A4865} (Adobe Form Control) -
http://www.kps.dk/Codebase/FormCtl.cabO16 - DPF: {1469FF24-47F6-11D2-8805-006008C537E3} (Adobe Mail Control) -
http://www.kps.dk/codebase/ffmail.cabO16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) -
http://netbank.danskebank.dk/html/activex/DB/Menu.cabO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cabO16 - DPF: {8C875948-9C60-4381-9248-0DF180542D53} (SbInstObj) -
http://installs.spamblockerutility.com/installs/spamblockerutility/programs/spamblockerutility.cabO16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cabO16 - DPF: {92EB6641-286A-11D2-A68E-00A0C996A6DD} (Adobe Signature Object) -
http://www.kps.dk/codebase/jfsignature.cabO16 - DPF: {AD90E8D1-3B47-11D2-A696-00A0C996A6DD} (jfCryptoSignature Class) -
http://www.kps.dk/codebase/jfcrypto.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO16 - DPF: {CDDCFBB3-4D93-11D2-B1A9-00A0C9B742BE} (Adobe Script Object) -
http://www.kps.dk/codebase/scriptobject.cabO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO16 - DPF: {E991BDE0-9816-4094-853E-6BDB60F0342D} (Get_ActiveX Control) -
http://apps.corel.com/nos_dl_manager/plugin/IENetOpPlugin.ocxO16 - DPF: {EF2FB80F-0975-408E-A871-B00CC863478A} (Adobe Soft Font Installer) -
http://www.kps.dk/codebase/fontinstaller.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Programmer\Flles filer\Symantec Shared\ccEvtMgr.exe (file missing)
O23 - Service: Symantec Network Proxy (ccProxy) - Unknown owner - C:\Programmer\Flles filer\Symantec Shared\ccProxy.exe (file missing)
O23 - Service: Symantec Password Validation (ccPwdSvc) - Unknown owner - C:\Programmer\Flles filer\Symantec Shared\ccPwdSvc.exe (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Programmer\Flles filer\Symantec Shared\ccSetMgr.exe (file missing)
O23 - Service: Microsoft Global Services (itnalispy) - Unknown owner - C:\RECYCLER\service.exe
O23 - Service: Microsoft Global Backup Services (itnalispy666) - Unknown owner - C:\RECYCLER\service.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto Protect (navapsvc) - Unknown owner - C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SAVScan - Unknown owner - C:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe (file missing)
O23 - Service: ScriptBlocking Service (SBService) - Unknown owner - C:\PROGRA~1\FLLES~1\SYMANT~1\SCRIPT~1\SBServ.exe (file missing)
O23 - Service: ServiceLayer - Nokia. - C:\Programmer\Flles filer\PCSuite\Services\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Programmer\Flles filer\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - Unknown owner - C:\Programmer\RealVNC\VNC4\WinVNC4.exe" -service (file missing)
Ny bruger
Nybegynder
Opret
Preview
