Her er den så
Logfile of HijackThis v1.99.0
Scan saved at 18:55:47, on 29-12-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:ProgrammerMessenger Plus! 3MsgPlus.exe
C:pstrip.exe
C:valvesteamsteam.exe
C:ProgrammerInternet Exploreriexplore.exe
C:ProgrammerMSN Messengermsnmsgr.exe
C:ProgrammerAVPersonalAVGUARD.EXE
C:ProgrammerAVPersonalAVWUPSRV.EXE
C:WINDOWSSystem32
vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerInternet Exploreriexplore.exe
C:WINDOWSSystem32wuauclt.exe
C:Documents and Settings riztaR_SkrivebordhikHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://wtrfscplmufzulx.us[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://web.udsumimvuyzorjgwqwhubdg.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
http://red.clientapps.yahoo.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page_bak =
http://www.xplayn.com[...]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *hot-searches.com*;*lender-search.com*
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {BFF64E76-F89F-F441-8614-8772DEEFE65F} - C:DOCUME~1 riztaR_APPLIC~1FOURFI~1meal audio.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [Micrsoft LR Config 32] lrcfg32.exe
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavaj2re1.4.2_05injusched.exe
O4 - HKLM..Run: [PowerStrip] c:pstrip.exe
O4 - HKLM..Run: [WildTangent CDA] RUNDLL32.exe "C:ProgrammerWildTangentAppsCDAcdaEngine0400.dll",cdaEngineMain
O4 - HKLM..Run: [manager jugs blue default] C:Documents and SettingsAll UsersApplication DataLinkdefymanagerjugsfork real.exe
O4 - HKLM..Run: [Admilli Service] C:Program FilesAdmilli ServiceAdmilliServ.exe
O4 - HKLM..RunServices: [Micrsoft LR Config 32] lrcfg32.exe
O4 - HKCU..Run: [Steam] "c:valvesteamsteam.exe" -silent
O4 - HKCU..Run: [SpyKiller] C:ProgrammerSpyKillerspykiller.exe /startup
O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart
O4 - HKCU..Run: [Lies trust] C:DOCUME~1 riztaR_APPLIC~1ENCLIN~1coal eggs.exe
O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background
O4 - HKCU..Run: [SpySweeper] "C:ProgrammerWebrootSpy SweeperSpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:ProgrammerMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Search -
http://bar.mywebsearch.com[...]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavaj2re1.4.2_05in
pjpi142_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavaj2re1.4.2_05in
pjpi142_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengerMSMSGS.EXE
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com[...]
O16 - DPF: {33E54F7F-561C-49E6-929B-D7E76D3AFEB1} (Pool Control) -
http://www.worldwinner.com[...]
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} -
http://toolbar.google.com[...]
O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} -
http://ocx1.advnt01.com[...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net[...]
O16 - DPF: {8A94C905-FF9D-43B6-8708-F0F22D22B1CB} (Wwlaunch Control) -
http://www.worldwinner.com[...]
O16 - DPF: {94837F90-A2CA-4A8A-9DA0-B5438EC563EA} -
http://install.wildtangent.com[...]
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com[...]
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com[...]
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://scanner.virus112.com[...]
O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) -
http://81.19.245.211[...]
O16 - DPF: {E5D419D6-A846-4514-9FAD-97E826C84822} (HeartbeatCtl Class) -
http://fdl.msn.com[...]
O23 - Service: AntiVir Service - H+BEDV Datentechnik GmbH - C:ProgrammerAVPersonalAVGUARD.EXE
O23 - Service: AntiVir Update - H+BEDV Datentechnik GmbH, Germany - C:ProgrammerAVPersonalAVWUPSRV.EXE
O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:WINDOWSSystem32
vsvc32.exe
--