Logfile of HijackThis v1.97.7
Scan saved at 00:56:12, on 15-03-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
d:program filescaetrustscanengineInoRpc.exe
d:program filescaetrustscanengineInoRT.exe
d:program filescaetrustscanengineInoTask.exe
D:Program FilesMsn +MsgPlus.exe
D:PROGRA~1caetrustSCANEN~1
ealmon.exe
C:WINDOWSSystem32
vsvc32.exe
C:WINDOWSSystem32
undll32.exe
C:Program FilesAproposClientApropos.exe
D:hjt.exe
R1 - HKCUSoftwareMicrosoftInternet Explorer,SearchURL =
http://www.topsearcher.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchURL =
http://www.topsearcher.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://t.rack.cc[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://t.rack.cc[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://hol.dk[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://www.topsearcher.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://t.rack.cc[...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://t.rack.cc[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://t.rack.cc[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://t.rack.cc[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://www.topsearcher.com[...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://t.rack.cc[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP =
http://t.rack.cc[...]
R3 - URLSearchHook: (no name) - {6CC1C918-AE8B-4373-A5B4-28BA1851E39A} - (no file)
N3 - Netscape 7: user_pref("browser.startup.homepage", "212.10.10.20"); (C:Documents and SettingsChristianApplication DataMozillaProfilesdefault2r357koj.sltprefs.js)
N3 - Netscape 7: user_pref("browser.search.defaultengine", "engine://D%3A%5CProgram%20Files%5CNetscape%5Csearchplugins%5CSBWeb_01.src"); (C:Documents and SettingsChristianApplication DataMozillaProfilesdefault2r357koj.sltprefs.js)
O2 - BHO: (no name) - {01C5BF6C-E699-4CD7-BEA1-786FA05C83AB} - C:Program FilesAproposClientAproposPlugin.dll
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: winlink module - {6CC1C91A-AE8B-4373-A5B4-28BA1851E39A} - C:Documents and SettingsChristianApplication Datawinlinkwinlink.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [SystemSearch] regedit.exe -s c:ie.reg
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe
O4 - HKLM..Run: [sys] regedit -s sys.reg
O4 - HKLM..Run: [CloneCDElbyCDFL] "D:Program FilesCloncdCloneCDElbyCheck.exe" /L ElbyCDFL
O4 - HKLM..Run: [MessengerPlus2] "D:Program FilesMsn +MsgPlus.exe"
O4 - HKLM..Run: [AutoUpdater] C:PROGRA~2AUTOUP~1AUTOUP~1.EXE
O4 - HKLM..Run: [AdvFTPSearchUpdate] C:WINDOWSautoupdate.exe
O4 - HKLM..Run: [Realtime Monitor] d:PROGRA~1caetrustSCANEN~1
ealmon.exe -s
O4 - HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU..Run: [MessengerPlus2] "D:Program FilesMsn +MsgPlus.exe" /WinStart
O4 - Global Startup: GStartup.lnk = C:Program FilesCommon FilesGMTGMT.exe
O12 - Plugin for .mpeg: C:Program FilesInternet ExplorerPLUGINS
pqtplugin3.dll
O16 - DPF: {00000000-0000-0000-0000-000020030000} -
http://www.7adpower.com[...]
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) -
http://download.macromedia.com[...]
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.imgfarm.com[...]
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com[...]
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) -
http://appdirectory.messenger.msn.com[...]
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
http://v4.windowsupdate.microsoft.com[...]
O16 - DPF: {AD7FAFB0-16D6-40C3-AF27-585D6E6453FD} -
http://dload.ipbill.com[...]
O16 - DPF: {AE1C01E3-0283-11D3-9B3F-00C04F8EF466} (HeartbeatCtl Class) -
http://fdl.msn.com[...]
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://scanner.virus112.com[...]
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
https://www.stopzilla.com[...]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com[...]
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} (SysWebTelecomInt Class) -
http://www.sponsoradulto.com[...]
Ville blive MEGET glad hvis nogen gad og kigge den igennem!
På forhånd tak. GoA^bOyY
--
Okay
EyeBall Chat: KaninenChristian
ICQ: 331879160