Hej Hol'er...(armageddon)
Håber at i gider lige at tjekke min venindes log...
På forhånd tak...
//Kim In Chul
Logfile of HijackThis v1.97.7
Scan saved at 19:50:04, on 18-05-2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSNhksrv.exe
C:WINDOWS wain_32SiPixSCBlink2Srvany.exe
C:WINDOWSSystem32CTsvcCDA.EXE
C:WINDOWS wain_32SiPixSCBlink2USBPNP.exe
C:ProgrammerNorton AntiVirus
avapsvc.exe
C:WINDOWSSystem32
vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32MsPMSPSv.exe
C:WINDOWSExplorer.EXE
C:ProgrammerAdaptecEasy CD Creator 5DirectCDDirectCD.exe
C:PROGRA~1NORTON~1
avapw32.exe
C:ProgrammerQuickTimeqttask.exe
C:ProgrammerMicrosoft WorksWksSb.exe
C:WINDOWSSystem32ltmsg.exe
C:WINDOWSDELLMMKB.EXE
C:ProgrammerNuCam CorpCamCheckCamCheck.exe
C:ProgrammerMessenger Plus! 2MsgPlus.exe
C:ProgrammerNetropaOSD.exe
C:PROGRA~1TIMESK~1BurnCreative.exe
C:WINDOWSSystem32ctfmon.exe
C:ProgrammerFælles filerMicrosoft SharedWorks Sharedwkcalrem.exe
C:WINDOWSSystem32wuauclt.exe
C:ProgrammerMSN Messengermsnmsgr.exe
C:ProgrammerMicrosoft OfficeOfficeWINWORD.EXE
C:ProgrammerMicrosoft WorksMSWorks.exe
C:WINDOWSmsagentAgentSvr.exe
C:ProgrammerMicrosoft OfficeOfficePOWERPNT.EXE
C:Documents and SettingsAnna Weile KjaerDokumenterModtagne filerhjt.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://mysearchnow.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://mysearchnow.com[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://mysearchnow.com[...]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.euro.dell.com[...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.euro.dell.com[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://mysearchnow.com[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://mysearchnow.com[...]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.msn.dk[...]
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
http://mysearchnow.com[...]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL =
http://signon.stofanet.dk[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {B95869F1-4678-35AD-D6F0-9CDFB6FBBA08} - C:PROGRA~1OWNSTH~1store logo.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Bat sixth platform - {07456DF1-7151-8C08-9A50-7F31CB9C3C52} - C:PROGRA~1OWNSTH~1store logo.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdreg.exe
O4 - HKLM..Run: [AHQInit] C:ProgrammerCreativeSBLiveProgramAHQInit.exe
O4 - HKLM..Run: [AdaptecDirectCD] "C:ProgrammerAdaptecEasy CD Creator 5DirectCDDirectCD.exe"
O4 - HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1
avapw32.exe
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [Microsoft Works Update Detection] C:ProgrammerMicrosoft WorksWkDetect.exe
O4 - HKLM..Run: [Microsoft Works Portfolio] C:ProgrammerMicrosoft WorksWksSb.exe /AllUsers
O4 - HKLM..Run: [LTWinModem1] ltmsg.exe 9
O4 - HKLM..Run: [DellTouch] C:WINDOWSDELLMMKB.EXE
O4 - HKLM..Run: [CamCheck] C:ProgrammerNuCam Corp.CamCheckCamCheck.exe
O4 - HKLM..Run: [MessengerPlus2] "C:ProgrammerMessenger Plus! 2MsgPlus.exe"
O4 - HKLM..Run: [mfcdaxis] C:PROGRA~1TIMESK~1BurnCreative.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [MessengerPlus2] "C:ProgrammerMessenger Plus! 2MsgPlus.exe" /WinStart
O4 - Global Startup: Microsoft Office.lnk = C:ProgrammerMicrosoft OfficeOfficeOSA9.EXE
O4 - Global Startup: Påmindelser i Microsoft Works Kalender.lnk = ?
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O9 - Extra button: Researcher (HKLM)
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=
http://www.msn.dk[...]
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com[...]
O16 - DPF: {18D9C485-7EEC-4395-95DA-DC3875B10E81} (TEInstallPlugIn) -
http://www.skylinesoft.com[...]
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) -
http://messenger.zone.msn.com[...]
O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:ProgrammerACAD2000AcDcToday.ocx
O16 - DPF: {7A32634B-029C-4836-A023-528983982A49} (MSN Chat Control 4.2) -
http://fdl.msn.com[...]
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com[...]
O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:ProgrammerACAD2000InstBanr.ocx
O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:ProgrammerACAD2000InstFred.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com[...]
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) -
https://netbank.bgbank.dk[...]
O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:ProgrammerACAD2000AcPreview.ocx
O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) -
https://netbank.bgbank.dk[...]
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com[...]
--