Logfile of HijackThis v1.99.0
Scan saved at 11:44:42, on 16-01-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSProgram FilesCommon FilesSymantec SharedccSetMgr.exe
C:WINDOWSProgram FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:ProgrammerNorton AntiVirus
avapsvc.exe
C:ProgrammerNorton AntiVirusIWPNPFMntor.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerCitrixICA Clientssonsvr.exe
C:WINDOWSExplorer.EXE
C:Program FilesLogitechiTouchiTouch.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmm_tray.exe
C:ProgrammerQuickTimeqttask.exe
C:ProgrammerHewlett-PackardPhotoSmartPhoto ImagingHpi_Monitor.exe
C:ProgrammerHewlett-PackardPhotoSmartHP Share-to-Webhpgs2wnd.exe
C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
C:ProgrammerWinampwinampa.exe
C:PROGRA~1LexmarkPHOTOC~1LXBLKsk.exe
C:ProgrammerLexmarkLexmark Photo CenterMemoryCardManager.exe
C:WINDOWSProgram FilesCommon FilesSymantec SharedccApp.exe
C:PROGRA~1HEWLET~1PHOTOS~1HPSHAR~1hpgs2wnf.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1PANICW~1POP-UP~1PSFree.exe
C:ProgrammerLabtecWireless MouseMulMouse.exe
C:WINDOWSsystem32 askmgr.exe
C:ProgrammerWinRARWinRAR.exe
C:DOCUME~1MortenLOKALE~1TempRar$EX00.721HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://www.gkqqlpbmrqhfowdyqthiwjkj.com[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.dr.dk[...]
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar 1.01.1601.0damsntb.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 - HKLM..Run: [zBrowser Launcher] C:Program FilesLogitechiTouchiTouch.exe
O4 - HKLM..Run: [MMTray] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmm_tray.exe
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [CXMon] "C:ProgrammerHewlett-PackardPhotoSmartPhoto ImagingHpi_Monitor.exe"
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:ProgrammerHewlett-PackardPhotoSmartHP Share-to-Webhpgs2wnd.exe
O4 - HKLM..Run: [mmtask] C:Program FilesMUSICMATCHMUSICMATCH Jukeboxmmtask.exe
O4 - HKLM..Run: [WinampAgent] C:ProgrammerWinampwinampa.exe
O4 - HKLM..Run: [LXBLKsk] C:PROGRA~1LexmarkPHOTOC~1LXBLKsk.exe
O4 - HKLM..Run: [MemoryCardManager] C:ProgrammerLexmarkLexmark Photo CenterMemoryCardManager.exe -startup
O4 - HKLM..Run: [licensechinmpegobj] C:Documents and SettingsAll UsersApplication Dataitch style license chinsafe enc.exe
O4 - HKLM..Run: [ccApp] "C:WINDOWSProgram FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [SSC_UserPrompt] C:WINDOWSProgram FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 - HKLM..Run: [NAV CfgWiz] "C:ProgrammerNorton AntiVirusCfgWiz.exe" /GUID {0D7956A2-5A08-4ec2-A72C-DF8495A66016} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKCU..Run: [PopUpStopperFreeEdition] C:PROGRA~1PANICW~1POP-UP~1PSFree.exe
O4 - Global Startup: Labtec Mouse Software 2.0.lnk = C:ProgrammerLabtecWireless MouseMulMouse.exe
O4 - Global Startup: Microsoft Office.lnk = C:ProgrammerMicrosoft OfficeOfficeOSA9.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=
http://www.cybercity.dk[...]
O15 - Trusted Zone:
http://www.download.com[...]
O15 - Trusted Zone:
http://www.panicware.com[...]
O16 - DPF: Profile CAPI 6,0,0,499 -
https://skinfakse.certifikat.dk[...]
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) -
http://downol.dr.dk[...]
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00619BD00001} (Sydbanks NetBank) -
https://netbank.sydbank.dk[...]
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) -
http://security.symantec.com[...]
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) -
https://netbank.danskebank.dk[...]
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} -
http://a1540.g.akamai.net[...]
O16 - DPF: {5F49A4F0-8208-4715-9F14-EA17689E58F5} (MathObj Class) -
https://skinfakse.certifikat.dk[...]
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com[...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net[...]
O16 - DPF: {7AEBACC1-D7E4-4360-B520-6DA4C565B42C} (UploaderCtrl Class) -
http://foto.tv2.dk[...]
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (Web Camera Server Control) -
http://212.10.197.34[...]
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com[...]
O16 - DPF: {C771B05E-E725-4516-97A5-4CE5EB163CFB} -
http://www.audioweb.fr[...]
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://www.eb.dk[...]
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) -
https://netbank.danskebank.dk[...]
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://www.smgradio.com[...]
O23 - Service: Symantec Event Manager - Symantec Corporation - C:WINDOWSProgram FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:WINDOWSProgram FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:WINDOWSProgram FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: LexBce Server - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation - C:ProgrammerNorton AntiVirus
avapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec Corporation - C:ProgrammerNorton AntiVirusIWPNPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:ProgrammerNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:WINDOWSPROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:WINDOWSProgram FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:WINDOWSProgram FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:WINDOWSsystem32oneLabsvsmon.exe
Her en ny.. har rodet lidt med den siden igår... den spiller ikke helt endnu..
VP
--