Logfile of HijackThis v1.99.1
Scan saved at 20:34:46, on 26-02-2005
Skulle her være en til stede der ku hjælpe med denne log
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\CCSETMGR.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\CCEVTMGR.EXE
C:\PROGRAMMER\NORTON INTERNET SECURITY\ISSVC.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\CCPROXY.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\PELMICED.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\CFGSAFE\AUTOCHK.EXE
C:\IBMTOOLS\APTEZBTN\APTEZBP.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAMMER\ADAPTEC\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\CCAPP.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE
C:\PROGRAMMER\FæLLES FILER\ADAPTEC SHARED\CREATECD\CREATECD50.EXE
C:\PROGRAMMER\SONY CORPORATION\IMAGE TRANSFER\SONYTRAY.EXE
C:\PROGRAMMER\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOSTR05.EXE
C:\PROGRAMMER\HEWLETT-PACKARD\HP OFFICEJET T SERIES 9X\BIN\HPOVDX05.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\SNDSRVC.EXE
C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAMMER\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMER\FæLLES FILER\SYMANTEC SHARED\ADBLOCKING\NSMDTR.EXE
C:\SPYBOTSD13.EXE
C:\WINDOWS\TEMP\IS-SMM5S.TMP\IS-8AM52.TMP
C:\PROGRAMMER\SPYBOT - SEARCH & DESTROY\SPYBOTSD.EXE
C:\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://c:\windows\TEMP\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - c:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {E29012C0-F97A-433A-8AAD-A49D14B20C04} - C:\WINDOWS\SYSTEM\EIBMCAA.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - c:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL
O4 - HKLM\..\Run: [Mouse Suite 98 Daemon] PELMICED.EXE
O4 - HKLM\..\Run: [Job-oversigt] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [Skan registreringsdatabase] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [ConfigSafe] C:\CFGSAFE\AUTOCHK.EXE
O4 - HKLM\..\Run: [AEZBProc] c:\ibmtools\aptezbtn\aptezbp.exe
O4 - HKLM\..\Run: [Set Drive Letter to G:] C:\\GDRIVE.EXE -N
O4 - HKLM\..\Run: [ZIBMACC] c:\windows\rundll.exe setupx.dll,InstallHinfSection DefaultInstall 128 C:\WINDOWS\INF\ZIBMACC.INF
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] c:\windows\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [AdaptecDirectCD] "c:\Programmer\Adaptec\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM\..\Run: [ccApp] "c:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec Core LC] C:\Programmer\Fælles filer\Symantec Shared\CCPD-LC\symlcsvc.exe start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMON.EXE
O4 - HKLM\..\Run: [CreateCD50] C:\PROGRA~1\FÆLLES~1\ADAPTE~1\CREATECD\CREATE~1.EXE -r
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\RunServices: [Planlægningsagent] c:\windows\SYSTEM\mstask.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\RunServices: [ccSetMgr] "c:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe"
O4 - HKLM\..\RunServices: [ccEvtMgr] "c:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe"
O4 - HKLM\..\RunServices: [ISSVC] "c:\Programmer\Norton Internet Security\ISSVC.exe"
O4 - HKLM\..\RunServices: [ccProxy] c:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Programmer\Fælles filer\Symantec Shared\Script Blocking\SBServ.exe" -reg
O4 - Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Image Transfer.lnk = C:\Programmer\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Startup: HP OfficeJet T Series Startup.lnk = C:\Programmer\Hewlett-Packard\HP OfficeJet T Series 9x\Bin\HPOstr05.exe
O8 - Extra context menu item: Åbn ramme i nyt vin&due - C:\WINDOWS\WEB\frm2new.htm
O8 - Extra context menu item: &Fremhæv - C:\WINDOWS\WEB\highlight.htm
O8 - Extra context menu item: &Web-søgning - C:\WINDOWS\WEB\selsearch.htm
O8 - Extra context menu item: Liste over h&yperlinks - C:\WINDOWS\WEB\urllist.htm
O8 - Extra context menu item: Zoom &ind - C:\WINDOWS\WEB\zoomin.htm
O8 - Extra context menu item: &Zoom ud - C:\WINDOWS\WEB\zoomout.htm
O8 - Extra context menu item: L&iste over billeder - C:\WINDOWS\Web\imglist.htm
O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL/cmsearch.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL/cmcache.html
O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL/cmsimilar.html
O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\DOWNLOADED PROGRAM FILES\GOOGLENAV.DLL/cmbacklinks.html
O9 - Extra button: RealGuide - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_01\bin\npjpi150_01.dll
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) -
http://toolbar.google.com/data/da/deleon/1.1.62-deleon/GoogleNav.cab
O18 - Filter: text/html - {995ADC12-122B-4DB7-A5A5-18EFD77A33DF} - C:\WINDOWS\SYSTEM\EIBMCAA.DLL
O18 - Filter: text/plain - {995ADC12-122B-4DB7-A5A5-18EFD77A33DF} - C:\WINDOWS\SYSTEM\EIBMCAA.DLL
Mvh Sune