Logfile of HijackThis v1.98.0
Scan saved at 22:38:58, on 03-07-2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/csrss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/system32/spoolsv.exe
C:/WINDOWS/Explorer.EXE
C:/Programmer/Java/j2re1.4.2_01/bin/jusched.exe
C:/Programmer/QuickTime/qttask.exe
C:/WINDOWS/System32/P2P Networking/P2P Networking.exe
C:/Programmer/MSN Messenger/MsnMsgr.Exe
C:/Programmer/Webroot/Spy Sweeper/SpySweeper.exe
C:/WINDOWS/System32/wuauclt.exe
C:/Programmer/Internet Explorer/iexplore.exe
C:/Programmer/Lavasoft/Ad-aware 6/Ad-aware.exe
C:/Documents and Settings/Bjarke Lassen/Skrivebord/hijackthis.exe
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.gjk.dk/netadmin/inet.php
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Default_Page_URL = file://C:/APPS/IE/offline/dan.htm
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Search Bar = file://C:/DOCUME~1/BJARKE~1/LOKALE~1/Temp/sp.html
R0 - HKLM/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.gjk.dk/netadmin/inet.php
R1 - HKCU/Software/Microsoft/Internet Explorer/Search,SearchAssistant = file://C:/DOCUME~1/BJARKE~1/LOKALE~1/Temp/sp.html
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,HomeOldSP = about:blank
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Window Title = Packard Bell
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: PerfectNavBHO Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:/PROGRA~1/PERFEC~1/BHO/PERFEC~1.DLL (file missing)
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - C:/PROGRA~1/PERFEC~1/BHO/PERFEC~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: (no name) - {B5CC56DB-5467-48E4-A399-812AD85A8477} - C:/WINDOWS/System32/kjl.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINDOWS/System32/msdxm.ocx
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:/Programmer/MSN Toolbar/01.01.1629.0/da/msntb.dll
O4 - HKLM/../Run: [SiS KHooker] C:/WINDOWS/System32/khooker.exe
O4 - HKLM/../Run: [SunJavaUpdateSched] C:/Programmer/Java/j2re1.4.2_01/bin/jusched.exe
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [P2P Networking] C:/WINDOWS/System32/P2P Networking/P2P Networking.exe /AUTOSTART
O4 - HKLM/../Run: [KAZAA] C:/Programmer/Kazaa/Kazaa.exe /SYSTRAY
O4 - HKCU/../Run: [MsnMsgr] “C:/Programmer/MSN Messenger/MsnMsgr.Exe” /background
O4 - HKCU/../Run: [SpySweeper] “C:/Programmer/Webroot/Spy Sweeper/SpySweeper.exe” /0
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: GStartup.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=file://C:/APPS/IE/offline/dan.htm
O16 - DPF: {11111111-1111-1111-1111-111111111171} - ms-its:mhtml:file://c://nosuch.mht!http://line-plus.com/newhelp.chm::/newhelp.exe
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
bortset fra P2P og Kazaa som vi ikke kan anbefale. Der bliver spredt rigtig meget snavs via fildeling.
