Logfile of HijackThis v1.99.1
Scan saved at 14:50:51, on 16-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Sophos SWEEP for NT\ICMON.EXE
C:\Programmer\Sophos\Remote Update\imonitor.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Programmer\Sophos\Remote Update\cachemgr.exe
C:\Programmer\ewido anti-malware\ewidoctrl.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\Programmer\Sophos SWEEP for NT\SWNETSUP.EXE
C:\Programmer\Sophos SWEEP for NT\SWEEPSRV.SYS
C:\WINDOWS\system32\wdfmgr.exe
C:\Programmer\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Documents and Settings\Louise Turner\Skrivebord\hjt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Genvej til egenskabsside for High Definition Audio] HDAShCut.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [InstantOn] "C:\Program Files\CyberLink\PowerCinema Linux\ion_install.exe" /c
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programmer\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterCheck Monitor.LNK = C:\Programmer\Sophos SWEEP for NT\ICMON.EXE
O4 - Global Startup: Remote Update Monitor.lnk = C:\Programmer\Sophos\Remote Update\imonitor.exe
O8 - Extra context menu item: &Google Search -
res://c:\programmer\google\GoogleToolbar2.dll/cmsearch.htmlO8 - Extra context menu item: &Translate English Word -
res://c:\programmer\google\GoogleToolbar2.dll/cmwordtrans.htmlO8 - Extra context menu item: Backward Links -
res://c:\programmer\google\GoogleToolbar2.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page -
res://c:\programmer\google\GoogleToolbar2.dll/cmcache.htmlO8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Similar Pages -
res://c:\programmer\google\GoogleToolbar2.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English -
res://c:\programmer\google\GoogleToolbar2.dll/cmtrans.htmlO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Programmer\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CCF205E-0BC6-4A12-A9DC-BF055A4C3734}: NameServer = 130.225.127.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CCF205E-0BC6-4A12-A9DC-BF055A4C3734}: NameServer = 130.225.127.34
O18 - Protocol: ncbi8 - {2B576DD3-0B3E-4718-BCBF-B15E4FB8009D} - C:\Programmer\Invitrogen\Vector NTI Advance 9\Ncbi.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Sophos Cache Manager (CacheMgr) - SOPHOS Plc - C:\Programmer\Sophos\Remote Update\cachemgr.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
O23 - Service: Sophos Anti-Virus Network (SweepNet) - Sophos Plc - C:\Programmer\Sophos SWEEP for NT\SWNETSUP.EXE
O23 - Service: Sophos Anti-Virus (SWEEPSRV.SYS) - Sophos Plc - C:\Programmer\Sophos SWEEP for NT\SWEEPSRV.SYS