Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:34:37, on 26-12-2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\TPSrv.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRAMMER\PANDA SECURITY\PANDA GLOBAL PROTECTION 2009\WebProxy.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Programmer\Seagate\SeagateManager\Sync\FreeAgentService.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Java\jre6\bin\jqs.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\PsCtrls.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
C:\Programmer\Fælles filer\Panda Security\PavShld\pavprsrv.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\pavsrv51.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\AVENGINE.EXE
C:\Programmer\Panda Security\Panda Global Protection 2009\psimsvc.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\PskSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
c:\programmer\panda security\panda global protection 2009\firewall\PSHOST.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Programmer\r\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\acer\epm\epm-dm.exe
C:\Programmer\Launch Manager\QtZgAcer.EXE
C:\Programmer\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE
C:\Programmer\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe
C:\Programmer\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Panda Security\Panda Global Protection 2009\SRVLOAD.EXE
C:\Programmer\Panda Security\Panda Global Protection 2009\PavBckPT.exe
C:\Documents and Settings\Torben Andersen\Dokumenter\HJT\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dk/webhp?rls=igR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://global.acer.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 74.125.45.100 4-open-davinci.com
O1 - Hosts: 74.125.45.100 securitysoftwarepayments.com
O1 - Hosts: 74.125.45.100 privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 secure.privatesecuredpayments.com
O1 - Hosts: 74.125.45.100 getantivirusplusnow.com
O1 - Hosts: 74.125.45.100 secure-plus-payments.com
O1 - Hosts: 74.125.45.100
www.getantivirusplusnow.comO1 - Hosts: 74.125.45.100
www.secure-plus-payments.comO1 - Hosts: 74.125.45.100
www.getavplusnow.comO1 - Hosts: 74.125.45.100 safebrowsing-cache.google.com
O1 - Hosts: 74.125.45.100 urs.microsoft.com
O1 - Hosts: 74.125.45.100
www.securesoftwarebill.comO1 - Hosts: 74.125.45.100 secure.paysecuresystem.com
O1 - Hosts: 74.125.45.100 paysoftbillsolution.com
O1 - Hosts: 74.125.45.100 protected.maxisoftwaremart.com
O1 - Hosts: 67.215.245.21
www.google-analytics.comO1 - Hosts: 95.211.99.109 google.ae
O1 - Hosts: 95.211.99.109 google.as
O1 - Hosts: 95.211.99.109 google.at
O1 - Hosts: 95.211.99.109 google.az
O1 - Hosts: 95.211.99.109 google.ba
O1 - Hosts: 95.211.99.109 google.be
O1 - Hosts: 95.211.99.109 google.bg
O1 - Hosts: 95.211.99.109 google.bs
O1 - Hosts: 95.211.99.109 google.ca
O1 - Hosts: 95.211.99.109 google.cd
O1 - Hosts: 95.211.99.109 google.com.gh
O1 - Hosts: 95.211.99.109 google.com.hk
O1 - Hosts: 95.211.99.109 google.com.jm
O1 - Hosts: 95.211.99.109 google.com.mx
O1 - Hosts: 95.211.99.109 google.com.my
O1 - Hosts: 95.211.99.109 google.com.na
O1 - Hosts: 95.211.99.109 google.com.nf
O1 - Hosts: 95.211.99.109 google.com.ng
O1 - Hosts: 95.211.99.109 google.ch
O1 - Hosts: 95.211.99.109 google.com.np
O1 - Hosts: 95.211.99.109 google.com.pr
O1 - Hosts: 95.211.99.109 google.com.qa
O1 - Hosts: 95.211.99.109 google.com.sg
O1 - Hosts: 95.211.99.109 google.com.tj
O1 - Hosts: 95.211.99.109 google.com.tw
O1 - Hosts: 95.211.99.109 google.dj
O1 - Hosts: 95.211.99.109 google.de
O1 - Hosts: 95.211.99.109 google.dk
O1 - Hosts: 95.211.99.109 google.dm
O1 - Hosts: 95.211.99.109 google.ee
O1 - Hosts: 95.211.99.109 google.fi
O1 - Hosts: 95.211.99.109 google.fm
O1 - Hosts: 95.211.99.109 google.fr
O1 - Hosts: 95.211.99.109 google.ge
O1 - Hosts: 95.211.99.109 google.gg
O1 - Hosts: 95.211.99.109 google.gm
O1 - Hosts: 95.211.99.109 google.gr
O1 - Hosts: 95.211.99.109 google.ht
O1 - Hosts: 95.211.99.109 google.ie
O1 - Hosts: 95.211.99.109 google.im
O1 - Hosts: 95.211.99.109 google.in
O1 - Hosts: 95.211.99.109 google.it
O1 - Hosts: 95.211.99.109 google.ki
O1 - Hosts: 95.211.99.109 google.la
O1 - Hosts: 95.211.99.109 google.li
O1 - Hosts: 95.211.99.109 google.lv
O1 - Hosts: 95.211.99.109 google.ma
O1 - Hosts: 95.211.99.109 google.ms
O1 - Hosts: 95.211.99.109 google.mu
O1 - Hosts: 95.211.99.109 google.mw
O1 - Hosts: 95.211.99.109 google.nl
O1 - Hosts: 95.211.99.109 google.no
O1 - Hosts: 95.211.99.109 google.nr
O1 - Hosts: 95.211.99.109 google.nu
O1 - Hosts: 95.211.99.109 google.pl
O1 - Hosts: 95.211.99.109 google.pn
O1 - Hosts: 95.211.99.109 google.pt
O1 - Hosts: 95.211.99.109 google.ro
O1 - Hosts: 95.211.99.109 google.ru
O1 - Hosts: 95.211.99.109 google.rw
O1 - Hosts: 95.211.99.109 google.sc
O1 - Hosts: 95.211.99.109 google.se
O1 - Hosts: 95.211.99.109 google.sh
O1 - Hosts: 95.211.99.109 google.si
O1 - Hosts: 95.211.99.109 google.sm
O1 - Hosts: 95.211.99.109 google.sn
O1 - Hosts: 95.211.99.109 google.st
O1 - Hosts: 95.211.99.109 google.tl
O1 - Hosts: 95.211.99.109 google.tm
O1 - Hosts: 95.211.99.109 google.tt
O1 - Hosts: 95.211.99.109 google.us
O1 - Hosts: 95.211.99.109 google.vu
O1 - Hosts: 95.211.99.109 google.ws
O1 - Hosts: 95.211.99.109 google.co.ck
O1 - Hosts: 95.211.99.109 google.co.id
O1 - Hosts: 95.211.99.109 google.co.il
O1 - Hosts: 95.211.99.109 google.co.in
O1 - Hosts: 95.211.99.109 google.co.jp
O1 - Hosts: 95.211.99.109 google.co.kr
O1 - Hosts: 95.211.99.109 google.co.ls
O1 - Hosts: 95.211.99.109 google.co.ma
O1 - Hosts: 95.211.99.109 google.co.nz
O1 - Hosts: 95.211.99.109 google.co.tz
O1 - Hosts: 95.211.99.109 google.co.ug
O1 - Hosts: 95.211.99.109 google.co.uk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Hjælp til tilmelding til Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Programmer\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Programmer\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Programmer\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Programmer\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [LaunchApp] Alaunch
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\r\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [EPM-DM] c:\acer\epm\epm-dm.exe
O4 - HKLM\..\Run: [ePowerManagement] C:\Acer\ePM\ePM.exe boot
O4 - HKLM\..\Run: [LManager] C:\Programmer\Launch Manager\QtZgAcer.EXE
O4 - HKLM\..\Run: [APVXDWIN] "C:\Programmer\Panda Security\Panda Global Protection 2009\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Programmer\Panda Security\Panda Global Protection 2009\Inicio.exe"
O4 - HKLM\..\Run: [MaxMenuMgr] "C:\Programmer\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] "C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sony Ericsson PC Suite] "C:\Programmer\Sony Ericsson\Sony Ericsson PC Suite\SEPCSuite.exe" /systray /nologon
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETVÆRKSTJENESTE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.live.com/quickadd.aspxO9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Programmer\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {07D09E9E-C667-45DD-B035-217BC2A61A3B} (ActiveX sikkerhedssoftware Control) -
https://www.portalbank.dk/package/sdc/external/activex/ActiveXSikkerhedssoftware-prod-1.30.cabO16 - DPF: {5D637FAD-E202-48D1-8F18-5B9C459BD1E3} (Image Uploader Control) -
http://express.foto.com/ImageUploader5.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: Seagate Service (FreeAgentGoNext Service) - Seagate Technology LLC - C:\Programmer\Seagate\SeagateManager\Sync\FreeAgentService.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Programmer\Java\jre6\bin\jqs.exe
O23 - Service: Panda Software Controller - Panda Security, S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Security, S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Security, S.L. - C:\Programmer\Fælles filer\Panda Security\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Security, S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\pavsrv51.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\programmer\panda security\panda global protection 2009\firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Security S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\psimsvc.exe
O23 - Service: Panda PSK service (PskSvcRetail) - Panda Security, S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\PskSvc.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Security, S.L. - C:\Programmer\Panda Security\Panda Global Protection 2009\TPSrv.exe
--
End of file - 14145 bytes
Slettet bruger
Slettet bruger
Opret
Preview
