hej stl_s
her er den første
File C:\WINDOWS\system32\BO2802040113.dll tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\WINDOWS\system32\cglbar.dll tagged as not-a-virus:AdWare.Win32.LiveCam. No Action Taken.
File C:\WINDOWS\system32\Denmark_dude-uninstall.exe tagged as not-a-virus:Dialer.Win32.gen. No Action Taken.
File C:\WINDOWS\system32\Mservice.0ll infected by "Trojan-Downloader.Win32.Wintrim.cj" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Gæst.MEDION-HHB6L09L.000\Lokale indstillinger\Temp\Tvm.upd tagged as not-a-virus:AdWare.Win32.TotalVelocity.s. No Action Taken.
File C:\Programmer\MSN Messenger\riched20.dll tagged as not-a-virus:AdTool.Win32.MyWebSearch. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\23A34828.exe tagged as not-a-virus:Porn-Dialer.Win32.Generic. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\23A34828.exe tagged as not-a-virus:Porn-Dialer.Win32.Generic. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.1\sexyFLAT.0xe infected by "Trojan.Win32.Dialer.cj" Virus. Action Taken: File Deleted.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.4\HDPlugin1015.dll tagged as not-a-virus:AdWare.Win32.Gator.1015. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.5\HDPlugin1015.dll tagged as not-a-virus:AdWare.Win32.Gator.1015. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\CONFLICT.6\HDPlugin1015.dll tagged as not-a-virus:AdWare.Win32.Gator.1015. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\cssweb.dll tagged as not-a-virus:AdWare.Win32.CSSWeb.b. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\sexyFLAT.0xe infected by "Trojan.Win32.Dialer.cj" Virus. Action Taken: File Deleted.
File C:\WINDOWS\Downloaded Program Files\StripSaver_116.EXE tagged as not-a-virus:Porn-Downloader.Win32.StripSaver.a. No Action Taken.
File C:\WINDOWS\system32\BO2802040113.dll tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\WINDOWS\system32\cglbar.dll tagged as not-a-virus:AdWare.Win32.LiveCam. No Action Taken.
File C:\WINDOWS\system32\Denmark_dude-uninstall.exe tagged as not-a-virus:Dialer.Win32.gen. No Action Taken.
Og her er hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 20:22:14, on 15-01-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TDCKAB~1\backweb\7791805\Program\SERVIC~1.EXE
C:\WINDOWS\System32\cisvc.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\backweb\7791805\Program\fspex.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\fsgk32st.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\backweb\7791805\program\fsbwsys.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\FSGK32.EXE
C:\WINDOWS\SOINTGR.EXE
C:\Programmer\QuickTime\qttask.exe
C:\WINDOWS\system32\LXSUPMON.EXE
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FSMA32.EXE
C:\Programmer\Java\jre1.5.0_09\bin\jusched.exe
C:\Programmer\Support.com\bin\tgcmd.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FSM32.EXE
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\fssm32.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\FSGUI\ispnews.exe
C:\WINDOWS\essspk.exe
C:\WINDOWS\VM_STI.EXE
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Programmer\Softwin\BitDefender8\bdnagent.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Fælles filer\Softwin\BitDefender Scan Server\bdss.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FCH32.EXE
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FAMEH32.EXE
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\fsrw.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\FWES\Program\fsdfwd.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\PROGRA~1\TDCKAB~1\ANTI-S~1\fsaw.exe
C:\Programmer\TDC Kabel TV Sikkerhedspakke\FSGUI\fsguidll.exe
C:\Documents and Settings\Ejer\Dokumenter\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://dk.msn.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programmer\Fælles filer\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: TDC Online - {D37808DE-D46B-4DCC-95F8-188E33B95B36} - C:\PROGRA~1\TDCONL~1\TDCOBar.dll
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [LXSUPMON] C:\WINDOWS\system32\LXSUPMON.EXE RUN
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [hcenter] "C:\Programmer\Support.com\bin\tgcmd.exe" /server /startmonitor
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programmer\TDC Kabel TV Sikkerhedspakke\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programmer\TDC Kabel TV Sikkerhedspakke\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Programmer\TDC Kabel TV Sikkerhedspakke\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [EssSpkPhone] essspk.exe
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE USB PC Camera 301P
O4 - HKLM\..\Run: [BDMCon] "C:\Programmer\Softwin\BitDefender8\bdmcon.exe"
O4 - HKLM\..\Run: [BDNewsAgent] "C:\Programmer\Softwin\BitDefender8\bdnagent.exe"
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: OpenOffice.org 2.0.lnk = C:\Programmer\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: TDC Kabel TV Sikkerhedspakke.lnk = C:\Programmer\TDC Kabel TV Sikkerhedspakke\backweb\7791805\Program\fspex.exe
O8 - Extra context menu item: &Bloker dette pop up-vindue - C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Windows Live Search - res://C:\Programmer\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Send til &Bluetooth - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Tilføj Link Til Online Bookmark - Res://C:\Programmer\TDC Online Menubar\TDCOBar.dll/ADDBOOKMARKLINK_HTM
O8 - Extra context menu item: Tilføj Til Online Bookmark - Res://C:\Programmer\TDC Online Menubar\TDCOBar.dll/ADDBOOKMARK_HTM
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/229?08e40d29738c459cb17699b907325747
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:\Programmer\Windows Live Toolbar\Components\da-dk\msntabres.dll.mui/230?08e40d29738c459cb17699b907325747
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Internet Explorer-beskyttelse - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Internet Explorer-beskyttelse... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {1221EA33-878F-4672-B799-05DAAF1298CF} (sysinfo1 Class) -
http://resources.tele2.dk/privat/internet/pctest/systeminfo1.dll
O16 - DPF: {498A0AC2-A3AC-11D4-80A9-0050DA680987} (HearMe (Firewall) Voice Control) -
http://www.englishtown.com/EtownResources/HearMe/hmvcfe.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {53B3ABEA-4445-44D9-A01E-088144CAABD9} (FileSharingCtrl Class) -
http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/da/filesharingctrl.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {7AEBACC1-D7E4-4360-B520-6DA4C565B42C} (UploaderCtrl Class) -
http://foto.tdconline.dk/upload-classes/Uploader.cab
O16 - DPF: {81296632-05C2-4A99-8271-77EBCFE7844A} (NPEVPCFG.UserControl1) -
http://www.talkglobally.com/confighelp/NPEVPCFG.CAB
O16 - DPF: {9524BF70-90B6-48BE-BD81-A945EDC6EC17} (NetdebitSecureModule Control) -
http://www.netdebit-dialer.de/NetDebitSecureModule.cab
O16 - DPF: {9A54032D-31F7-400D-B184-83B33BDE65FA} (MSN File Upload Control) -
http://sc.groups.msn.com/controls/FileUC/MsnUpld.cab
O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C3DFA998-A486-11D4-AA25-00C04F72DAEB} (MSN Photo Upload Tool) -
http://sc.groups.msn.com/controls/PhotoUC/MsnPUpld.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) -
http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {D4003A01-9B2C-4E24-9CD2-8D7DB1BDE096} (De Gule Sider) -
http://www.degulesider.dk/tool/DGSCab.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O16 - DPF: {DC765522-D5BE-49C9-AF5F-8C715A44BA28} (MS Investor Ticker) -
http://fdl.msn.com/public/investor/v9.5/ticker.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) -
http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
http://download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4375/mcfscan.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
http://chat.msn.com/bin/msnchat45.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: TDC Kabel TV Sikkerhedspakke (BackWeb Plug-in - 7791805) - BackWeb Technologies Inc. - C:\PROGRA~1\TDCKAB~1\backweb\7791805\Program\SERVIC~1.EXE
O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Programmer\Fælles filer\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programmer\TDC Kabel TV Sikkerhedspakke\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programmer\TDC Kabel TV Sikkerhedspakke\backweb\7791805\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programmer\TDC Kabel TV Sikkerhedspakke\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Programmer\TDC Kabel TV Sikkerhedspakke\Common\FSMA32.EXE
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Programmer\Fælles filer\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
mvh volvo52