Log efter installering af virusprogram 010 limien liogger der bare stadig
Logfile of HijackThis v1.99.1
Scan saved at 22:13:03, on 19-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAMMER\AVPERSONALPREMIUM\AVGUARD.EXE
C:\PROGRAMMER\AVPERSONALPREMIUM\AVESVC.EXE
C:\Programmer\AVPersonalPremium\AVWUPSRV.EXE
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\BitGuard\Firewall\Firewall.Exe
C:\PROGRA~1\BitGuard\Firewall\FireSvc.Exe
C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\Programmer\UPHClean\uphclean.exe
C:\PROGRAMMER\AVPERSONALPREMIUM\AVMAILC.EXE
C:\WINDOWS\System32\alg.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Programmer\AVPersonalPremium\AVGNT.EXE
C:\Programmer\AVPersonalPremium\AVSCHED32.EXE
C:\Documents and Settings\Marianne\Skrivebord\hijackthis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.dkR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [AVSCHED32] C:\Programmer\AVPersonalPremium\AVSched32.EXE /min
O4 - HKLM\..\Run: [AVGCtrl] "C:\Programmer\AVPersonalPremium\AVGNT.EXE" /min
O4 - HKLM\..\Run: [SBAutoUpdate] "C:\Programmer\SpywareBlaster\sbautoupdate.exe"
O4 - HKLM\..\Run: [THGuard] "C:\Programmer\TrojanHunter 4.2\THGuard.exe"
O4 - HKCU\..\Run: [IE Privacy Keeper] "C:\Programmer\UnH Solutions\IE Privacy Keeper\IEPrivacyKeeper.exe" -startup
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpamBully 3 for Outlook Express] "C:\Programmer\Axaware\Spam Bully 3 for OE\sb3oe.exe" install
O4 - Global Startup: BitGuard Personal Firewall.lnk = C:\Programmer\BitGuard\Firewall\Firewall.Exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://D:\PROGRA~1\OFFICE11\EXCEL.EXE/3000O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} -
http://downloadcenter.samsung.com/content/common/cab/DjVuControlLite_EN.cabO16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} -
O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) -
https://netbank.danskebank.dk/html/activex/DB/Menu.cabO16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exeO16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://spaces.msn.com//PhotoUpload/MsnPUpld.cabO16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123770539281O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1125337091546O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cabO16 - DPF: {7AEBACC1-D7E4-4360-B520-6DA4C565B42C} (UploaderCtrl Class) -
http://foto.tdconline.dk/upload-classes/Uploader.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/msnmessengersetupdownloader.cabO16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cabO16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IncrediMail) -
http://www5.incredimail.com/contents/setup/downloader/imloader.cabO20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O23 - Service: AntiVir Mail Security Service (AntiVirMailService) - AntiVir PersonalProducts GmbH. - C:\PROGRAMMER\AVPERSONALPREMIUM\AVMAILC.EXE
O23 - Service: AntiVir Service (AntiVirService) - AntiVir PersonalProducts GmbH - C:\PROGRAMMER\AVPERSONALPREMIUM\AVGUARD.EXE
O23 - Service: AVE Service (AVEService) - AntiVir PersonalProducts GmbH - C:\PROGRAMMER\AVPERSONALPREMIUM\AVESVC.EXE
O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Programmer\AVPersonalPremium\AVWUPSRV.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: FirewallService - DanwareSecurity A/S - C:\PROGRA~1\BitGuard\Firewall\FireSvc.Exe
O23 - Service: GhostStartService - Symantec Corporation - C:\PROGRA~1\Symantec\NORTON~1\GHOSTS~2.EXE
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe