CIO Tech Eksperten IT-JOB IT-Kurser Events Podcast Søg

Log ind eller opret profil

Du kan også logge ind via nedenstående tjenester

peterlund83 Nybegynder

19. januar 2006 - 22:34 Der er 13 kommentarer

Problemer med "Your computer is infected" pop-up og meget mere!

Jeg har igennem længere tid bøvlet med en "Your computer is infected" pop-up som viser sig på værktøjslinien. Den installere ligledes helle tiden et betalings anivirus program fra Spyaxe. Dertil er jeg begyndt at få diverse reklame pop-ups, porno mm.
Jeg har forsøgt at fjerne skidtet ved at køre utallige af virusprogrammer desværre uden held. Har også læst en del tråde igennem med personer som har haft samme problem, men intet af det jeg har læst har hjulpet mig.

Her er min hijackthislog:

Logfile of HijackThis v1.98.2
Scan saved at 22:22:17, on 19-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\System32\Ati2evxx.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
J:\WINDOWS\system32\DVDRAMSV.exe
J:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\mssearchnet.exe
J:\WINDOWS\system32\nvctrl.exe
J:\WINDOWS\system32\wscntfy.exe
J:\WINDOWS\Dit.exe
J:\WINDOWS\system32\RunDll32.exe
J:\WINDOWS\system32\PRISMSTA.EXE
J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
J:\WINDOWS\MXOALDR.EXE
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\QuickTime\qttask.exe
J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\Program Files\MSN Messenger\msnmsgr.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
J:\WINDOWS\system32\RAMASST.exe
J:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
J:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
J:\WINDOWS\DitExp.exe
J:\Program Files\Antivirus\hijackthis\hijackthis.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: HomepageBHO - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - J:\WINDOWS\system32\hpB49A.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - j:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - J:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [MXO Auto Loader] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MXOBG] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [msnmsgr] "J:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "J:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PcSync] J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = J:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = J:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google-søgning - res://j:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://j:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Lignende sider - res://j:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://j:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://j:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photocare.dk/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - http://pgdownload.dacom.net/keycrypt/npkcx.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "J:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)

Håber meget at i kan hjælpe!

Bedste hilsner
Peter A. Lund

Synes godt om

pidgeot Nybegynder

19. januar 2006 - 22:35 #1

Du skal lige hente den nyeste version og lave en ny log:

http://www.arlet.dk/hjt.exe

Bemærk at det ikke er sikkert jeg følger op.

Synes godt om

arlet Juniormester

19. januar 2006 - 22:37 #2

Jamen, så kan jeg da bare tage den, når den kommer*S*

Synes godt om

peterlund83 Nybegynder

19. januar 2006 - 22:39 #3

Den kom her:

Logfile of HijackThis v1.99.1
Scan saved at 22:39:16, on 19-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\System32\Ati2evxx.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
J:\WINDOWS\system32\DVDRAMSV.exe
J:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\mssearchnet.exe
J:\WINDOWS\system32\nvctrl.exe
J:\WINDOWS\system32\wscntfy.exe
J:\WINDOWS\Dit.exe
J:\WINDOWS\system32\RunDll32.exe
J:\WINDOWS\system32\PRISMSTA.EXE
J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
J:\WINDOWS\MXOALDR.EXE
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\QuickTime\qttask.exe
J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\Program Files\MSN Messenger\msnmsgr.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
J:\WINDOWS\system32\RAMASST.exe
J:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
J:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
J:\WINDOWS\DitExp.exe
J:\Program Files\Internet Explorer\iexplore.exe
J:\Documents and Settings\Peter Ammentorp Lund\Desktop\hjt.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - {e0103cd4-d1ce-411a-b75b-4fec072867f4} - J:\WINDOWS\system32\hpB49A.tmp
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - j:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - J:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [MXO Auto Loader] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MXOBG] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [msnmsgr] "J:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "J:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [PcSync] J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = J:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = J:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google-søgning - res://j:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://j:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Lignende sider - res://j:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://j:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://j:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photocare.dk/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - http://pgdownload.dacom.net/keycrypt/npkcx.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "J:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - J:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - J:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - J:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - J:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Synes godt om

arlet Juniormester

19. januar 2006 - 22:40 #4

pidgeot -> du eller jeg??

Synes godt om

pidgeot Nybegynder

19. januar 2006 - 22:42 #5

Du skal være så hjertelig velkommen, jeg er ikke i tvivl om at du er langt mere kvalificeret end jeg *G*

Synes godt om

arlet Juniormester

19. januar 2006 - 22:49 #6

Så klarer jeg den*S*

Hent og dobbeltklik på smitRem.exe
http://noahdfear.geekstogo.com/click%20counter/click.php?id=1
Programmet pakker sig ud til mappen smitRem.

Hent Crap Cleaner: http://www.filehippo.com/download_ccleaner/
øverst til højre trykker du >>download latest version<<
Installer programmet, men lad vær med at køre det endnu!
Husk at vælge dansk ved installationen.

Hent Ewido: http://www.ewido.net/en/download/
Klik på Download now. Installer og kør Ewido. Opdater straks efter installationen programmet, (men lad være med at scanne endnu).

-----

Genstart computeren i fejlsikret tilstand(Du skal klikke på f8 tasten under genstarten (ca. lige når der er talt ram), og så vælge fejlsikret tilstand. Er du i tvivl, så klik bare på f8 flere gange.)

-----

Åbn mappen smitRem, og dobbeltklik på RunThis.bat (Følg vejledningen i vinduet.)

Nu skal du køre CCleaner, som du hentede tidligere.
Tryk så på "Renser" i menuen i venstre side.
Under windows fanebladet skal du fjerne hakket i cookies
Nu skal du trykke på knappen "Kør Cleaner" - det gør du mindst 2 gange.
Tryk så på "Problemer" i menuen i venstre side.
Nu skal du trykke på knappen "Skan efter problemer" og efter at den er færdig med skanne på "Udbedre valgte problemer.." Sig ja til at gemme en backup og tryk dernæst på "Udbedre alle valgte problemer" - det gør du mindst 2 gange.
Luk programmet.

Kør nu en fuld scanning med Ewido. Når den er færdig trykker du save report og gemmer rapporten.

Genstart almindeligt, kør et scan med Panda:
http://www.arlet.dk/panda.htm

Klik på Start->Kontrolpanel->Skærm->Skrivebord->Tilpas Skrivebordet->Web fjern flueben i Security Info og View my Active desktop as a web page (Det er ikke sikkert det eksisterer).

Genstart og kom med en frisk Hijackthislog, samt loggen fra Ewido. Find smitfiles.txt via Start/Søg. Kopier også denne log ind.

Synes godt om

peterlund83 Nybegynder

20. januar 2006 - 10:34 #7

Okay her er så den nye hijackthislog, ewido loggen, rapporten fra Panda scanningen og smitfiles.txt:

__________________________________________________________________________________

Logfile of HijackThis v1.99.1
Scan saved at 10:29:55, on 20-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\System32\Ati2evxx.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
J:\WINDOWS\system32\DVDRAMSV.exe
J:\Program Files\ewido anti-malware\ewidoctrl.exe
J:\Program Files\ewido anti-malware\ewidoguard.exe
J:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\WINDOWS\system32\wscntfy.exe
J:\WINDOWS\Dit.exe
J:\WINDOWS\system32\RunDll32.exe
J:\WINDOWS\system32\PRISMSTA.EXE
J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
J:\WINDOWS\DitExp.exe
J:\WINDOWS\MXOALDR.EXE
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\QuickTime\qttask.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
J:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
J:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
J:\WINDOWS\system32\RAMASST.exe
J:\Program Files\Internet Explorer\iexplore.exe
J:\Program Files\Microsoft Office\Office10\WINWORD.EXE
J:\Documents and Settings\Peter Ammentorp Lund\Desktop\hjt.exe

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - j:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [MXO Auto Loader] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MXOBG] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [msnmsgr] "J:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = J:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = J:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google-søgning - res://j:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://j:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Lignende sider - res://j:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://j:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://j:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photocare.dk/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - http://pgdownload.dacom.net/keycrypt/npkcx.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "J:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - J:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - J:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - J:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido security suite control - ewido networks - J:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - J:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - J:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

____________________________________________________________________________________

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 00:43:17, 20-01-2006
+ Report-Checksum: F0FE7B3

+ Scan result:

D:\Messenger Plus 2.1.exe/70000010.exe -> Downloader.Swizzor.g : Cleaned with backup
J:\Documents and Settings\Guest\Cookies\guest@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
J:\Documents and Settings\Guest\Cookies\guest@fastclick[2].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
J:\Documents and Settings\Guest\Cookies\guest@media.fastclick[1].txt -> Spyware.Cookie.Fastclick : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@adtech[2].txt -> Spyware.Cookie.Adtech : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@atdmt[2].txt -> Spyware.Cookie.Atdmt : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@counter2.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@counter9.sextracker[1].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@sextracker[2].txt -> Spyware.Cookie.Sextracker : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
J:\Documents and Settings\Peter Ammentorp Lund\My Documents\Morpheus Shared\Downloads\Flash FXP Keygen (Scanned With Norton AV 2005).exe -> Worm.VB.ca : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040902-214608-858.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040902-220043-501.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040902-222421-607.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040903-071221-209.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040903-073241-500.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Antivirus\hijackthis\backups\backup-20040903-074937-385.dll -> Downloader.Agent.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock Aquarium Desktop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock Control Center v1.92a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock Natural Desktop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock Orion Icons Suite.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock SkinStudio v4.4 Professional.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock Utopia Icon Suite.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\ Stardock WebBlind v1.06 Enhanced.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\1st.Evidence.Remover 2.1-SS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\3D Photo Builder Professional v2.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\AAA Logo 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Absolute.MP3.Splitter.And.Converter 2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Access Lock v2.80.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Adobe Premiere Pro v1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Adultmatchmaker.Sexy.Dreams 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Advanced ZIP Repair v1.6.2.1 Retail.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\AeroTags HTML Password Protector v2.00 F.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\AKRAM Audio Converter v2.8 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Area 51 + ADDONS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\AtomPark TagsLock Pro v2.50 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Avril lavigne - @ AOL Broadband (concert.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Battlefield 2 [FTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Bettergrades English Workout v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Bettergrades Higher English Workout v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Bettergrades Higher Mathematics Quiz v1..zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Bettergrades Mathematics Quiz v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Bettergrades Science Quiz v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Cafe Tacuba - Tiempo Transcurrido.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Capitalism II.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Crazy Factory.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\DirectUpdate 4.04.89 -DIGER.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\DVD Region+CSS Free v5.9.3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\DVD.CD.Data.Burner 6.2.0.537.Keyma.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Ejay DJ MixStation.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\EmEditor Professional 4.13.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\EuroTrip [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Free Internet TV v4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\FruityLoops 5.0.2c.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\FruityLoops 5.02c.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Gadget Tycoon.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Gangsters 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\GoldenHawk.CDRWin 4.0A-ORiO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\GoldenHawk.DAO 4.0A-ORiON.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Grand Theft Auto San Andreas [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Herbie Fully Loaded [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Hitman CodeName 47.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Hotel Giant.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Infected Mushroom - I´m the supervisor.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\InterVideo WinDVD 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\John Lennon - Menlove Ave.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Kaspersky Internet Security 2006 6012.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Kill Bill 1 - Soundtrack.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Kylie Minogue - Fever (Album).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Kylie Minogue - Fever.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\LavaSoft Ad-Aware SE Professional (F.O.S.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Manu Chao - Clandestino.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Master And Commander.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Master Key V3.1.7 (c) 2005 Macinmind.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Maya 6.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\McAfee® Internet Security Suite 7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Money 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Ozzfest - Second stage 2CDs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\PCTools Spyware Doctor 3.2.1.359.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Pirates Of The Caribbean.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Plato DVD Ripper 1.28.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\PM Master v1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Pop up Blocker Pro 7.0.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Rails Across America.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Registry Mechanic 5.0.0.132.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\RussianNow! V9 Deluxe.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Scansoft PDF Converter Pro v3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Shaun of the Dead [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Sim City 3000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\SmartFTP 1.5.988.37-CHiCNCREAM.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Splinter Cell Chaos Theory [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Spyware Doctor 3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Stardock Blog Navigator Pro v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Stardock IconDeveloper Professional v1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Stardock WindowFX v2.12 Enhanced.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Style XP 3.11 Men.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Super Flexible File Synchronizer v2.50.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Suse Linux 9.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\TCP Optimizer.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Team America World Police [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\TechSmithCamtasiaStudio 30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\The Godfather 0.70.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\The Verve - Urban Hymns.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\TurboFTP 4.50 Build 420.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Ulead DVD MovieFactory 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Virtua Cop 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Virtua Tennis.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Warez P2P 2.8 .zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\White Nosie [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Windows 2000 Professional.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\WinReminders 2005 v1.6.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\WinXMedia.CD.MP3.WAV.WMA.Converter 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Woodstock 99' 2CDs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Xpand Rally Technic [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Yetisports Arctic Adventures [FTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Your Uninstaller! 2005 Pro V. 5.0.0.28.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\Morpheus\My Shared Folder\Zone Alarm 5.5.0.94.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Program Files\winupdates\winupdates.exe -> Worm.VB.an : Cleaned with backup
J:\s.tmp -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock Aquarium Desktop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock Control Center v1.92a.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock Natural Desktop.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock Orion Icons Suite.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock SkinStudio v4.4 Professional.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock Utopia Icon Suite.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\ Stardock WebBlind v1.06 Enhanced.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\1st.Evidence.Remover 2.1-SS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\3D Photo Builder Professional v2.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\AAA Logo 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Absolute.MP3.Splitter.And.Converter 2.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Access Lock v2.80.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Adobe Premiere Pro v1.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Adultmatchmaker.Sexy.Dreams 1.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Advanced ZIP Repair v1.6.2.1 Retail.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\AeroTags HTML Password Protector v2.00 F.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\AKRAM Audio Converter v2.8 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Area 51 + ADDONS.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\AtomPark TagsLock Pro v2.50 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Avril lavigne - @ AOL Broadband (concert.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Battlefield 2 [FTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Bettergrades English Workout v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Bettergrades Higher English Workout v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Bettergrades Higher Mathematics Quiz v1..zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Bettergrades Mathematics Quiz v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Bettergrades Science Quiz v1.0 Final.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Cafe Tacuba - Tiempo Transcurrido.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Capitalism II.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Crazy Factory.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\DirectUpdate 4.04.89 -DIGER.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\DVD Region+CSS Free v5.9.3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\DVD.CD.Data.Burner 6.2.0.537.Keyma.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Ejay DJ MixStation.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\EmEditor Professional 4.13.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\EuroTrip [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Free Internet TV v4.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\FruityLoops 5.0.2c.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\FruityLoops 5.02c.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Gadget Tycoon.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Gangsters 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\GoldenHawk.CDRWin 4.0A-ORiO.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\GoldenHawk.DAO 4.0A-ORiON.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Grand Theft Auto San Andreas [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Herbie Fully Loaded [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Hitman CodeName 47.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Hotel Giant.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Infected Mushroom - I´m the supervisor.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\InterVideo WinDVD 7.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\John Lennon - Menlove Ave.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Kaspersky Internet Security 2006 6012.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Kill Bill 1 - Soundtrack.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Kylie Minogue - Fever (Album).zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Kylie Minogue - Fever.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\LavaSoft Ad-Aware SE Professional (F.O.S.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Manu Chao - Clandestino.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Master And Commander.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Master Key V3.1.7 (c) 2005 Macinmind.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Maya 6.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\McAfee® Internet Security Suite 7.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Money 2006.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Ozzfest - Second stage 2CDs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\PCTools Spyware Doctor 3.2.1.359.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Pirates Of The Caribbean.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Plato DVD Ripper 1.28.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\PM Master v1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Pop up Blocker Pro 7.0.5.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Rails Across America.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Registry Mechanic 5.0.0.132.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\RussianNow! V9 Deluxe.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Scansoft PDF Converter Pro v3.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Shaun of the Dead [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Sim City 3000.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\SmartFTP 1.5.988.37-CHiCNCREAM.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Splinter Cell Chaos Theory [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Spyware Doctor 3.2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Stardock Blog Navigator Pro v1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Stardock IconDeveloper Professional v1.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Stardock WindowFX v2.12 Enhanced.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Style XP 3.11 Men.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Super Flexible File Synchronizer v2.50.3.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Suse Linux 9.1.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\TCP Optimizer.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Team America World Police [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\TechSmithCamtasiaStudio 30.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\The Godfather 0.70.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\The Verve - Urban Hymns.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\TurboFTP 4.50 Build 420.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Ulead DVD MovieFactory 4.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Virtua Cop 2.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Virtua Tennis.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Warez P2P 2.8 .zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\White Nosie [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Windows 2000 Professional.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\WinReminders 2005 v1.6.0.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\WinXMedia.CD.MP3.WAV.WMA.Converter 1.0.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Woodstock 99' 2CDs.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Xpand Rally Technic [HTTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Yetisports Arctic Adventures [FTP].zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Your Uninstaller! 2005 Pro V. 5.0.0.28.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\Uploads\Zone Alarm 5.5.0.94.zip/Setup.exe -> Worm.VB.an : Cleaned with backup
J:\WINDOWS\AKKINOJQ.ini:qwklm -> Downloader.Agent.cd : Cleaned with backup
J:\WINDOWS\bootstat.dat:snfbj -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\clock.avi:cvebq -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\CMCDPLAY.INI:wncuu -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\CMIRmDriver.dll:ckalo -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\CMIRmDriver.dll:gnfzg -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\CMIRmDriver.dll:knygl -> Downloader.Agent.cd : Cleaned with backup
J:\WINDOWS\CmiRmRedundDir.exe:uwxgl -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\CMIUninstall.exe:bgekn -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\CMIUninstall.exe:ultrj -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\FeatherTexture.bmp:gasny -> Downloader.WinShow.ak : Cleaned with backup
J:\WINDOWS\FeatherTexture.bmp:lthiu -> Downloader.Agent.cd : Cleaned with backup
J:\WINDOWS\muninst.exe:ktdoc -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\REGLOCS.OLD:ylaqg -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\River Sumida.bmp:aplur -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\River Sumida.bmp:qmkva -> Downloader.Agent.bq : Cleaned with backup
J:\WINDOWS\setdebug.exe:hokdq -> Downloader.WinShow.ak : Cleaned with backup
J:\WINDOWS\Soap Bubbles.bmp:ahtoe -> Downloader.WinShow.ak : Cleaned with backup
J:\WINDOWS\twunk_16.exe:mgaid -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\twunk_32.exe:thwnf -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\unvise32.exe:umgrw -> Downloader.Agent.an : Cleaned with backup
J:\WINDOWS\_default.pif:ywsys -> Downloader.Agent.bq : Cleaned with backup

::Report End

____________________________________________________________________________________

Panda Scanning!
Incident Status Location
Adware:adware/clickalchemy Not disinfected J:\WINDOWS\INF\alchem.inf
Adware:adware/twain-tech Not disinfected J:\WINDOWS\INF\twaintec.inf
Spyware:Cookie/Hbmediapro Not disinfected J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@adopt.hbmediapro[2].txt
Spyware:Cookie/Belnk Not disinfected J:\Documents and Settings\Guest\Cookies\guest@belnk[1].txt
Spyware:Cookie/Belnk Not disinfected J:\Documents and Settings\Guest\Cookies\guest@dist.belnk[2].txt
Spyware:Cookie/Hbmediapro Not disinfected J:\Documents and Settings\Peter Ammentorp Lund\Cookies\peter ammentorp lund@adopt.hbmediapro[2].txt
Potentially unwanted tool:Application/Processor Not disinfected J:\Documents and Settings\Peter Ammentorp Lund\Desktop\smitRem\Process.exe
Potentially unwanted tool:Application/Processor Not disinfected J:\Documents and Settings\Peter Ammentorp Lund\Desktop\smitRem.exe[Process.exe]
Adware:Adware/WUpd Not disinfected J:\Program Files\Antivirus\hijackthis\backups\backup-20040902-172954-444.inf
Adware:Adware/IPInsight Not disinfected J:\WINDOWS\inf\alchem.inf
Adware:Adware/Twain-Tech Not disinfected J:\WINDOWS\inf\twaintec.inf
Virus:W32/Netsky.B.worm Disinfected Local Folders\Inbox\stolen\attachment.rtf.scr ____________________________________________________________________________________

smitRem © log file
version 2.8

by noahdfear

Microsoft Windows XP [Version 5.1.2600]
The current date is: 19-01-2006
The current time is: 23:04:01,20

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

checking for ShudderLTD key

ShudderLTD key not present!

checking for PSGuard.com key

PSGuard.com key not present!

checking for WinHound.com key

WinHound.com key not present!

spyaxe uninstaller NOT present
Winhound uninstaller NOT present
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Existing Pre-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

wiatwain.dll
1024 dir
msvol.tlb
ld****.tmp
mssearchnet.exe
ncompat.tlb
nvctrl.exe
mscornet.exe
hp***.tmp

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
Killing PID 808 'explorer.exe'
Killing PID 808 'explorer.exe'

Starting registry repairs

Deleting files

Remaining Post-run Files

~~~ Program Files ~~~

~~~ Shortcuts ~~~

~~~ Favorites ~~~

~~~ system32 folder ~~~

~~~ Icons in System32 ~~~

~~~ Windows directory ~~~

~~~ Drive root ~~~

~~~ Miscellaneous Files/folders ~~~

~~~ Wininet.dll ~~~

CLEAN! :)

Synes godt om

arlet Juniormester

20. januar 2006 - 10:40 #8

Pænt meget snavs de scannere fandt*S*

Lidt rester er der tilbage..

Kør Hijackthis, scan, sæt flueben ved linien/linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, luk hijackthis igen.

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)

genstart og ny hijackthis

Synes godt om

peterlund83 Nybegynder

20. januar 2006 - 10:46 #9

And here it is! :o)

Logfile of HijackThis v1.99.1
Scan saved at 10:46:06, on 20-01-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
J:\WINDOWS\System32\smss.exe
J:\WINDOWS\system32\winlogon.exe
J:\WINDOWS\system32\services.exe
J:\WINDOWS\system32\lsass.exe
J:\WINDOWS\System32\Ati2evxx.exe
J:\WINDOWS\system32\svchost.exe
J:\WINDOWS\System32\svchost.exe
J:\WINDOWS\system32\spoolsv.exe
J:\WINDOWS\system32\Ati2evxx.exe
J:\WINDOWS\Explorer.EXE
J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
J:\WINDOWS\system32\DVDRAMSV.exe
J:\Program Files\ewido anti-malware\ewidoctrl.exe
J:\Program Files\ewido anti-malware\ewidoguard.exe
J:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
J:\WINDOWS\Dit.exe
J:\WINDOWS\system32\RunDll32.exe
J:\WINDOWS\system32\PRISMSTA.EXE
J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
J:\WINDOWS\DitExp.exe
J:\WINDOWS\MXOALDR.EXE
J:\WINDOWS\System32\svchost.exe
J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
J:\Program Files\iTunes\iTunesHelper.exe
J:\Program Files\QuickTime\qttask.exe
J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
J:\Program Files\MSN Messenger\msnmsgr.exe
J:\WINDOWS\system32\ctfmon.exe
J:\Program Files\iPod\bin\iPodService.exe
J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
J:\WINDOWS\system32\wscntfy.exe
J:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
J:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
J:\WINDOWS\system32\RAMASST.exe
J:\Documents and Settings\Peter Ammentorp Lund\Desktop\hjt.exe

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - j:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] J:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [MXO Auto Loader] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] J:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 - HKLM\..\Run: [MXOBG] J:\WINDOWS\MXOALDR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] J:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "J:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "J:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DataLayer] J:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] J:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKCU\..\Run: [msnmsgr] "J:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] J:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] J:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - Global Startup: Adobe Gamma Loader.lnk = J:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = J:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 - Global Startup: Microsoft Office.lnk = J:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: RAMASST.lnk = J:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Google-søgning - res://j:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Oversæt engelsk ord - res://j:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Lignende sider - res://j:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Tilbage via links - res://j:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Øjebliksbillede af side i cache - res://j:\program files\google\GoogleToolbar2.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - J:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - J:\Program Files\Messenger\msmsgs.exe
O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://sib1.od2.com/common/Member/ClientInstall/10.20.0002/OCI/setup.exe
O16 - DPF: {556DDE35-E955-11D0-A707-000000521957} - http://www.xblock.com/download/xclean_micro.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {A18962F6-E6ED-40B1-97C9-1FB36F38BFA8} (Aurigma Image Uploader 3.0 Control) - http://www.photocare.dk/ImageUploader3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D6FCA8ED-4715-43DE-9BD2-2789778A5B09} - http://pgdownload.dacom.net/keycrypt/npkcx.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "J:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Unknown owner - J:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - J:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - J:\WINDOWS\system32\ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - J:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - J:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: ewido security suite control - ewido networks - J:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - J:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - J:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - J:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - J:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: Retrospect Launcher (RetroLauncher) - Dantz Development Corporation - J:\PROGRA~1\Dantz\RETROS~1\retrorun.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - J:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe

Synes godt om

arlet Juniormester

20. januar 2006 - 10:48 #10

Så er din log ren.

Efter sådan en tur er det altid en god ide og rydde op i dine systemgendannelses filerne.
Deaktiver systemgendannelse ( http://www.arlet.dk/systemgendannelsen.htm ) - genstart din computer - aktiver systemgendannelse.

Generel oprydning: http://www.arlet.dk/oprydning.htm

For at beskytte dig mod snavs har jeg lavet en sikkerhedspakke,
som du kan se her : www.arlet.dk/pakke.htm

Synes godt om

peterlund83 Nybegynder

20. januar 2006 - 10:53 #11

Jeg siger dig tusind tak for din hjælp!
Jeg elsker dette site: Lyn hurtig hjælp og god kompetence!

Synes godt om

arlet Juniormester

20. januar 2006 - 10:56 #12

Velbekommen..

Husk lige at lukke igen ved at marker mit navn i boksen til venstre og trykke accepter

Fortsat god dag

Synes godt om

arlet Juniormester

30. januar 2006 - 12:12 #13

Har du brug for mere hjælp, eller har du fået dit spørgsmål besvaret??, for så skal du huske at lukke dit spørgsmål pænt igen ved at marker mit navn i boksen til venstre og tryk accepter..

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Findes der mon et Antivirus program, som ikke, konstant, reklamerer, for at købe ? Af Ikke-ekspert i Virus	21	22/06/202419:22	23/06/202412:54
Anbefaling af antivirusprogram med firewall Af OnePlusFan i Virus	23	07/05/202421:02	13/05/202419:48
trusler Af gerhardpet i Virus	4	26/01/202410:02	27/01/202408:32
Kan ikke fjerne virus Af mik28 i Virus	16	09/01/202416:37	10/01/202419:59
virusscanning Af JetteD i Virus	2	10/11/202312:55	10/11/202316:36

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS