jeg kunne ikke finde den der drweb log :-/
---------------------------------------------------------
ewido anti-malware - Scanningsrapport
---------------------------------------------------------
+ Oprettet den: 17:17:09, 19-04-2006
+ Rapport-Checksum: C673A72B
+ Scanningsresultat:
C:\Documents and Settings\Svendsen\Cookies\svendsen@2o7[1].txt -> TrackingCookie.2o7 : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@adopt.euroclick[1].txt -> TrackingCookie.Euroclick : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@ads.pointroll[2].txt -> TrackingCookie.Pointroll : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@adtech[1].txt -> TrackingCookie.Adtech : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@as-us.falkag[2].txt -> TrackingCookie.Falkag : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@as1.falkag[1].txt -> TrackingCookie.Falkag : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@casalemedia[2].txt -> TrackingCookie.Casalemedia : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@com[1].txt -> TrackingCookie.Com : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@doubleclick[2].txt -> TrackingCookie.Doubleclick : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@fastclick[1].txt -> TrackingCookie.Fastclick : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@media.fastclick[2].txt -> TrackingCookie.Fastclick : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@mediaplex[1].txt -> TrackingCookie.Mediaplex : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@sel.as-eu.falkag[2].txt -> TrackingCookie.Falkag : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@statcounter[1].txt -> TrackingCookie.Statcounter : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@statse.webtrendslive[2].txt -> TrackingCookie.Webtrendslive : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Renset med backup
C:\Documents and Settings\Svendsen\Cookies\svendsen@zedo[2].txt -> TrackingCookie.Zedo : Renset med backup
C:\Programmer\winupdates\a.zip/Setup.exe -> Worm.VB.an : Renset med backup
::Rapport slut
Logfile of HijackThis v1.99.1
Scan saved at 17:17:49, on 19-04-2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\LVComsX.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Svendsen\Skrivebord\vira\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.dkbn.dk/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Sygate\SPF\smc.exe
go do your magic :-)