Logfile of HijackThis v1.99.1
Scan saved at 13:25:34, on 11-12-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe
C:\Programmer\Intel\Wireless\Bin\ZcfgSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TELIAS~1\backweb\9786136\Program\SERVIC~1.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fsgk32st.exe
C:\Programmer\Telia SafeSurf\backweb\9786136\program\fsbwsys.exe
C:\Programmer\Telia SafeSurf\Anti-Virus\FSGK32.EXE
C:\Programmer\Telia SafeSurf\Common\FSMA32.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fssm32.exe
C:\Programmer\Telia SafeSurf\Common\FSMB32.EXE
C:\Programmer\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
C:\Programmer\Telia SafeSurf\Common\FCH32.EXE
C:\Programmer\Telia SafeSurf\Common\FAMEH32.EXE
C:\Programmer\Telia SafeSurf\FSPC\fspc.exe
C:\Programmer\Telia SafeSurf\Anti-Virus\fsav32.exe
C:\Programmer\Telia SafeSurf\FWES\Program\fsdfwd.exe
C:\Programmer\Apoint\Apoint.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Programmer\Telia SafeSurf\Common\FSM32.EXE
C:\Programmer\Apoint\Apntex.exe
C:\Programmer\Telia SafeSurf\FSGUI\ispnews.exe
C:\Programmer\Telia SafeSurf\FSGUI\fsguiexe.exe
C:\Programmer\Digital Line Detect\DLG.exe
C:\Programmer\Telia SafeSurf\backweb\9786136\Program\fspex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Sofie\Skrivebord\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://www.euro.dell.com/R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://g.msn.dk/0SEDADK/SAOS01R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.euro.dell.com/R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O4 - HKLM\..\Run: [Apoint] C:\Programmer\Apoint\Apoint.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BearShare] "C:\Programmer\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programmer\Telia SafeSurf\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programmer\Telia SafeSurf\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programmer\Telia SafeSurf\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Programmer\Telia SafeSurf\FSGUI\ispnews.exe"
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel -
res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: Webfilter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Vis &liste over websteder - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Websidefilter, pause - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Afvis websted - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Tillad websted - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft.com/fwlink/?linkid=39204O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
http://www3.ca.com/securityadvisor/virusinfo/webscan.cabO16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://acs.pandasoftware.com/activescan/as5free/asinst.cabO16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cabO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: IntelWireless - C:\Programmer\Intel\Wireless\Bin\LgNotify.dll
O23 - Service: Telia SafeSurf (BackWeb Plug-in - 9786136) - Unknown owner - C:\PROGRA~1\TELIAS~1\backweb\9786136\Program\SERVIC~1.EXE
O23 - Service: EvtEng - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Programmer\Telia SafeSurf\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Programmer\Telia SafeSurf\backweb\9786136\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programmer\Telia SafeSurf\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Programmer\Telia SafeSurf\FSPC\fshttps\fshttps.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Programmer\Telia SafeSurf\Common\FSMA32.EXE
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Programmer\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
O23 - Service: RegSrvc - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programmer\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programmer\Intel\Wireless\Bin\WLKeeper.exe
