Hey hol
Jeg har sat 1GB nye kingston ram i her i går, og nu er min puter begyndt at genstarte... Jeg tænker at det sikkert er en virus. hvis nogle gider chekke denne, ville jeg blive meget glad.
Logfile of HijackThis v1.99.1
Scan saved at 00:49:14, on 11-06-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerSygateSPFsmc.exe
C:WINDOWSsystem32spoolsv.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32slserv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32svchost.exe
C:ATI-CPanelatiptaxx.exe
C:WINDOWSSOUNDMAN.EXE
C:ProgrammerQuickTimeqttask.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:ProgrammerD-Toolsdaemon.exe
C:PROGRA~1DAPDAP.EXE
C:ProgrammerDU MeterDUMeter.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMSN MessengerMsnMsgr.Exe
C:programmervalvesteamsteam.exe
C:ProgrammerSpybot - Search & DestroyTeaTimer.exe
C:ProgrammerInterVideoCommonBinWinCinemaMgr.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wuauclt.exe
C:ProgrammerAvant Browseravant.exe
C:Documents and SettingsSteffen ThomsenSkrivebordHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.google.dk[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O3 - Toolbar: (no name) - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - (no file)
O4 - HKLM..Run: [ATIPTA] C:ATI-CPanelatiptaxx.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgrammerD-Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [DownloadAccelerator] C:PROGRA~1DAPDAP.EXE /STARTUP
O4 - HKLM..Run: [SmcService] C:PROGRA~1SygateSPFsmc.exe -startgui
O4 - HKLM..Run: [DU Meter] C:ProgrammerDU MeterDUMeter.exe
O4 - HKLM..Run: [UserFaultCheck] %systemroot%system32dumprep 0 -u
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MsnMsgr] "C:ProgrammerMSN MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [Steam] "c:programmervalvesteamsteam.exe" -silent
O4 - HKCU..Run: [SpybotSD TeaTimer] C:ProgrammerSpybot - Search & DestroyTeaTimer.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:ProgrammerAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:ProgrammerInterVideoCommonBinWinCinemaMgr.exe
O8 - Extra context menu item: &Download with &DAP - C:PROGRA~1DAPdapextie.htm
O8 - Extra context menu item: &Yahoo! Search - file:///C: ProgrammerYahoo!Common/ycsrch.htm
O8 - Extra context menu item: Bloker alle billeder fra den samme server - C:ProgrammerAvant BrowserAddAllToADBlackList.htm
O8 - Extra context menu item: Download &all with DAP - C:PROGRA~1DAPdapextie2.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Marker forekomster af ord på denne side - C:ProgrammerAvant BrowserHighlight.htm
O8 - Extra context menu item: Søg på ord - C:ProgrammerAvant BrowserSearch.htm
O8 - Extra context menu item: Tilføj til Ad Blocker - C:ProgrammerAvant BrowserAddToADBlackList.htm
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C: ProgrammerYahoo!Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C: ProgrammerYahoo!Common/ycdict.htm
O8 - Extra context menu item: Åben alle links på denne side... - C:ProgrammerAvant BrowserOpenAllLinks.htm
O9 - Extra button: Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:ProgrammerYahoo!Messengeryhexbmes0521.dll
O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {4528BBE0-4E08-11D5-AD55-00010333D0AD} - C:ProgrammerYahoo!Messengeryhexbmes0521.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - C:PROGRA~1DAPDAP.EXE
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) -
http://messenger.zone.msn.com[...]
O16 - DPF: {01FE8D0A-51AD-459B-B62B-85E135128B32} (DD_v4.DDv4) -
http://www.drivershq.com[...]
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) -
http://downol.dr.dk[...]
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com[...]
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
http://www.cult3d.com[...]
O16 - DPF: {498A0AC2-A3AC-11D4-80A9-0050DA680987} (HearMe (Firewall) Voice Control) -
http://www.englishtown.com[...]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com[...]
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
http://a840.g.akamai.net[...]
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) -
http://messenger.zone.msn.com[...]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) -
http://www.kortal.dk[...]
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
http://www.pandasoftware.com[...]
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com[...]
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) -
http://messenger.zone.msn.com[...]
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:ProgrammerSiSoftwareSiSoftware Sandra Lite 2005RpcDataSrv.exe
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:ProgrammerSiSoftwareSiSoftware Sandra Lite 2005RpcSandraSrv.exe
O23 - Service: SmartLinkService (SLService) - - C:WINDOWSSYSTEM32slserv.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:ProgrammerSygateSPFsmc.exe
På forhånd tak
Med venlig hilsen
Svthomsen
--