Hej
Jeg var inde på et par skumle sider igår og så går tingene jo hurtigt, så lige pludselig fik jeg virusalarmer og computeren genstartede af sig selv. Jeg har testet med AVG og Ad-aware, hvor kun Ad-aware fandt nogle småting. Jeg kan dog se at der blandt andet er kommet nye ikoner foran genvejene i foretrukne-listen i explorer, så derfor denne HJT log.
på forhånd tak
Logfile of HijackThis v1.99.1
Scan saved at 07:56:48, on 04-08-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:ProgrammerHPQIAMinasghost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSAGRSMMSG.exe
C:ProgrammerAnalog DevicesSoundMAXSMax4PNP.exe
C:ProgrammerJavajre1.5.0injusched.exe
C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe
C:ProgrammerFælles filerSonicUpdate Managersgtray.exe
C:WINDOWSsystem32dla fswctrl.exe
C:ProgrammerSynapticsSynTPSynTPLpr.exe
C:ProgrammerSynapticsSynTPSynTPEnh.exe
C:ProgrammerHPQQuick Launch ButtonsEabServr.exe
C:ProgrammerHPQHP Wireless AssistantHP Wireless Assistant.exe
C:WINDOWSLogi_MwX.Exe
C:ProgrammerD-Toolsdaemon.exe
C:ProgrammerFælles filerRealUpdate_OB
ealsched.exe
C:ProgrammerQuickTimeqttask.exe
C:ProgrammeriTunesiTunesHelper.exe
C:PROGRA~1GrisoftAVGFRE~1avgcc.exe
C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
C:WINDOWSsystem32ctfmon.exe
C:ProgrammerMessengermsmsgs.exe
C:ProgrammerGoogleGoogle Desktop SearchGoogleDesktop.exe
C:ProgrammerMSN MessengerMsnMsgr.Exe
C:ProgrammerWIDCOMMBluetooth-softwareBTTray.exe
C:ProgrammerInternet ExplorerIEXPLORE.EXE
C:WINDOWSSystem32svchost.exe
C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
C:ProgrammerNetwork AssociatesVirusScanavsynmgr.exe
C:ProgrammerWIDCOMMBluetooth-softwareintwdins.exe
C:ProgrammerFælles filerMicrosoft SharedVS7DEBUGMDM.EXE
C:ProgrammerAnalog DevicesSoundMAXSMAgent.exe
C:WINDOWSsystem32svchost.exe
C:ProgrammerNetwork AssociatesVirusScanVsStat.exe
C:ProgrammerNetwork AssociatesVirusScanVshwin32.exe
C:ProgrammeriPodiniPodService.exe
C:ProgrammerFælles filerNetwork AssociatesMcShieldmcshield.exe
C:ProgrammerNetwork AssociatesVirusScanAvconsol.exe
C:ProgrammerNetwork AssociatesVirusScanWebscanx.exe
C:ProgrammerHPQSHAREDHPQWMI.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerGoogleGoogle Desktop SearchGoogleDesktopIndex.exe
C:ProgrammerGoogleGoogle Desktop SearchGoogleDesktopCrawl.exe
C:WINDOWSsystem32wuauclt.exe
C:ProgrammerPowerArchiverPOWERARC.EXE
C:DOCUME~1SKB03LOKALE~1TempHijackThis.exe
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://www.hp.com[...]
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext =
http://windowsupdate.microsoft.com[...]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:WINDOWSsystem32dla fswshx.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar1.dll
O2 - BHO: HP Credential Manager for ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:ProgrammerHPQIAMBinItIeAddIN.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar1.dll
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [SoundMAXPnP] C:ProgrammerAnalog DevicesSoundMAXSMax4PNP.exe
O4 - HKLM..Run: [SoundMAX] C:ProgrammerAnalog DevicesSoundMAXSmax4.exe /tray
O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavajre1.5.0injusched.exe
O4 - HKLM..Run: [ATIPTA] C:ProgrammerATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [UpdateManager] "C:ProgrammerFælles filerSonicUpdate Managersgtray.exe" /r
O4 - HKLM..Run: [dla] C:WINDOWSsystem32dla fswctrl.exe
O4 - HKLM..Run: [SynTPLpr] C:ProgrammerSynapticsSynTPSynTPLpr.exe
O4 - HKLM..Run: [SynTPEnh] C:ProgrammerSynapticsSynTPSynTPEnh.exe
O4 - HKLM..Run: [eabconfg.cpl] C:ProgrammerHPQQuick Launch ButtonsEabServr.exe /Start
O4 - HKLM..Run: [CognizanceTS] rundll32.exe C:PROGRA~1HPQIAMBinAsTsVcc.dll,RegisterModule
O4 - HKLM..Run: [Cpqset] C:ProgrammerHPQDefault Settingscpqset.exe
O4 - HKLM..Run: [hpWirelessAssistant] "%ProgramFiles%HPQHP Wireless AssistantHP Wireless Assistant.exe"
O4 - HKLM..Run: [WatchDog] C:ProgrammerInterVideoDVD CheckDVDCheck.exe
O4 - HKLM..Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgrammerD-Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [TkBellExe] "C:ProgrammerFælles filerRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "C:ProgrammeriTunesiTunesHelper.exe"
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C:ProgrammerMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Google Desktop Search] "C:ProgrammerGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKCU..Run: [MsnMsgr] "C:ProgrammerMSN MessengerMsnMsgr.Exe" /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: DVD Check.lnk = C:ProgrammerInterVideoDVD CheckDVDCheck.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:ProgrammerLogitechDesktop Messenger8876480ProgramLDMConf.exe
O8 - Extra context menu item: &Google Search - res://c:programmergoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:programmergoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:programmergoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:programmergoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:programmergoogleGoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0in
pjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0in
pjpi150.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=
http://www.hp.com[...]
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com[...]
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com[...]
O18 - Protocol: widimg - {EE7C2AFF-5742-44FF-BD0E-E521B0D3C3BA} - C:WINDOWSsystem32txppanel.dll
O20 - AppInit_DLLs: ASAPHook
O20 - Winlogon Notify: OneCard - C:ProgrammerHPQIAMBinAsWlnPkg.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: AVSync Manager (AvSynMgr) - Unknown owner - C:ProgrammerNetwork AssociatesVirusScanavsynmgr.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:ProgrammerWIDCOMMBluetooth-softwareintwdins.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, L.P. - C:ProgrammerHPQSHAREDHPQWMI.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:ProgrammeriPodiniPodService.exe
O23 - Service: McShield - Unknown owner - C:ProgrammerFælles filerNetwork AssociatesMcShieldmcshield.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:ProgrammerAnalog DevicesSoundMAXSMAgent.exe
--
AMD XP-M 2600+@2400MHz(12x200)|Abit NF7-s ver. 2|MSI Radeon 9800 Pro@XT|2x512MB Corsair Value Select RAM