Først mine symptomer:
Periodisk hænger mit windows. Kan bevæge cursoren rundt, men ikke klikke på noget. Det eneste jeg kan gøre er at trykke CTRL-ALT-DEL, og så snart joblisten kommer frem, virker min maskine igen.
Logfile of HijackThis v1.99.1
Scan saved at 16:07:59, on 10-10-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:ProgrammerFælles filerSymantec SharedccProxy.exe
C:ProgrammerFælles filerSymantec SharedccSetMgr.exe
C:ProgrammerNorton Internet SecurityISSVC.exe
C:ProgrammerFælles filerSymantec SharedSNDSrvc.exe
C:ProgrammerFælles filerSymantec SharedSPBBCSPBBCSvc.exe
C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32rsvc01a.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32rss01a.exe
C:WINDOWSExplorer.EXE
C:ProgrammerJavajre1.5.0_04injusched.exe
C:ProgrammerD-Toolsdaemon.exe
C:ProgrammeriTunesiTunesHelper.exe
C:ProgrammerQuickTimeqttask.exe
C:ProgrammerLogitechiTouchiTouch.exe
C:ProgrammerFælles filerSymantec SharedccApp.exe
C:ProgrammerCyberLinkPowerDVDPDVDServ.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSSOUNDMAN.EXE
C:ProgrammerPicasa2PicasaMediaDetector.exe
C:ProgrammerDynDNS UpdaterDynDNS.exe
C:ProgrammerMicrosoft ActiveSyncWCESCOMM.EXE
C:programmervoipbuster.comvoipbustervoipbuster.exe
C:ProgrammerGoogleGoogle Talkgoogletalk.exe
C:ProgrammerAdobeAcrobat 6.0Distillracrotray.exe
C:ProgrammerVIARAID
aid_tool.exe
C:ProgrammerMSN Toolbar SuiteDS 2.05.0000.1105da-dkinWindowsSearch.exe
C:ProgrammerRainlendarRainlendar.exe
C:ProgrammerRivaTuner v2.0 RC 15.4RivaTuner.exe
C:ProgrammerMSN Toolbar SuiteDS 2.05.0000.1105da-dkinWindowsSearchIndexer.exe
C:ProgrammerCisco SystemsVPN Clientcvpnd.exe
C:Programmerewidosecurity suiteewidoctrl.exe
C:Programmerewidosecurity suiteewidoguard.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C:ProgrammerNorton Internet SecurityNorton AntiVirus
avapsvc.exe
C:WINDOWSsystem32
vsvc32.exe
C:WINDOWSsystem32svchost.exe
C:ProgrammerFælles filerSymantec SharedCCPD-LCsymlcsvc.exe
C:ProgrammerVMwareVMware Workstationvmware-authd.exe
C:WINDOWSsystem32vmnat.exe
C:WINDOWSsystem32vmnetdhcp.exe
C:ProgrammeriPodiniPodService.exe
C:WINDOWSsystem32wuauclt.exe
C:ProgrammerMessengermsmsgs.exe
C:Documents and SettingsThomasSkrivebordhijackthis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks
O1 - Hosts: 217.157.56.194 timax
O1 - Hosts: 217.157.56.194 planx
O1 - Hosts: 217.157.56.194 mediax
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0AcrobatActiveXAcroIEHelper.dll
O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:ProgrammerFælles filerSymantec SharedAdBlockingNISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:ProgrammerAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar SuiteTB 2.05.0000.1105da-dkmsntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton Internet SecurityNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:ProgrammerFælles filerSymantec SharedAdBlockingNISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton Internet SecurityNorton AntiVirusNavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:ProgrammerAdobeAcrobat 6.0AcrobatAcroIEFavClient.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:ProgrammerMSN Toolbar SuiteTB 2.05.0000.1105da-dkmsntb.dll
O4 - HKLM..Run: [PtiuPbmd] Rundll32.exe ptipbm.dll,SetWriteBack
O4 - HKLM..Run: [SunJavaUpdateSched] C:ProgrammerJavajre1.5.0_04injusched.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "C:ProgrammerD-Toolsdaemon.exe" -lang 1033 -lock
O4 - HKLM..Run: [iTunesHelper] C:ProgrammeriTunesiTunesHelper.exe
O4 - HKLM..Run: [QuickTime Task] "C:ProgrammerQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [zBrowser Launcher] C:ProgrammerLogitechiTouchiTouch.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [ccApp] "C:ProgrammerFælles filerSymantec SharedccApp.exe"
O4 - HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe /Consumer
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [RemoteControl] C:ProgrammerCyberLinkPowerDVDPDVDServ.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [Picasa Media Detector] C:ProgrammerPicasa2PicasaMediaDetector.exe
O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background
O4 - HKCU..Run: [DynDNS Updater] "C:ProgrammerDynDNS UpdaterDynDNS.exe"
O4 - HKCU..Run: [H/PC Connection Agent] "C:ProgrammerMicrosoft ActiveSyncWCESCOMM.EXE"
O4 - HKCU..Run: [NBJ] "C:ProgrammerAheadNero BackItUpNBJ.exe"
O4 - HKCU..Run: [VoipBuster] "C:programmervoipbuster.comvoipbustervoipbuster.exe" -nosplash -minimized
O4 - HKCU..Run: [googletalk] "C:ProgrammerGoogleGoogle Talkgoogletalk.exe" /autostart
O4 - Startup: Rainlendar.lnk = C:ProgrammerRainlendarRainlendar.exe
O4 - Startup: RivaTuner.lnk = C:ProgrammerRivaTuner v2.0 RC 15.4RivaTuner.exe
O4 - Global Startup: Acrobat Assistant.lnk = C:ProgrammerAdobeAcrobat 6.0Distillracrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = ?
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:ProgrammerAdobeAcrobat 7.0Reader
eader_sl.exe
O4 - Global Startup: VIA RAID TOOL.lnk = C:ProgrammerVIARAID
aid_tool.exe
O4 - Global Startup: VPN Client.lnk = ?
O4 - Global Startup: Windows-pc-søgning.lnk = C:ProgrammerMSN Toolbar SuiteDS 2.05.0000.1105da-dkinWindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:ProgrammerMSN Toolbar SuiteTB 2.05.0000.1105da-dkmsntb.dll/search.htm
O8 - Extra context menu item: Download alle med Net Transport - C:ProgrammerXiNetTransport 2NTAddList.html
O8 - Extra context menu item: Download med Net Transport - C:ProgrammerXiNetTransport 2NTAddLink.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:ProgrammerMSN Toolbar SuiteTAB 2.05.0000.1105da-dkmsntabres.dll/229?6654c5a0d40940a9922f442d134c8b
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:ProgrammerMSN Toolbar SuiteTAB 2.05.0000.1105da-dkmsntabres.dll/230?6654c5a0d40940a9922f442d134c8b
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_04in
pjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:ProgrammerJavajre1.5.0_04in
pjpi150_04.dll
O9 - Extra button: Opret Foretrukken på mobil enhed - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:ProgrammerMicrosoft ActiveSyncinetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgrammerMicrosoft ActiveSyncinetrepl.dll
O9 - Extra 'Tools' menuitem: Opret Foretrukken på mobil enhed... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:ProgrammerMicrosoft ActiveSyncinetrepl.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:ProgrammerIrfanViewEbayEbay.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:ProgrammerMessengermsmsgs.exe
O16 - DPF: {001EE746-A1F9-460E-80AD-269E088D6A01} (Infotl Control) -
http://site.ebrary.com[...]
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (FilePlanet Download Control Class) -
http://www.fileplanet.com[...]
O16 - DPF: {8EC18CE2-D7B4-11D2-88C8-006008A717FD} (NCSView Class) -
http://www.kortal.dk[...]
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) -
https://netbank.danskebank.dk[...]
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:WINDOWSsystem32rsvc01a.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedccSetMgr.exe
O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:ProgrammerCisco SystemsVPN Clientcvpnd.exe
O23 - Service: ewido security suite control - ewido networks - C:Programmerewidosecurity suiteewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:Programmerewidosecurity suiteewidoguard.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:ProgrammeriPodiniPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:ProgrammerNorton Internet SecurityISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:ProgrammerNorton Internet SecurityNorton AntiVirus
avapsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32
vsvc32.exe
O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:WINDOWSsystem32oodag.exe
O23 - Service: SAVScan - Symantec Corporation - C:ProgrammerNorton Internet SecurityNorton AntiVirusSAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:PROGRA~1FLLESF~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedSNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:ProgrammerFælles filerSymantec SharedSecurity CenterSymWSC.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:ProgrammerVMwareVMware Workstationvmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:WINDOWSsystem32vmnetdhcp.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:WINDOWSsystem32vmnat.exe
--
Curling - Fordi dværgkast er ulovligt