Warning: Your computer is under spyware attack!

Prøv dette Link

http://www.google.dk/aclk?sa=l&ai=B7Mk1pkpNSNHIOo6qwgGJnpAHw4yHKYfkif4D4MqwBbDMCwgAEAEYATABOAFQ1Jm80Pz_____AWDR-cKC6AegAbW-j_0DyAEBgAIB2QNZAxJv8EXv5uADEQ&ggladgrp=8576820348853337676&gglcreat=9347839610697456613&sig=AGiWqtxWMYHDMze4EjIQH82TIhWsGKx2Gg&q=http://nzpassport.errorsmart.hop.clickbank.net%3F%26gid%3D1067704117%26oid%3D%26aid%3D11986%26yid%3D1NTOGJ394OJMNP4THIUI763NPM0

Logfile of HijackThis v1.99.1
Scan saved at 16:43:50, on 09-06-2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\drivers\services.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\WINDOWS\ATK0100\HControl.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Programmer\Fælles filer\LightScribe\LightScribeControlPanel.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Generic\Power4 Gear\BatteryLife.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Wireless Console 2\wcourier.exe
C:\WINDOWS\sm56hlpr.exe
C:\Program Files\Generic\Generic ChkMail\ChkMail.exe
C:\Programmer\Atheros\ACU.exe
C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Programmer\Alwil Software\Management Tools\mirror\httpd.exe
C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Programmer\Microsoft SQL Server\MSSQL$AVAST\Binn\sqlservr.exe
C:\Programmer\CyberLink\Shared Files\RichVideo.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Programmer\Alwil Software\Management Tools\avEngine.exe
C:\Programmer\Microsoft SQL Server\MSSQL$AVAST\Binn\sqlagent.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exe
C:\WINDOWS\ATK0100\ATKOSD.exe
C:\Programmer\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Programmer\RegistrySmart\RegistrySmart.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://c:/windows/homepage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = file://c:/windows/homepage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = file://c:/windows/homepage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Fælles filer\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {2DEE21FC-96A0-421B-ACBF-05EE08C2C25D} - C:\WINDOWS\system32\atrac.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programmer\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Microsoft copyright - {FFFFFFFF-BBBB-4146-86FD-A722E8AB3489} - sockins32.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM\..\Run: [Wireless Console 2] C:\Programmer\Wireless Console 2\wcourier.exe
O4 - HKLM\..\Run: [ACU] C:\Programmer\Atheros\ACU.exe -nogui
O4 - HKLM\..\Run: [Power_Gear] C:\Program Files\Generic\Power4 Gear\BatteryLife.exe 1
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programmer\Fælles filer\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [LanguageShortcut] C:\Programmer\CyberLink\PowerDVD\Language\Language.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programmer\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe
O4 - HKLM\..\Run: [winlogon] C:\Documents and Settings\min pc\svchost.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [updateMgr] C:\Programmer\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_0
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Programmer\Fælles filer\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [swg] C:\Programmer\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe
O4 - HKCU\..\Run: [winlogon] C:\Documents and Settings\min pc\svchost.exe
O4 - Startup: userinit.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Generic ChkMail.lnk = C:\Program Files\Generic\Generic ChkMail\ChkMail.exe
O4 - Global Startup: Service Manager.lnk = C:\Programmer\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203069805625
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Programmer\Fælles filer\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\FLLESF~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxdev.dll
O21 - SSODL: WebProxy - {66186F05-BBBB-4a39-864F-72D84615C679} - sockins32.dll (file missing)
O23 - Service: Atheros Configuration Service (ACS) - Atheros - C:\WINDOWS\system32\acs.exe
O23 - Service: apcsvra32 - Unknown owner - C:\Programmer\Fælles filer\System\apcsvra.exe
O23 - Service: avast! iAVS4 Mirror HTTP Server (aswHTTPMirror) - Unknown owner - C:\Programmer\Alwil Software\Management Tools\mirror\httpd.exe
O23 - Service: avast! Management Server - Unknown owner - C:\Programmer\Alwil Software\Management Tools\avEngine.exe" /ServiceStart (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Programmer\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Programmer\Fælles filer\LightScribe\LSSrvc.exe
O23 - Service: MSSQL$AVAST - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL$AVAST\Binn\sqlservr.exe" -sAVAST (file missing)
O23 - Service: NBService - Nero AG - C:\Programmer\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Programmer\Fælles filer\Ahead\Lib\NMIndexingService.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Programmer\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Opgavestyring (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe
O23 - Service: SQLAgent$AVAST - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL$AVAST\Binn\sqlagent.EXE" -i AVAST (file missing)

NU MÅ JEG LIGE STOPPE DIG <snif12> !!!
Du linker (tilsyneladende ?) til [ErrorSmart] ???

Det tilhører samme #$¤€%# (Censur) programfamillie som ERRORSAFE -> http://www.grineflip.dk/support/errorsafe/

(=============)

<kristianiversen>: Der er _mange_ uønskede elementer på din PC ifølge din foreløbige log !!!

For at være (mere) sikker på at få det meste med så gennemfør proceduren herfra -> http://www.eksperten.dk/artikler/1123
PS: Brug denne version af HJT -> http://www.trendsecure.com/portal/en-US/_download/HiJackThis.exe

=========

Og se bort fra
Kommentar: snif12
09/06-2008 17:25:38

@Karise Larry--------------Sorry

Hej igen

Jeg vurderede at det ville være lettest at geninstallere boksen efter at have læst hvad I skrev.

Jeg vil fremover bruge den rigtige version af HiJackThis og den guide du henviser til karise_larry.

Tak for diagnosen, vil du have point karise_larry? Så læg et svar.
Der bliver desværre ingen til dig snif12 i denne omgang ;)

Med venlig hilsen
Kristian Iversen

Ping...
(Det var et [svar]...)