80 for hurtigt tjek af log

Windows 2000

Logfile of HijackThis v1.99.0
Scan saved at 14:06:14, on 21-12-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\WINNT\system32\rundll32.exe
C:\WINNT\Explorer.EXE
C:\WINNT\system32\RunDll32.exe
C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINNT\ASSCFG16.EXE
C:\win.exe
C:\WINNT\SYSTEM32\fqfhhwrp.exe
C:\WINNT\system32\wuapdxe.exe
C:\WINNT\SYSTEM32\bbsdf.exe
C:\WINNT\system32\ffbaqe.exe
C:\WINNT\SYSTEM32\jjkbbk.exe
C:\WINNT\system32\rfc.exe
C:\WINNT\system32\bsc32.exe
C:\WINNT\SYSTEM32\vssddfq.exe
C:\WINNT\system32\spoolsrv.exe
C:\WINNT\SYSTEM32\SDvbp.exe
C:\WINNT\system32\CVAvwwd.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\WINNT\system32\wuapdxe.exe
C:\WINNT\system32\ffbaqe.exe
C:\WINNT\system32\rfc.exe
C:\WINNT\system32\?poolsv.exe
C:\Documents and Settings\Administrator\Application Data\tste.exe
C:\WINNT\system32\spoolsrv.exe
C:\WINNT\system32\CVAvwwd.exe
C:\Programmer\SpywareGuard\sgmain.exe
C:\Programmer\SpywareGuard\sgbhp.exe
C:\Documents and Settings\Administrator\Skrivebord\w\hjt.exe

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchmiracle.com/sp.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O1 - Hosts: 69.20.16.183 search.netscape.com
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Programmer\SpywareGuard\dlprotect.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [CloneCDElbyCDFL] "C:\Programmer\Elaborate Bytes\CloneCD\ElbyCheck.exe" /L ElbyCDFL
O4 - HKLM\..\Run: [EM_EXEC] C:\PROGRA~1\Logitech\MOUSEW~1\SYSTEM\EM_EXEC.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINNT\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [ICQMsn] C:\WINNT\SYSTEM32\cbfks.exe
O4 - HKLM\..\Run: [Microsoft Windows Printing Services] C:\WINNT\SYSTEM32\winprint32.exe
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINNT\ASSCFG16.EXE
O4 - HKLM\..\Run: [Windows DLL Loader] C:\WINNT\ASSCFG16.EXE
O4 - HKLM\..\Run: [netservices] svchostn.exe
O4 - HKLM\..\Run: [Services] C:\win.exe
O4 - HKLM\..\Run: [Systemey] systemey.exe
O4 - HKLM\..\Run: [CPCmscl0ck] C:\WINNT\system32\err0rrz\CPCmsclock.ExE
O4 - HKLM\..\Run: [SATA Corporation Data] C:\WINNT\SYSTEM32\dgndp.exe
O4 - HKLM\..\Run: [VCbvnczsxcX] C:\WINNT\SYSTEM32\hnddp.exe
O4 - HKLM\..\Run: [System] system32.exe
O4 - HKLM\..\Run: [Microsoft Buffer App] msbuffer.exe
O4 - HKLM\..\Run: [Bactroneaut] C:\WINNT\SYSTEM32\fqfhhwrp.exe
O4 - HKLM\..\Run: [Sys-Stat] wuapdxe.exe
O4 - HKLM\..\Run: [Configuration Loader] msgfixy.exe
O4 - HKLM\..\Run: [sstata] C:\WINNT\SYSTEM32\dvsbf.exe
O4 - HKLM\..\Run: [VQVQEVXfxcX] C:\WINNT\SYSTEM32\hgdhp.exe
O4 - HKLM\..\Run: [ffeqOME] C:\WINNT\SYSTEM32\vcvsav.exe
O4 - HKLM\..\Run: [Diomacd] C:\WINNT\SYSTEM32\fdafbfd.exe
O4 - HKLM\..\Run: [wzxzxds] fdfddad.exe
O4 - HKLM\..\Run: [wqdfadads] sdqdad.exe
O4 - HKLM\..\Run: [Windows Fix] integator.exe
O4 - HKLM\..\Run: [bbdjmrxcX] C:\WINNT\SYSTEM32\htehtd.exe
O4 - HKLM\..\Run: [messenger.exe] Hell.exe
O4 - HKLM\..\Run: [fGQEGqHOME] C:\winnt\system32\gwwgtp.exe
O4 - HKLM\..\Run: [2thousandbuck] C:\WINNT\SYSTEM32\vcmmf.exe
O4 - HKLM\..\Run: [MSN Messenger BETA 7] C:\WINNT\SYSTEM32\bbsdf.exe
O4 - HKLM\..\Run: [Norton Auto-Protect] ffbaqe.exe
O4 - HKLM\..\Run: [Win32 Services] wuamngr.exe
O4 - HKLM\..\Run: [Micrsoft Driver] windrive32.exe
O4 - HKLM\..\Run: [vxcxcvfck] C:\WINNT\SYSTEM32\sbsvsd.exe
O4 - HKLM\..\Run: [Fwr Command Module] fwr.exe
O4 - HKLM\..\Run: [Dontworry] mysaym.exe
O4 - HKLM\..\Run: [Ultra Edit v5.1] ultraedit.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [feqfesbk] C:\WINNT\SYSTEM32\jjkbbk.exe
O4 - HKLM\..\Run: [fgwrwesbk] C:\WINNT\SYSTEM32\cxzca.exe
O4 - HKLM\..\Run: [gqgqqger] gqgeqegl.exe
O4 - HKLM\..\Run: [dfasack] C:\WINNT\SYSTEM32\cbasd.exe
O4 - HKLM\..\Run: [qffecdas] C:\winnt\system32\vvzxx.exe
O4 - HKLM\..\Run: [asccacA] asacsqgl.exe
O4 - HKLM\..\Run: [Systmery] Systmery.exe
O4 - HKLM\..\Run: [updater] C:\Programmer\Common files\updater\wupdater.exe
O4 - HKLM\..\Run: [Spools] Spools.exe
O4 - HKLM\..\Run: [Rcf Driver] rfc.exe
O4 - HKLM\..\Run: [Regedit Server] regsrv32.exe
O4 - HKLM\..\Run: [Microsoft Services] C:\WINNT\system32\bsc32.exe
O4 - HKLM\..\Run: [MSDDMess] C:\WINNT\SYSTEM32\vssddfq.exe
O4 - HKLM\..\Run: [kalvsys] C:\winnt\system32\kalvvys32.exe
O4 - HKLM\..\Run: [MSSGisg] C:\winnt\system32\cxass.exe
O4 - HKLM\..\Run: [Answer Problem] dSAFsqs.exe
O4 - HKLM\..\Run: [reggsdg] spoolsrv.exe
O4 - HKLM\..\Run: [Band-Aid] C:\WINNT\SYSTEM32\SDvbp.exe
O4 - HKLM\..\Run: [SAggwwgg] CVAvwwd.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunServices: [netservices] svchostn.exe
O4 - HKLM\..\RunServices: [Systemey] systemey.exe
O4 - HKLM\..\RunServices: [System] system32.exe
O4 - HKLM\..\RunServices: [Sys-Stat] wuapdxe.exe
O4 - HKLM\..\RunServices: [Configuration Loader] msgfixy.exe
O4 - HKLM\..\RunServices: [wqdfadads] sdqdad.exe
O4 - HKLM\..\RunServices: [messenger.exe] Hell.exe
O4 - HKLM\..\RunServices: [Norton Auto-Protect] ffbaqe.exe
O4 - HKLM\..\RunServices: [Win32 Services] wuamngr.exe
O4 - HKLM\..\RunServices: [Fwr Command Module] fwr.exe
O4 - HKLM\..\RunServices: [Dontworry] mysaym.exe
O4 - HKLM\..\RunServices: [Ultra Edit v5.1] ultraedit.exe
O4 - HKLM\..\RunServices: [gqgqqger] gqgeqegl.exe
O4 - HKLM\..\RunServices: [asccacA] asacsqgl.exe
O4 - HKLM\..\RunServices: [Systmery] Systmery.exe
O4 - HKLM\..\RunServices: [Spools] Spools.exe
O4 - HKLM\..\RunServices: [Rcf Driver] rfc.exe
O4 - HKLM\..\RunServices: [Regedit Server] regsrv32.exe
O4 - HKLM\..\RunServices: [Microsoft Services] C:\WINNT\system32\bsc32.exe
O4 - HKLM\..\RunServices: [Answer Problem] dSAFsqs.exe
O4 - HKLM\..\RunServices: [reggsdg] spoolsrv.exe
O4 - HKLM\..\RunServices: [DfqwSfS] ffsqsd.exe
O4 - HKLM\..\RunServices: [SAggwwgg] CVAvwwd.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Microsoft Windows Printing Services] C:\WINNT\SYSTEM32\winprint32.exe
O4 - HKCU\..\Run: [Systemey] systemey.exe
O4 - HKCU\..\Run: [Microsoft Buffer App] msbuffer.exe
O4 - HKCU\..\Run: [Sys-Stat] wuapdxe.exe
O4 - HKCU\..\Run: [wqdfadads] sdqdad.exe
O4 - HKCU\..\Run: [Norton Auto-Protect] ffbaqe.exe
O4 - HKCU\..\Run: [Win32 Services] wuamngr.exe
O4 - HKCU\..\Run: [Micrsoft Driver] windrive32.exe
O4 - HKCU\..\Run: [Fwr Command Module] fwr.exe
O4 - HKCU\..\Run: [Dontworry] mysaym.exe
O4 - HKCU\..\Run: [msmc] C:\WINNT\system32\msmc.exe
O4 - HKCU\..\Run: [Ultra Edit v5.1] ultraedit.exe
O4 - HKCU\..\Run: [gqgqqger] gqgeqegl.exe
O4 - HKCU\..\Run: [asccacA] asacsqgl.exe
O4 - HKCU\..\Run: [Clock] C:\WINNT\dsndup.exe
O4 - HKCU\..\Run: [Spools] Spools.exe
O4 - HKCU\..\Run: [Rcf Driver] rfc.exe
O4 - HKCU\..\Run: [Cyhnsaif] C:\WINNT\system32\?poolsv.exe
O4 - HKCU\..\Run: [Answer Problem] dSAFsqs.exe
O4 - HKCU\..\Run: [Eoos] C:\Documents and Settings\Administrator\Application Data\tste.exe
O4 - HKCU\..\Run: [reggsdg] spoolsrv.exe
O4 - HKCU\..\Run: [DfqwSfS] ffsqsd.exe
O4 - HKCU\..\Run: [SAggwwgg] CVAvwwd.exe
O4 - Startup: SpywareGuard.lnk = C:\Programmer\SpywareGuard\sgmain.exe
O8 - Extra context menu item: &Google Search - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://C:\Programmer\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:\Programmer\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Programmer\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programmer\SideFind\sidefind.dll
O16 - DPF: v3cab - http://searchmiracle.com/cab/v3cab.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://public.windupdates.com/get_file.php?bt=ie&p=a9db7f6663b69a8587e3009364d50835b3b3294761905cd298bd14b7ccacad1d185d145bd9a6157d630949879969ece24dd98f12ba5dc7e99083ae8e886ad413fc:1499ca1302e7a9c332310035255fc60e
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/FunBuddyIconsFWBInitialSetup1.0.0.8.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {706F3805-27D7-478D-80E5-E25D2BB030B3} (VacPro.internazionale_ver3) - http://www.advnt01.com/dialer/internazionale_ver3.CAB
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/loader2.ocx
O16 - DPF: {9E98E84C-79E1-49C3-82EB-798FCD552EFB} (VacPro.internazionale_ver4) - http://advnt01.com/dialer/internazionale_ver4.CAB
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {BAB3E70B-A847-4A88-ACFC-778FCCC00287} (CActSetupObj Object) - http://www.odysseusmarketing.com/actsetup.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown - C:\Programmer\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: Client Runtime Server Subsystem - Unknown - crss.exe lssas.exe (file missing)
O23 - Service: Logical Disk Manager Administrative Service - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ISEXEng - Unknown - C:\WINNT\system32\angelex.exe (file missing)