[DannyEAGLE]

Hei! Jeg synes å ha ervervet iexplore.exe viruset en eller annen måte. Det plager meg med tilfeldige popup-vinduer konstant. De kommer alltid opp i Internet Explorer selv om jeg alltid bruker Firefox. Eventuelle hjelpe ville være verdsatt. Takk!

-Danny

HijackThis Logg
----------------------
Logfile of HijackThis v1.99.1
Scan lagret på 3:13:34 PM, on 12/22/2007
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Windows Defender \ MsMpEng.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
C: \ Programfiler \ Norton Internet Security \ ISSVC.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ Programfiler \ Analog Devices \ SoundMAX \ SMAgent.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe
C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe
C: \ Programfiler \ Analog Devices \ SoundMAX \ SMax4PNP.exe
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Programfiler \ Apoint2K \ Apoint.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ hpq \ HP Wireless Assistant \ HP Wireless Assistant.exe
C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe
C: \ Programfiler \ Fellesfiler \ InstallShield \ UpdateService \ issch.exe
C: \ Programfiler \ Apoint2K \ Apntex.exe
C: \ Program Files \ Lexmark 2300 Series \ ezprint.exe
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ Windows Defender \ MSASCui.exe
C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
C: \ WINDOWS \ system32 \ lxcgcoms.exe
C: \ PROGRA ~ 1 \ HPQ \ Shared \ HPQTOA ~ 1.EXE
C: \ Programfiler \ AIM \ aim.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ progra ~ 1 \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ utorrent.exe
C: \ Program Files \ Hijackthis \ HijackThis.exe
C: \ progra ~ 1 \ Mozilla Firefox \ firefox.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?Link.../www.mchsi.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Microsoft Internet Explorer levert av Mediacom Online
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O3 - Toolbar: Norton AntiVirus - (42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6) - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP-visning - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - C: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Programfiler \ Analog Devices \ SoundMAX \ SMax4PNP.exe
O4 - HKLM \ .. \ Run: [SoundMAX] C: \ Programfiler \ Analog Devices \ SoundMAX \ Smax4.exe / brett
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [Apoint] C: \ Programfiler \ Apoint2K \ Apoint.exe
O4 - HKLM \ .. \ Run: [hpWirelessAssistant] C: \ Programfiler \ hpq \ HP Wireless Assistant \ HP Wireless Assistant.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Programfiler \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [LSBWatcher] c: \ hp \ drivers \ hplsbwatcher \ lsburnwatcher.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [URLLSTCK.exe] C: \ Program Files \ Norton Internet Security \ UrlLstCk.exe
O4 - HKLM \ .. \ Run: [Cpqset] C: \ Programfiler \ HPQ \ Default Settings \ cpqset.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ RealMedia \ Programfiler \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ progra ~ 1 \ FELLES ~ 1 \ installere ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-oppstart
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Programfiler \ Fellesfiler \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [FaxCenterServer] "C: \ Programfiler \ Lexmark Faks Solutions \ fm3032.exe" / s
O4 - HKLM \ .. \ Run: [lxcgmon.exe] "C: \ Program Files \ Lexmark 2300 Series \ lxcgmon.exe"
O4 - HKLM \ .. \ Run: [EzPrint] "C: \ Program Files \ Lexmark 2300 Series \ ezprint.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Programfiler \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Programfiler \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [avast!] C: \ progra ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe
O4 - HKLM \ .. \ Run: [1d8d7730] rundll32.exe "C: \ WINDOWS \ system32 \ gxdtsrag.dll", b
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programfiler \ Messenger \ msmsgs.exe" / background
O4 - HKCU \ .. \ Run: [AIM] C: \ Programfiler \ AIM \ aim.exe-cnetwait.odl
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [NBJ] "C: \ Programfiler \ Ahead \ Nero BackItUp \ NBJ.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Programfiler \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ Hp \ Digital Imaging \ bin \ hpqtra08.exe
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ micros ~ 4 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra button: ATI TV - (44226DFF-747E-4edc-B30C-78752E50CD0C) - C: \ Program Files \ ATI Multimedia \ tv \ EXPLBAR.DLL
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ micros ~ 4 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Programfiler \ AIM \ aim.exe
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing)
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O11 - Options group: [INTERNATIONAL] International *
O14 - IERESET.INF: START_PAGE_URL = http://www.mchsi.com
Ø16 - DPF: (14C1B87C-3342-445F-9B5E-365FF330A3AC) (Hewlett-Packard Online Support Services) - http://h20278.www2.hp.com/HPISWeb/Customer/cabs/HPISDataManager.CAB
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klasse) - C: \ Programfiler \ Yahoo! \ Common \ yinsthelper.dll
Ø16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
Ø20 - AppInit_DLLs: C: \ WINDOWS \ system32 \ wmfhotfix.dll
O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C: \ Programfiler \ Alwil Software \ Avast4 \ ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C: \ Programfiler \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
O23 - Service: DomainService - Unknown owner - C: \ WINDOWS \ system32 \ hgvfhpan.exe (file missing)
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard Development Company, LP - C: \ Programfiler \ HPQ \ Shared \ HPQWMI.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ ISSVC.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Hewlett-Packard Company - C: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: lxcg_device - - C: \ WINDOWS \ system32 \ lxcgcoms.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - c: \ progra ~ 1 \ FELLES ~ 1 \ SYMANT ~ 1 \ SCRIPT ~ 1 \ SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C: \ Programfiler \ Analog Devices \ SoundMAX \ SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Center \ SymWSC.exe

[Hybr! D]

Du må avinstallere uTorrent før du får noe hjelp.

Nedlasting er ulovlig og er også ansvarlig for å rote opp PCen, pengene godt lagret ja?