/ Forside/ Teknologi / Internet / Sikkerhed / Spørgsmål
Login
Glemt dit kodeord?
Brugernavn

Kodeord


Reklame
Top 10 brugere
Sikkerhed
#NavnPoint
stl_s 37026
arlet 26827
miritdk 20260
o.v.n. 12167
als 8951
refi 8694
tedd 8272
BjarneD 7338
Klaudi 7257
10  molokyle 6481
Huntbar m.v.
Fra : bilkiario
Vist : 592 gange
200 point
Dato : 27-10-06 09:54

Hej alle
Jeg har lige kørt et program, som hedder Spybot.
Dettehar fundet en del "snavs" I computeren.
De fleste kunne programmet fjerne, men der er 3 hårdføre tilbage, som programmet ikke kunne fjerne. De hedder: Huntbar - Ibis toolbar - NewDotNet.
Hvilke skader kan disse programmer lave i PC'en?
Hvordan får jeg dem fjernet?
Håber I kan hjælpe.
Hilsen Jan

 
 
Kommentar
Fra : molokyle


Dato : 27-10-06 10:10

Prøv dette udmærkede gratis antispyware program: http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

Citat
Den mand gør det igen. Der er tale om Nick Skrepetos. Ingen tvivl om at Nick har forstand på spywarebekæmpelse, og han er velanset i bekæm- perkredsene.

Det nye produkt med det fængende navn SuperAntiSpyware er af første klasse, og så er det ganske gratis, hvis man altså kan nøjes med de mest almindelige funktioner.

Programmet er en værdig fornyelse, for de der i dag benytter Ad-aware og Spybot, men man skal lige gøre sig det klart, at SAS er på engelsk. Vil du have programmerne på dansk så fortsæt med Ad-aware eller Spybot, men på den anden side er programmet nu meget brugervenligt.

Selv i gratis-versionen kan det fjerne det meste af det hårde spyware. Det kan Ad-aware og Spybot ikke. Spybot har så en immunisering, der kan holde spyware ude, men mod det hårde spyware er denne immunisering nyttesløs.

SpuperAntiSpyware findes også i en professionel version for hjemme- brugeren. Den koster 229 kr. i shoppen for et års licens. Efter 1 år vil der være en god rabat på licensfornyelsen.

Den professionelle version har nogle features som gratis-versionen ikke har. Det drejer sig bl.a. om realtime-beskyttelse (lader ikke spywaren komme ind på computeren), registreringsdatabase-beskyttelse (afviser at hijackere rører ved din registreringsdatabase) og auto-opdatering (er manuelt i gratisversionen).

Ingen dårlige sider ved programmet? Jo, det er så nyt, at det stadig kan levere såkaldte falske positiver, men der er allerede væsentlig færre, end da det blev lanceret for en uge siden. Normalt tester vi et program i en måneds tid, før det slippes løs. Det skal retfærdigvis siges, at vi kun har haft lejlighed til at teste det i 14 dage.

Vi anbefaler at du bruger linkene herunder. De er altid opdateret med seneste version og sikret mod hurtig og fejlfri download.


..fra: http://spywarefri.dk/vaerktoj.htm

..og her er en manual til programmet: http://www.spywarefri.dk/manualer/superantispyware-manual.htm

Hvis ikke dette hjælper? Så må du lave en log med Hijackthis og lægge den herind eller i Spywarefri's forum: http://www.spywarefri.dk/forum

Hijackthis henter du her: http://www.spywarefri.dk/downloads1/hijackthis.exe
..og her er en manual: http://www.spywarefri.dk/manualer/hijackthis-manual.htm
..så får du lynhurtigt hjælp

</MOLOKYLE>

Kommentar
Fra : miritdk


Dato : 27-10-06 10:15

jeg vil nok anbefale at lægge en hijackthislog ind hvos superantispyware ikke klarer problemerne.

Hent HijackThis her http://www.sitecenter.dk/secure/nss-folder/mappe/hjtspecial.exe - Opret en selvstændig mappe til HijackThis og læg den for eks på skrivebordet - kald den f,eks HJT - Kør Hijackthis, klik på - Do a systemscan and save a logfile - og kopier loggen og sæt den ind i tråden her. Du må ikke slette noget selv med HijackThis.

Kommentar
Fra : stl_s


Dato : 27-10-06 11:22

Hvis du følger molokyles og miritdk`s råd, så skal jeg nok kigge på HijackThis loggen.

Kommentar
Fra : miritdk


Dato : 27-10-06 11:24



Kommentar
Fra : bilkiario


Dato : 27-10-06 17:14

Hej igen
Jeg har nu kørt Superantispyware, og det ser ud til den har fjernet en del.
Jeg medsender logfilen, og håber i vil se på den, da jeg tror der er mere "snavs" tilbage.
Hilsen Jan

Logfile of HijackThis v1.99.1
Scan saved at 13:17:31, on 27-10-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\SYSTEM32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\windows\System32\svchost.exe
C:\Programmer\Virtual CD v4 SDK\system\vcssecs.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\windows\Explorer.EXE
C:\Programmer\Microsoft IntelliType Pro\type32.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\SOUNDMAN.EXE
C:\Programmer\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Programmer\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\windows\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\windows\Logi_MwX.Exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\windows\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearchIndexer.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Jette Hofdam\Skrivebord\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
file://C:\APPS\IE\offline\dan.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard
Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Hyperlinks
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\windows\regedit /s
C:\pav.reg,C:\windows\system32\pavdr.exe,C:\windows\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\programmer\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper -
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar
Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
blank (file missing)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4
SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [type32] "C:\Programmer\Microsoft IntelliType
Pro\type32.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles
filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched]
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Programmer\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [MMTray] "C:\Programmer\Musicmatch\Musicmatch
Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Programmer\Musicmatch\Musicmatch
Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\windows\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray]
C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair]
C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control
Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ActivBoard] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [RemoteControl]
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [.nvsvc] C:\windows\system\smss.exe /w
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe"
/background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate]
C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg]
C:\Programmer\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware]
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Aktiver Labtec Trådløse Skrivebord.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk =
C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk =
C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar
Suite\TB\02.05.0000.1105\da-dk\msntb.dll/search.htm
O8 - Extra context menu item: Translate Page -
http://www.geocities.com/mockba80/translate1.0.txt
O8 - Extra context menu item: Åbn på ny baggrundsfane -
res://C:\Programmer\MSN Toolbar
Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/229?fe13e88e586d409ea4a764ea5a7f9d60
O8 - Extra context menu item: Åbn på ny forgrundsfane -
res://C:\Programmer\MSN Toolbar
Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/230?fe13e88e586d409ea4a764ea5a7f9d60
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
(file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\dan.htm
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://www.truedoc.com/activex/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} (AXWebMon Control) -
http://www.smilecam.com/home/ezwebcam/eng5/common/AXWebMonProj1.cab
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) -
http://www.rovion.com/Controls/Rovion.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) -
http://80.199.4.57:81/kxhcm10.ocx
O16 - DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} (Gif89 Class) -
http://213.139.220.50/xplug.ocx
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158619282765
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) -
http://144.122.47.203/activex/AMC.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) -
http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} -
http://www.playqames.com/default.cab?uid=7&id=60810&ex&1s&ppd=4
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://62.181.87.189/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} -
http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) -
https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) -
http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O18 - Protocol: bw+0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon -
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) -
H+H Software GmbH - C:\Programmer\Virtual CD v4 SDK\system\vcssecs.exe



Kommentar
Fra : stl_s


Dato : 27-10-06 18:27

Superantispywares log kan godt give et fingerpeg, så den vil jeg gerne se. Du finder den i "Preferences" -> Statistics/Logs. Klik View log, og copy/paste den her ind.

Hent denne scanner ned til skrivebordet ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe Vent med at køre den.


Start op i fejlsikret tilstand (tast f8 flere gange under opstart). Hvis du ikke kan det, så se her
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1


Vejledning her http://fromsej.dk/Vejledninger/html/drweb.html


Kopier loggen her ind, sammen med en frisk HijackThis log fra normal tilstand..



Kommentar
Fra : miritdk


Dato : 27-10-06 18:30

ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe skal lige kopieres op i adresselinjen

Kommentar
Fra : stl_s


Dato : 27-10-06 19:52

Tak mirit.dk. Hvad skulle jeg gøre uden dig ? . Jeg glemmer den hver gang .

Kommentar
Fra : miritdk


Dato : 27-10-06 19:54



Kommentar
Fra : bilkiario


Dato : 29-10-06 09:33

Hej igen
Jeg er desværre ikke nogen ørn til dette her, men jeg arbejder på det.
I mellemtiden sender jeg logfilen fra Superantispyware:

SUPERAntiSpyware Scan Log
Generated 10/27/2006 at 01:01 PM

Application Version : 3.3.1020

Core Rules Database Version : 3114
Trace Rules Database Version: 1139

Scan type : Complete Scan
Total Scan Time : 00:26:49

Memory items scanned : 652
Memory threats detected : 0
Registry items scanned : 6354
Registry threats detected : 105
File items scanned : 40744
File threats detected : 11

Adware.Tracking Cookie
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@advertising[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette hofdam@atdmt[2].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette hofdam@cgi-bin[2].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette hofdam@adtech[2].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette hofdam@adfair[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@track.adform[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@mediaplex[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@msnportal.112.2o7[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@doubleclick[1].txt
C:\Documents and Settings\Jette Hofdam\Cookies\jette
hofdam@tradedoubler[2].txt

Spyware.WebSearch (WinTools/HuntBar)
HKCR\CLSID\{8952A998-1E7E-4716-B23D-3DBE03910972}
HKCR\CLSID\{8952A998-1E7E-4716-B23D-3DBE03910972}\InprocServer32
HKCR\CLSID\{8952A998-1E7E-4716-B23D-3DBE03910972}\InprocServer32#ThreadingModel HKCR\CLSID\{339BB23F-A864-48C0-A59F-29EA915965EC} HKCR\CLSID\{339BB23F-A864-48C0-A59F-29EA915965EC}\InprocServer32 HKCR\CLSID\{339BB23F-A864-48C0-A59F-29EA915965EC}\InprocServer32#ThreadingModel HKLM\Software\WinTools HKLM\Software\WinTools\nlibx4m HKLM\Software\WinTools\nlibx4m\ef HKLM\Software\WinTools\nlibx4m\ef#x4mln HKLM\Software\WinTools\nlibx4m\ef#x4m2y4mn HKLM\Software\WinTools\nlibx4m\ef#ru2y4mn HKLM\Software\WinTools\nlibx4m\ef#ruln HKLM\Software\WinTools\nlibx4m\ef#hmrnxr6 HKLM\Software\WinTools\nlibx4m\ef#xri4zn HKLM\Software\WinTools\nlibx4m\ef#xri4zninx HKLM\Software\WinTools\nlibx4m\ef#xraz7 HKLM\Software\WinTools\nlibx4m\ef#myzys HKLM\Software\WinTools\nlibx4m\q8 HKLM\Software\WinTools\nlibx4m\q8#x4mln HKLM\Software\WinTools\nlibx4m\q8#x4m2y4mn HKLM\Software\WinTools\nlibx4m\q8#ru2y4mn HKLM\Software\WinTools\nlibx4m\q8#ruln HKLM\Software\WinTools\nlibx4m\q8#hmrnxr6 HKLM\Software\WinTools\nlibx4m\q8#xri4zn HKLM\Software\WinTools\nlibx4m\q8#xri4zninx HKLM\Software\WinTools\nlibx4m\q8#xraz7 HKLM\Software\WinTools\nlibx4m\q8#myzys HKLM\Software\WinTools\nlibx4m\qe HKLM\Software\WinTools\nlibx4m\qe#x4mln HKLM\Software\WinTools\nlibx4m\qe#x4m2y4mn HKLM\Software\WinTools\nlibx4m\qe#ru2y4mn HKLM\Software\WinTools\nlibx4m\qe#ruln HKLM\Software\WinTools\nlibx4m\qe#hmrnxr6 HKLM\Software\WinTools\nlibx4m\qe#xri4zn HKLM\Software\WinTools\nlibx4m\qe#xri4zninx HKLM\Software\WinTools\nlibx4m\qe#xraz7 HKLM\Software\WinTools\nlibx4m\qe#myzys HKLM\Software\WinTools\nlibx4m\tg HKLM\Software\WinTools\nlibx4m\tg#x4mln HKLM\Software\WinTools\nlibx4m\tg#x4m2y4mn HKLM\Software\WinTools\nlibx4m\tg#ru2y4mn HKLM\Software\WinTools\nlibx4m\tg#ruln HKLM\Software\WinTools\nlibx4m\tg#hmrnxr6 HKLM\Software\WinTools\nlibx4m\tg#xri4zn HKLM\Software\WinTools\nlibx4m\tg#xri4zninx HKLM\Software\WinTools\nlibx4m\tg#xraz7 HKLM\Software\WinTools\nlibx4m\tg#myzys HKLM\Software\WinTools\nlibx4m\tgv HKLM\Software\WinTools\nlibx4m\tgv#x4mln HKLM\Software\WinTools\nlibx4m\tgv#x4m2y4mn HKLM\Software\WinTools\nlibx4m\tgv#ru2y4mn HKLM\Software\WinTools\nlibx4m\tgv#ruln HKLM\Software\WinTools\nlibx4m\tgv#hmrnxr6 HKLM\Software\WinTools\nlibx4m\tgv#xri4zn HKLM\Software\WinTools\nlibx4m\tgv#xri4zninx HKLM\Software\WinTools\nlibx4m\tgv#xraz7 HKLM\Software\WinTools\nlibx4m\tgv#myzys HKLM\Software\WinTools\nlibx4m\tt1 HKLM\Software\WinTools\nlibx4m\tt1#x4mln HKLM\Software\WinTools\nlibx4m\tt1#x4m2y4mn HKLM\Software\WinTools\nlibx4m\tt1#ru2y4mn HKLM\Software\WinTools\nlibx4m\tt1#ruln HKLM\Software\WinTools\nlibx4m\tt1#hmrnxr6 HKLM\Software\WinTools\nlibx4m\tt1#xri4zn HKLM\Software\WinTools\nlibx4m\tt1#xri4zninx HKLM\Software\WinTools\nlibx4m\tt1#xraz7 HKLM\Software\WinTools\nlibx4m\tt1#myzys HKLM\Software\WinTools\nlibx4m\ttt HKLM\Software\WinTools\nlibx4m\ttt#x4mln HKLM\Software\WinTools\nlibx4m\ttt#x4m2y4mn HKLM\Software\WinTools\nlibx4m\ttt#ru2y4mn HKLM\Software\WinTools\nlibx4m\ttt#ruln HKLM\Software\WinTools\nlibx4m\ttt#hmrnxr6 HKLM\Software\WinTools\nlibx4m\ttt#xri4zn HKLM\Software\WinTools\nlibx4m\ttt#xri4zninx HKLM\Software\WinTools\nlibx4m\ttt#xraz7 HKLM\Software\WinTools\nlibx4m\ttt#myzys HKLM\Software\WinTools\nlibx4m\v HKLM\Software\WinTools\nlibx4m\v#x4mln HKLM\Software\WinTools\nlibx4m\v#x4m2y4mn HKLM\Software\WinTools\nlibx4m\v#ru2y4mn HKLM\Software\WinTools\nlibx4m\v#ruln HKLM\Software\WinTools\nlibx4m\v#hmrnxr6 HKLM\Software\WinTools\nlibx4m\v#xri4zn HKLM\Software\WinTools\nlibx4m\v#xri4zninx HKLM\Software\WinTools\nlibx4m\v#xraz7 HKLM\Software\WinTools\nlibx4m\v#myzys HKLM\Software\WinTools\nlibx4m\vv HKLM\Software\WinTools\nlibx4m\vv#x4mln HKLM\Software\WinTools\nlibx4m\vv#x4m2y4mn HKLM\Software\WinTools\nlibx4m\vv#ru2y4mn HKLM\Software\WinTools\nlibx4m\vv#ruln HKLM\Software\WinTools\nlibx4m\vv#hmrnxr6 HKLM\Software\WinTools\nlibx4m\vv#xri4zn HKLM\Software\WinTools\nlibx4m\vv#xri4zninx HKLM\Software\WinTools\nlibx4m\vv#xraz7 HKLM\Software\WinTools\nlibx4m\vv#myzysTrojan.NewDotNet HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E} HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32 HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\InprocServer32#ThreadingModel HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\ProgID HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\Programmable HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\TypeLib HKCR\CLSID\{4A2AACF3-ADF6-11D5-98A9-00E018981B9E}\VersionIndependentProgIDTrojan.ErrorSafe C:\DOCUMENTS AND SETTINGS\JETTE HOFDAM\APPLICATIONDATA\ERRORSAFEFREEINSTALL_DK[1].EXE

Kommentar
Fra : bilkiario


Dato : 29-10-06 11:04

Hej
Nu tror jeg, jeg har gjort som I har bedt om.
Jeg har kørt drweb i fejlsikret tilstand.
Den viste ingen virus fundet.

Jeg medsender en frisk log fil fra hijack this:

Logfile of HijackThis v1.99.1
Scan saved at 09:58:42, on 29-10-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\windows\System32\smss.exe
C:\windows\SYSTEM32\winlogon.exe
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\svchost.exe
C:\windows\System32\svchost.exe
C:\windows\system32\spoolsv.exe
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
C:\Programmer\Alwil Software\Avast4\ashServ.exe
C:\windows\system32\HPZipm12.exe
C:\windows\Explorer.EXE
C:\windows\System32\svchost.exe
C:\Programmer\Virtual CD v4 SDK\system\vcssecs.exe
C:\Programmer\Microsoft IntelliType Pro\type32.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\windows\SOUNDMAN.EXE
C:\Programmer\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Programmer\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\windows\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\windows\Logi_MwX.Exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\apps\ABoard\ABoard.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\QuickTime\qttask.exe
C:\apps\ABoard\AOSD.exe
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\windows\system32\ctfmon.exe
C:\Programmer\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Alwil Software\Avast4\ashMaiSv.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Alwil Software\Avast4\ashWebSv.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearchIndexer.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\windows\system32\wuauclt.exe
C:\Documents and Settings\Jette Hofdam\Skrivebord\hijackthis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
file://C:\APPS\IE\offline\dan.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Packard
Bell
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Hyperlinks
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\windows\regedit /s
C:\pav.reg,C:\windows\system32\pavdr.exe,C:\windows\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\apps\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Programmer\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\programmer\google\googletoolbar2.dll
O2 - BHO: MSN Search Toolbar Helper -
{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar
Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
blank (file missing)
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -
C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\programmer\google\googletoolbar2.dll
O4 - HKLM\..\Run: [VCSPlayer] "C:\Program Files\Virtual CD v4
SDK\system\vcsplay.exe"
O4 - HKLM\..\Run: [type32] "C:\Programmer\Microsoft IntelliType
Pro\type32.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles
filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched]
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [REGSHAVE] C:\Programmer\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [MMTray] "C:\Programmer\Musicmatch\Musicmatch
Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Programmer\Musicmatch\Musicmatch
Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\windows\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoTray]
C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [LogitechVideoRepair]
C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [ATIPTA] C:\ATI Technologies\ATI Control
Panel\atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ActivBoard] c:\apps\ABoard\ABoard.exe
O4 - HKLM\..\Run: [RemoteControl]
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [.nvsvc] C:\windows\system\smss.exe /w
O4 - HKLM\..\Run: [QuickTime Task]
"C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe"
/background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate]
C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\windows\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg]
C:\Programmer\Google\GoogleToolbarNotifier\1.2.908.5008\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware]
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Aktiver Labtec Trådløse Skrivebord.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk =
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk =
C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk =
C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft
Office\Office10\OSA.EXE
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\MSN Toolbar
Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar
Suite\TB\02.05.0000.1105\da-dk\msntb.dll/search.htm
O8 - Extra context menu item: Translate Page -
http://www.geocities.com/mockba80/translate1.0.txt
O8 - Extra context menu item: Åbn på ny baggrundsfane -
res://C:\Programmer\MSN Toolbar
Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/229?fe13e88e586d409ea4a764ea5a7f9d60
O8 - Extra context menu item: Åbn på ny forgrundsfane -
res://C:\Programmer\MSN Toolbar
Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/230?fe13e88e586d409ea4a764ea5a7f9d60
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programmer\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
(file missing)
O14 - IERESET.INF: START_PAGE_URL=file://C:\APPS\IE\offline\dan.htm
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://www.truedoc.com/activex/tdserver.cab
O16 - DPF: {04E214E5-63AF-4236-83C6-A7ADCBF9BD02} (HouseCall Control) -
http://housecall60.trendmicro.com/housecall/xscan60.cab
O16 - DPF: {0585238B-9CA6-4CCB-A9B2-FE4BA495E880} (AXWebMon Control) -
http://www.smilecam.com/home/ezwebcam/eng5/common/AXWebMonProj1.cab
O16 - DPF: {24D1BDCE-D835-11D6-BF84-0050047EA0E7} (BlueStream_Flash Class) -
http://www.rovion.com/Controls/Rovion.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) -
http://80.199.4.57:81/kxhcm10.ocx
O16 - DPF: {31150A86-0BBA-409F-BEB4-F3922D10BF34} (Gif89 Class) -
http://213.139.220.50/xplug.ocx
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) -
https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1158619282765
O16 - DPF: {6E5A37BF-FD42-463A-877C-4EB7002E68AE} (Housecall ActiveX 6.5) -
http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {745395C8-D0E1-4227-8586-624CA9A10A8D} (AxisMediaControl Class) -
http://144.122.47.203/activex/AMC.cab
O16 - DPF: {8F48147B-78D9-40F9-ACC0-BDDE59B246F4} (AccountHelper Class) -
http://www.tele2mail.com/static/apps/utils/AccountHelper.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} -
http://www.playqames.com/default.cab?uid=7&id=60810&ex&1s&ppd=4
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) -
http://62.181.87.189/activex/AxisCamControl.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} -
http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) -
https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://www.popcap.com/games/popcaploader_v6.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) -
http://www.123hjemmeside.dk/builder/pages/KvikFoto.CAB
O16 - DPF: {EF0DBA6F-43CE-4B26-9808-2AB38FA0DB29} (MSN Money Ticker) -
http://fdl.msn.com/public/investor/v13/ticker.cab
O18 - Protocol: bw+0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} - C:\Program
Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {FEB4CE38-06DB-44B7-88D6-828F57ED8B05} -
C:\Program Files\Logitech\Desktop
Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon -
C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Programmer\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Programmer\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\windows\system32\HPZipm12.exe
O23 - Service: Virtual CD v4 Security service (SDK - Version) (VCSSecS) -
H+H Software GmbH - C:\Programmer\Virtual CD v4 SDK\system\vcssecs.exe



Kommentar
Fra : stl_s


Dato : 31-10-06 19:00

Jeg havde overset at du var vendt tilbage med en log. Det må du undskylde.


Kør en scanning med HijackThis, så du kan se alle filer. Luk alle vinduer, sæt flueben ved disse linier, og klik fix checked.


R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = \blank.htm
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=C:\windows\regedit /s
C:\pav.reg,C:\windows\system32\pavdr.exe,C:\windows\system32\userinit.exe,
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
blank (file missing)
O16 - DPF: {0246ECA8-996F-11D1-BE2F-00A0C9037DFE} (TDServer Control) -
http://www.truedoc.com/activex/tdserver.cab
O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) -
http://80.199.4.57:81/kxhcm10.ocx
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} -
http://www.popcap.com/games/popcaploader_v6.cab



Logitech Desktop Messenger vil jeg foreslå at du afinstallerer. Det er ikke til meget nytte, og bruger bare ressourcer.


Efter et virus/spyware angreb, er det altid en god ide at rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.

Hent ATF Cleaner her fra http://www.atribune.org/content/view/19/2/

Start ATF Cleaner. Sæt flueben i "Select all" (du kan undlade cookies, hvis du vil). Klik "Empty selected".

Accepteret svar
Fra : stl_s

Modtaget 200 point
Dato : 31-10-06 19:05

Hov, der havde lige sneget sig en fejl ind .

Denne skal du IKKE fixe:

O16 - DPF: {2E28242B-A689-11D4-80F2-0040266CBB8D} (KX-HCM10 Control) -
http://80.199.4.57:81/kxhcm10.ocx


Godkendelse af svar
Fra : bilkiario


Dato : 01-11-06 19:33

Tak for svaret stl_s.

Jeg har nu gjort dom foreslået, og har bagefter kørt en scanning med suparantispyware.
Den fandt intet.
Mange tk for hjælpen
Jan

Kommentar
Fra : stl_s


Dato : 01-11-06 19:57

Det lyder godt . Tak for point.

Du har følgende muligheder
Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.
Søg
Reklame
Statistik
Spørgsmål : 177580
Tips : 31968
Nyheder : 719565
Indlæg : 6409079
Brugere : 218888

Månedens bedste
Årets bedste
Sidste års bedste