Søg
Avatar billede klixeren Nybegynder
24. februar 2005 - 00:08 Der er 15 kommentarer

log-fil

Hej eller godaften !

Er der ikke én venlig sjæl der vil tjekke min log-fil i forbindelse med msn.virus?

Tak, Thilde.
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 00:14 #1
Jo da, kom blot med den ..
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 00:15 #2
Hvis ikke du ved hvad du skal gøre så:

Gå ind her og hent Hijackthis.
http://www.spywarefri.dk/vaerktoj.htm
Kør Hijackthis, scan, save log og kopier logfilen herind, så kigger vi på den. Lad være med at slette noget selv med Hijackthis, det kan skade mere end det gavner.
Avatar billede klixeren Nybegynder
24. februar 2005 - 00:19 #3
Tak, her kommer den...

Har hentet hijack fra en anden side end den du foreslog - det gør vel ikke noget??


Logfile of HijackThis v1.99.1
Scan saved at 23:59:38, on 23-02-2005
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\asr_fnt.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Save\Save.exe
C:\Programmer\SuperBar\sbhc.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Winamp\winampa.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmer\WhenUSearch\Search.exe
C:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\WINDOWS\aaxpo.exe
C:\temp\salm.exe
C:\Programmer\Web_Rebates\WebRebates0.exe
C:\WINDOWS\System32\gah95on6.exe
C:\Program Files\AdTools Service\AdTools.exe
C:\Program Files\Admanager Controller\AdManCtl.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\PROGRA~1\WEATHE~1\Weather.exe
C:\sp.exe
E:\Programmer\Phone\Skype.exe
C:\Program Files\AdTools Service\AdToolsKeep.exe
C:\Program Files\Admanager Controller\AdManKeep.exe
C:\Programmer\Web_Rebates\WebRebates1.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\WinRAR\WinRAR.exe
C:\DOCUME~1\SØREN\LOKALE~1\Temp\Rar$EX02.934\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.e-cbs.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SuperBar - {136A9D1D-1F4B-43D4-8359-6F2382449255} - C:\Programmer\SuperBar\SuperBar.Dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programmer\NewDotNet\newdotnet6_38.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: SuperBar - {6B58D238-F0D5-4216-93A5-B124B45C9236} - C:\Programmer\SuperBar\SuperBar.Dll
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SBHC] C:\Programmer\SuperBar\sbhc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [WinampAgent] C:\Programmer\Winamp\winampa.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [WhenUSearch] "C:\Programmer\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [XwebELBCf] C:\WINDOWS\aaxpo.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [ixelwh] C:\WINDOWS\ixelwh.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programmer\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
O4 - HKLM\..\Run: [ErrorGuard] C:\Programmer\ErrorGuard\ErrorGuard.Exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\RunServices: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\RunOnce: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [bthcli.exe] C:\PROGRA~1\BOOMTO~1\BTHCli.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [WeatherCast] "C:\PROGRA~1\WEATHE~1\Weather.exe" /q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
O4 - HKCU\..\Run: [sp] C:\sp.exe
O4 - HKCU\..\Run: [Skype] "E:\Programmer\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\RunOnce: [nvsv32.exe] asr_fnt.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Web Rebates - file://C:\Programmer\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programmer\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {029FDBA6-3547-11D7-AA4C-0050BF051A00} (Rawflow ICD Client) - http://downol.dr.dk/download/netradio/Rawflow.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O18 - Protocol: bw+0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {D11AA7F0-4A0C-4061-85FB-26CF930B0431} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 00:25 #4
Jeg kigger lige på den ..
Avatar billede klixeren Nybegynder
24. februar 2005 - 00:27 #5
takker...
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 00:36 #6
Hent de her to programmer:
http://cexx.org/lspfix.htm - http://cexx.org/lspfix.zip
http://www.bleepingcomputer.com/forums/index.php?showtutorial=59 - Vejledning.
http://danborg.org/spy/Newnet/winsockxpfix.exe - Winsockfix.
Forklaring følger.

Hent denne uninstaller: http://www.newdotnet.com/ det link du skal bruge skal du finde på siden, det ser således ud:
http://www.new.net/support/uninstall6_34.exe

Hent denne (Kaspersky) scanner, den skal du bruge senere.
http://www.spywareinfo.dk/download/mwav.exe - Virusscanner.

Fjern Newdotnet/Newnet i Tilføj/fjern programmer hvis du kan.
Kør Newdotnet uninstalleren fra diskette som de skriver på siden, genstart, mister du din internetforbindelse skal du bruge Lspfix eller Winsockfix til at genetablere den.
Forklaring følger allernederst:

Så skal du genstarte pc'en i fejlsikret tilstand. Klik F8 under opstart.

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, slet mapper og filer listet nederst.
Dobbelttjek, så alt kommer med.

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: SuperBar - {136A9D1D-1F4B-43D4-8359-6F2382449255} - C:\Programmer\SuperBar\SuperBar.Dll
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Programmer\NewDotNet\newdotnet6_38.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll
O3 - Toolbar: SuperBar - {6B58D238-F0D5-4216-93A5-B124B45C9236} - C:\Programmer\SuperBar\SuperBar.Dll
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - C:\PROGRA~1\ISTbar\istbar.dll
O4 - HKLM\..\Run: [WhenUSave] C:\PROGRA~1\Save\Save.exe
O4 - HKLM\..\Run: [SBHC] C:\Programmer\SuperBar\sbhc.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [WhenUSearch] "C:\Programmer\WhenUSearch\Search.exe"
O4 - HKLM\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [XwebELBCf] C:\WINDOWS\aaxpo.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [ixelwh] C:\WINDOWS\ixelwh.exe
O4 - HKLM\..\Run: [WebRebates0] "C:\Programmer\Web_Rebates\WebRebates0.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\System32\gah95on6.exe
O4 - HKLM\..\Run: [ErrorGuard] C:\Programmer\ErrorGuard\ErrorGuard.Exe
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools Service\AdTools.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager Controller\AdManCtl.exe
O4 - HKLM\..\RunServices: [nvsv32.exe] asr_fnt.exe
O4 - HKLM\..\RunOnce: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\Run: [WeatherCast] "C:\PROGRA~1\WEATHE~1\Weather.exe" /q
O4 - HKCU\..\Run: [sp] C:\sp.exe
O4 - HKCU\..\Run: [NvCplScan] nvsc32.exe
O4 - HKCU\..\Run: [nvsv32.exe] asr_fnt.exe
O4 - HKCU\..\RunOnce: [nvsv32.exe] asr_fnt.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Web Rebates - file://C:\Programmer\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programmer\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O18 - Protocol <---- alle der starter med 018 !!

---------------------------------------
Sletning af filer og mapper:
Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Brug af Start->Søg.
Klik på "Alle filer og mapper"
Klik på "Avancerede indstillinger"
Sæt flueben i de tre øverste.
-------------------
Mapper:
C:\Programmer\SuperBar
C:\Programmer\NewDotNet
C:\Programmer\SideFind
C:\PROGRA~1\ISTbar
C:\PROGRA~1\Save
C:\Programmer\WhenUSearch
C:\Program Files\Internet Optimizer
C:\Programmer\ISTsvc
C:\Programmer\Web_Rebates
C:\Programmer\ErrorGuard
C:\Program Files\AdTools Service
C:\Program Files\Admanager Controller
C:\PROGRA~1\WEATHE~1

Filer:
C:\sp.exe
c:\temp\salm.exe
C:\WINDOWS\aaxpo.exe
C:\WINDOWS\ixelwh.exe
C:\WINDOWS\nem220.dll
C:\WINDOWS\System32\asr_fnt.exe
C:\WINDOWS\System32\nvsc32.exe
C:\WINDOWS\System32\gah95on6.exe

---------------------------------------
Så kører du engangsskanneren fra Kaspersky - Aktiver det hele i opsætningen derinde, så den kan skanne alt igennem.
---------------------------------------

Genstart normalt og kom med en ny log til kontrol

----------------------------------------------------
Kør først LSPfix, sæt flueben i I know what I am doing, klik på finish, genstart så burde det virke.
Gør det ikke det, så prøv Winsockfix, klik først på Reg-backup, og gem en kopi af din regdatabase, når det er slut klik på Fix, når den er færdig genstart og så skulle du gerne kunne komme på nettet igen.
Avatar billede klixeren Nybegynder
24. februar 2005 - 00:42 #7
tak... ser hvordan det går :)
Avatar billede klixeren Nybegynder
24. februar 2005 - 00:44 #8
Ikke for at være mistroisk, men har læst om nogle med samme problem der bare brugte mwav-scanner ?????
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 00:55 #9
Ja, msn virus'en er denne: asr_fnt.exe
og den kan ganske rigtigt klares med et removal tool eller mwavscanneren, men computeren er smækfyldt med spy og adware.
Jeg går ud fra at du gerne vil have en ren computer og ikke bare fjernet msn virus'en ?

Mens jeg husker det bør du efter rensningen opdatere din computer med servicepack's. De kan downloades her: http://intern.sdu.dk/enheder/it-service/tjenester/ftphotel/ftpindhold/

Men vent til loggen er erklæret ren !!
Avatar billede klixeren Nybegynder
24. februar 2005 - 01:02 #10
ok... tak
Avatar billede klixeren Nybegynder
24. februar 2005 - 01:27 #11
Sorry... jeg er nok lidt langsom her, men plejer der ikke at stå fejlsikret i hjørnerne - når man genstarter i fejlsikret tilstand??

Når jeg trykker F8 under opstart bliver jeg bedt om at vælge et boot-device ???? Og jeg kommer slet ikke ind og vælger tilstand ????
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 01:36 #12
Det er fordi din bios har en "vælg bootdevice" på samme tast: F8.

Så du trykker F8, vælger harddisken i oversigeten og trykker enter, og trykker så med det samme gentagne gange på F8 og vil så få en menu op hvor du kan vælge fejlsikret tilstand.

(Jeg daffer i seng nu)
Avatar billede klixeren Nybegynder
24. februar 2005 - 01:37 #13
ok tak for hjælpen

sov godt
Avatar billede tonnybrandt Nybegynder
24. februar 2005 - 01:38 #14
Tak i lige måde.
Avatar billede tonnybrandt Nybegynder
22. marts 2005 - 12:45 #15
Fik du nogensinde kørt proceduren igennem ?
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
03/0500:59 Mobilepay app virker ikke mere på Xiaomi Redmi Note 13 Pro Af henrixx i Apps til Android
02/0519:09 Download Win 11 - 25H2 Af ErikHg i Windows
30/0410:42 Access Import af csv fil - forkerte datatyper Af Henrik Berg Hansen i Andet software
29/0419:37 Hente CSV fil, indsætte CSV data i TABEL for JAVASCRIPT Af snestrup2000 i Programmeringsværktøjer
29/0412:23 Facebook Af hkv i Sociale medier
White papers
Flere white papers »