Søg
Avatar billede rangerbs Nybegynder
09. marts 2005 - 11:22 Der er 6 kommentarer og
1 løsning

check log.fil

Hej..

Er der nogen der lige vil kigge denne log.fil igennem?


Logfile of HijackThis v1.99.1
Scan saved at 11:21:21, on 09-03-2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\cpuidle.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe
C:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Trend Micro\PC-cillin 2002\pccguide.exe
C:\Programmer\Trend Micro\PC-cillin 2002\PCCClient.exe
C:\Programmer\Trend Micro\PC-cillin 2002\Pop3trap.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Programmer\Messenger Plus! 3\MsgPlus.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\programmer\steam\steam.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\rundll32.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
c:\progra~1\intern~1\iexplore.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\WINDOWS\System32\wuauclt.exe
C:\Programmer\Windows Media Player\wmplayer.exe
C:\Programmer\Avant Browser\avant.exe
C:\Documents and Settings\Michael\Skrivebord\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cirvwhtlhsuaownaiytehjb.com/yGdxJ5B/XHWTPB/Pgg8Ekk5bWY8fvMqMxlgzkozMPib5t9if3QRXSySBckW7w2bo.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jmxezvthxdcgurp.net/yGdxJ5B/XHWj7XwX/shF9GFlYA_L45EcKEHOjTZ_mWQ.html
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: C:\WINDOWS\lbbho.dll - {6EB575B8-F779-4DB4-BB6F-4143B6C09D27} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: (no name) - {8E99E78F-D5E0-43E0-6882-41EF89E827C0} - C:\DOCUME~1\Michael\APPLIC~1\ATOMFI~1\active admin.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [pccguide.exe] "C:\Programmer\Trend Micro\PC-cillin 2002\pccguide.exe"
O4 - HKLM\..\Run: [PCCClient.exe] "C:\Programmer\Trend Micro\PC-cillin 2002\PCCClient.exe"
O4 - HKLM\..\Run: [Pop3trap.exe] "C:\Programmer\Trend Micro\PC-cillin 2002\Pop3trap.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [System startup] charmapx.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Tickblehbendthis] C:\Documents and Settings\All Users\Application Data\kindparttickbleh\Wave Does.exe
O4 - HKLM\..\RunServices: [System startup] charmapx.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [Steam] "c:\programmer\steam\steam.exe" -silent
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Programmer\Messenger Plus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [extrawipe] C:\DOCUME~1\Michael\APPLIC~1\TRAYLO~1\Size Ping Dumb.exe
O4 - HKCU\..\Run: [WhatPulse] C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Reboot.exe
O4 - Global Startup: GStartup.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PrecisionTime.lnk = C:\Programmer\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: Bloker alle billeder fra den samme server - C:\Programmer\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Marker forekomster af ord på denne side - C:\Programmer\Avant Browser\Highlight.htm
O8 - Extra context menu item: Søg på ord - C:\Programmer\Avant Browser\Search.htm
O8 - Extra context menu item: Tilføj til AD Black List - C:\Programmer\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Åben alle links på denne side... - C:\Programmer\Avant Browser\OpenAllLinks.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\MSMSGS.EXE
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O18 - Protocol: bw+0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: cpuidle - Unknown owner - C:\WINDOWS\SYSTEM32\DRIVERS\ETC\CPUIDLE\srvany.exe
O23 - Service: Creative NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC-cillin PersonalFirewall (PCCPFW) - Trend Micro Inc. - C:\Programmer\Trend Micro\PC-cillin 2002\PCCPFW.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Inc. - C:\Programmer\Trend Micro\PC-cillin 2002\Tmntsrv.exe


Hilsen RangerBS :D
Avatar billede kalp Novice
09. marts 2005 - 11:23 #1
ser på den
Avatar billede kalp Novice
09. marts 2005 - 11:32 #2
Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

Genstart i Fejlsikret tilstand ved at taste F8 under opstart.
Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer - klik "Fix checked":

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.cirvwhtlhsuaownaiytehjb.com/yGdxJ5B/XHWTPB/Pgg8Ekk5bWY8fvMqMxlgzkozMP ib5t9if3QRXSySBckW7w2bo.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.jmxezvthxdcgurp.net/yGdxJ5B/XHWj7XwX/shF9GFlYA_L45EcKEHOjTZ_mWQ.html 
O2 - BHO: C:\WINDOWS\lbbho.dll - {6EB575B8-F779-4DB4-BB6F-4143B6C09D27} - C:\WINDOWS\lbbho.dll (file missing)
O2 - BHO: (no name) - {8E99E78F-D5E0-43E0-6882-41EF89E827C0} - C:\DOCUME~1\Michael\APPLIC~1\ATOMFI~1\active admin.exe
O4 - HKLM\..\Run: [Tickblehbendthis] C:\Documents and Settings\All Users\Application Data\kindparttickbleh\Wave Does.exe
O4 - HKCU\..\Run: [extrawipe] C:\DOCUME~1\Michael\APPLIC~1\TRAYLO~1\Size Ping Dumb.exe
O4 - HKCU\..\Run: [WhatPulse] C:\PROGRA~1\WHATPU~1\WHATPU~1.EXE
O4 - Startup: Reboot.exe
O4 - Global Startup: GStartup.lnk = ?
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab

Alle

O18 - Protocol: bw+0 - {6AE8FF8D-B003-4E7F-BD6C-9A3638FD9EA5} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Find og slet

Mapper

C:\DOCUME~1\Michael\APPLIC~1\ATOMFI~1\
C:\Documents and Settings\All Users\Application Data\kindparttickbleh\
C:\DOCUME~1\Michael\APPLIC~1\TRAYLO~1\
C:\PROGRA~1\WHATPU~1\

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Slet alt den finder..

Genstart normalt og kopir en ny log herind så jeg kan se om vi fik det hele med eller om noget er blevet overset:)
Avatar billede majsmarken Nybegynder
09. marts 2005 - 14:23 #3
<kalp>: Så den lige tilfældigvis - "overset"?

O4 - Global Startup: PrecisionTime.lnk = C:\Programmer\PrecisionTime\PrecisionTime.exe

Samt i "oprydningsøjemed":
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Programmer\WinZip\WZQKPICK.EXE
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe



(Hvad med 'talen' om [Messenger Plus! 3] ?)
Avatar billede kalp Novice
09. marts 2005 - 14:25 #4
majsmarken... tjoh.. bliver så taget i næste log.. lig mærke til sidste sætning i min procedure:) angående messenger plus! 3 så har jeg droppet den eftersom det svært at vurdere.. men plejer at slutte af med at gøre opmærksom på det i hvertfald..
Avatar billede majsmarken Nybegynder
15. marts 2005 - 12:22 #5
Hmmm... mon <rangerbs> har glemt dig ?
Avatar billede kalp Novice
15. marts 2005 - 12:25 #6
Det håber jeg da ikke nu jeg har brugt tid på at kigge loggen igennem:)
Avatar billede kalp Novice
17. april 2005 - 03:00 #7
Husk at lukke:)

Marker mit navn helt nede i venstre hjørne og tryk på accepter:)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I går 00:59 Mobilepay app virker ikke mere på Xiaomi Redmi Note 13 Pro Af henrixx i Apps til Android
02/0519:09 Download Win 11 - 25H2 Af ErikHg i Windows
30/0410:42 Access Import af csv fil - forkerte datatyper Af Henrik Berg Hansen i Andet software
29/0419:37 Hente CSV fil, indsætte CSV data i TABEL for JAVASCRIPT Af snestrup2000 i Programmeringsværktøjer
29/0412:23 Facebook Af hkv i Sociale medier
White papers
Flere white papers »