Søg
Avatar billede cel1 Novice
29. september 2005 - 22:18 Der er 5 kommentarer og
1 løsning

hjælp til at læse hijack fil

hej er der en der gider læse denne hijack fil

Logfile of HijackThis v1.99.1
Scan saved at 22:06:35, on 29-09-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Programmer\Acer\Notebook Manager\almxptray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Logitech\Desktop Messenger\8876480

\Program\LogitechDesktopMessenger.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
C:\WINDOWS\system32\LVComS.exe
C:\Programmer\WinZip\WZQKPICK.EXE
C:\Programmer\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Programmer\TorrentStorm\TorrentStorm.exe
C:\Documents and Settings\Kim Neumann\Skrivebord\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.kvikstart.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet

Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497}

- (no file)
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} -

(no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} -

C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} -

C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Programmer\Acer\Notebook

Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programmer\Fælles

filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [websx] C:\Programmer\websx\int304946.exe -auto
O4 - HKLM\..\Run: [LogitechVideoRepair]

C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray]

C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -

atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03

\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe

/STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ChkMail] °<9
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe"

/background
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480

\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash

/minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft

ActiveSync\WCESCOMM.EXE"
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: WinZip Quick Pick.lnk =

C:\Programmer\WinZip\WZQKPICK.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk =

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10

\OSA.EXE
O4 - Global Startup: LG SyncManager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-

00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-

00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -

C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-

9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-

00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer

Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object)

- http://i.grab.com/media/3ef815/games/files/663/popcaploader_v6.cab
O18 - Protocol: bw+0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw+0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw-0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw-0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw00 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw00s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw10 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw10s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw20 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw20s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw30 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw30s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw40 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw40s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw50 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw50s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw60 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw60s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw70 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw70s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw80 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw80s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw90 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bw90s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwa0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwa0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwb0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwb0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwc0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwc0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwd0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwd0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwe0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwe0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwf0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwf0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-

8876480.dll
O18 - Protocol: bwg0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwg0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwh0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwh0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwi0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwi0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwj0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwj0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwk0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwk0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwl0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwl0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwm0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwm0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwn0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwn0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwo0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwo0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwp0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwp0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwq0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwq0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwr0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwr0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bws0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bws0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwt0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwt0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwu0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwu0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwv0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwv0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bww0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bww0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwx0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwx0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwy0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwy0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwz0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: bwz0s - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O18 - Protocol: offline-8876480 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} -

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-

8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. -

C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. -

C:\Programmer\Sygate\SPF\smc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -

C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede kalp Novice
29. september 2005 - 22:21 #1
ja da det gør jeg
Avatar billede cel1 Novice
29. september 2005 - 22:27 #2
tak
Avatar billede kalp Novice
29. september 2005 - 22:29 #3
Download og gem denne scanner på skrivebordet. (Vi skal bruge den senere)
http://www.spywareinfo.dk/download/mwav.exe

Download Ewido (Trial version) (Installer og opdater programmet, men vent med et scanne til jeg siger til!)
http://shop.element5.com/product.html?productid=531168

Genstart i Fejlsikret tilstand ved at taste F8 under opstart.

Højreklik på windows start knappen (helt nede i venstre hjørne af din skærm) og vælge "Stifinder", klik på Funktioner->Mappeindstillinger->Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Slet denne mappe (jeg går ikke ud fra det er noget du kender)

C:\Programmer\websx\

Kør HijackThis, scan og sæt et flueben ud for disse linjer - luk øvrige programvinduer. Dobbelt tjeck alt kom med!. Klik herefter "Fix checked" i hijackthis:

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [websx] C:\Programmer\websx\int304946.exe -auto
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: WinZip Quick Pick.lnk =
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://i.grab.com/media/3ef815/games/files/663/popcaploader_v6.cab

ALLE 018 linjerne.. altså disse
O18 - Protocol: bw+0 - {333DA2FD-29E0-42DE-92EF-4AD65AC468D1} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Find og slet (Kig godt efter!!.. Det du ikke finder har hijackthis muligvis selv kunne slette!)

Filerne

C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Scan med Ewido nu!

Genstart normalt og kopir en ny hijackthis log herind så jeg kan se om vi fik fjernet det hele eller om noget skulle være blevet overset:)
Avatar billede kalp Novice
02. oktober 2005 - 19:18 #4
??
Avatar billede cel1 Novice
02. oktober 2005 - 20:58 #5
Logfile of HijackThis v1.99.1
Scan saved at 20:58:45, on 02-10-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\Progra~1\Launch Manager\LaunchAp.exe
C:\Progra~1\Launch Manager\PowerKey.exe
C:\Progra~1\Launch Manager\HotkeyApp.exe
C:\Progra~1\Launch Manager\CtrlVol.exe
C:\Progra~1\Launch Manager\Wbutton.exe
C:\Programmer\Acer\Notebook Manager\almxptray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\LVComS.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE
C:\Programmer\LG PC Suite\LG PC Sync\LGSyncManager.exe
C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Documents and Settings\Kim Neumann\Skrivebord\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.kvikstart.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://global.acer.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\01.02.4000.1001\da\msntb.dll
O4 - HKLM\..\Run: [LaunchApp] LaunApp
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Progra~1\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Progra~1\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Progra~1\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Progra~1\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Progra~1\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [AcerNotebookManager] C:\Programmer\Acer\Notebook Manager\almxptray.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programmer\Fælles filer\Microsoft Shared\Works Shared\WkUFind.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programmer\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: wkcalrem.LNK = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: LG SyncManager.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Programmer\Microsoft ActiveSync\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .pdf: C:\Programmer\Internet Explorer\PLUGINS\nppdf32.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Programmer\Sygate\SPF\smc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
Avatar billede kalp Novice
02. oktober 2005 - 21:20 #6
Din log er fin nu:)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 13:58 Pris på fiber Af lurup i Internetforbindelser
I går 20:09 problem med download i <a href=" " download> tag i JavaScript Af Peer i JavaScript
I går 18:26 Problemer med Prestashop Af BCP i E-handel
I går 18:10 Google Home Af birdbrain i Apps til iOS
I går 14:46 Microsoft vil "stjæle" mine login oplysninger Af mort1 i Windows
White papers
Flere white papers »