Søg
Avatar billede jimmi80 Nybegynder
08. oktober 2005 - 00:34 Der er 5 kommentarer

hijack this log fil

jeg har bøvl med computeren jeg har lavet en log fil så hvis der er en som kan hjælpe mig ville det være fint...
Avatar billede jimmi80 Nybegynder
08. oktober 2005 - 00:35 #1
her er log filen...
Logfile of HijackThis v1.99.1
Scan saved at 00:24:42, on 08-10-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
C:\Programmer\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\Programmer\D-Tools\daemon.exe
C:\Programmer\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\Lgpki\Qyihre.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\MSN Apps\Updater\01.02.3000.1001\da\msnappau.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\WINDOWS\etb\pokapoka75.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\programmer\valve\steam\steam.exe
C:\Programmer\WIDCOMM\Bluetooth-software\BTTray.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Documents and Settings\lasse\Skrivebord\downloads\download crap\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.directsearchzone.com/sp2.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.directsearchzone.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://runonce.msn.com/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Tiscali A/S - Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [PK Services] pksvc.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Programmer\D-Tools\daemon.exe"  -lang 1033
O4 - HKLM\..\Run: [9Ad6JxF4] C:\WINDOWS\kgwpma.exe
O4 - HKLM\..\Run: [AWMON] "C:\Programmer\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"
O4 - HKLM\..\Run: [iruxex] C:\WINDOWS\iruxex.exe
O4 - HKLM\..\Run: [Cxnvqt] C:\Program Files\Lgpki\Qyihre.exe
O4 - HKLM\..\Run: [SpamExtract] C:\PROGRA~1\SPAMEX~1\oeSpamExtractLdr.exe
O4 - HKLM\..\Run: [checkrun] C:\windows\system32\elitebsh32.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [msnappau] "C:\Programmer\MSN Apps\Updater\01.02.3000.1001\da\msnappau.exe"
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitednv32.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [System service75] C:\WINDOWS\etb\pokapoka75.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [Microsoft Update] esplorer.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] pomedsrv.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [PK Services] pksvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] regscan.exe
O4 - HKLM\..\RunServices: [WIN USB SUPPORT] grxsrv.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Windows secure] setver32.exe
O4 - HKLM\..\RunServices: [Quicktime Mediaplayer] winmplyer32.exe
O4 - HKLM\..\RunServices: [NDIS Adapter] lsass2.exe
O4 - HKLM\..\RunServices: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\RunServices: [Microsoft Keyz] winsdns.exe
O4 - HKLM\..\RunServices: [Microsoft Registry] csrse.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [PK Services] pksvc.exe
O4 - HKCU\..\Run: [Steam] "c:\programmer\valve\steam\steam.exe" -silent
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O8 - Extra context menu item: Send til &Bluetooth - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie_ctx.htm
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programmer\PartyPoker\PartyPoker.exe (file missing)
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Programmer\WIDCOMM\Bluetooth-software\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O12 - Plugin for .mov: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin.dll
O12 - Plugin for .mpg: C:\Programmer\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {87D1A6EF-8CBC-458A-84B5-0333562418CD} - http://www.sitetracking.info/cttdl.cab
O16 - DPF: {92E7E45A-D8C8-480E-AF99-176E43997CAA} (Aurigma Image Uploader 3.5 Combo Control) - http://www.pixdiscount.dk/clients/ImageUploader3.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: bw+0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2CD50E3F-5B9B-4863-BFA7-B59FA0FF5B60} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Programmer\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Programmer\CA\SharedComponents\CA_LIC\lic98rmtd.exe
O23 - Service: PK Services (farm) - Unknown owner - C:\WINDOWS\system32\pksvc.exe" -netsvcs (file missing)
O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Programmer\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FLLESF~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\FLLESF~1\SONYSH~1\AVLib\Sptisrv.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
Avatar billede fromsej Praktikant
08. oktober 2005 - 09:04 #2
Puha da da, der er lidt af hvert på.
Jeg tjekker den nu.
Avatar billede fromsej Praktikant
08. oktober 2005 - 09:05 #3
1. Hent LQfix.exe her:

http://users.telenet.be/bluepatchy/miekiemoes/tools/LQfix.exe

2. Dobbeltklik på LQfix.exe - programmet vil nu pakke sig ud i mappen LQfix. Åben denne mappe og dobbeltklik på ClickThis.bat og følg instruktionen på skærmen. Din computer vil blive genstartet, og der køres et automatisk script (så din opstart vil tage lidt længere tid end normalt).

3. Når computeren er klar - scan med HijackThis og læg en frisk log herind.
Avatar billede jimmi80 Nybegynder
08. oktober 2005 - 17:55 #4
jeg kan ikke køre progammetander ikke hvad der galt????
Avatar billede fromsej Praktikant
08. oktober 2005 - 22:35 #5
Så må vi prøve manuelt.

---------------------------------------
Klik på Start->Kør skriv Services.msc og klik OK.
Find tjenesten PK Services (farm) og stop den, højreklik så på den og vælg Starttype Deaktiveret.
---------------------------------------
Download og gem denne scanner på skrivebordet. Du skal ikke aktivere den endnu.
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
---------------------------------------
Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, genstart i fejlsikret (tryk på <F8> under opstarten), slet mapper og filer listet længere nede.
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.directsearchzone.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.directsearchzone.com/sp2.php
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe //ICWLaunch
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [PK Services] pksvc.exe
O4 - HKLM\..\Run: [9Ad6JxF4] C:\WINDOWS\kgwpma.exe
O4 - HKLM\..\Run: [iruxex] C:\WINDOWS\iruxex.exe
O4 - HKLM\..\Run: [Cxnvqt] C:\Program Files\Lgpki\Qyihre.exe
O4 - HKLM\..\Run: [etbrun] C:\windows\system32\elitednv32.exe
O4 - HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [System service75] C:\WINDOWS\etb\pokapoka75.exe
O4 - HKLM\..\RunServices: [Microsoft Support Service] svcmgt.exe
O4 - HKLM\..\RunServices: [Microsoft Update] esplorer.exe
O4 - HKLM\..\RunServices: [Win32 USB2 Driver] pomedsrv.exe
O4 - HKLM\..\RunServices: [Microsoft-Update] wngard.exe
O4 - HKLM\..\RunServices: [PK Services] pksvc.exe
O4 - HKLM\..\RunServices: [Windows Registry Scan] regscan.exe
O4 - HKLM\..\RunServices: [WIN USB SUPPORT] grxsrv.exe
O4 - HKLM\..\RunServices: [CRC Value Verifier] crsss32.exe
O4 - HKLM\..\RunServices: [Windows secure] setver32.exe
O4 - HKLM\..\RunServices: [Quicktime Mediaplayer] winmplyer32.exe
O4 - HKLM\..\RunServices: [NDIS Adapter] lsass2.exe
O4 - HKLM\..\RunServices: [Microsoft Security Management] winnt.exe
O4 - HKLM\..\RunServices: [Microsoft Keyz] winsdns.exe
O4 - HKLM\..\RunServices: [Microsoft Registry] csrse.exe
O4 - HKCU\..\Run: [PK Services] pksvc.exe
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/CDT/ie/bridge-c18.cab
O16 - DPF: {87D1A6EF-8CBC-458A-84B5-0333562418CD} - http://www.sitetracking.info/cttdl.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab
O18 - Protocol: ALLE!
O23 - Service: PK Services (farm) - Unknown owner - C:\WINDOWS\system32\pksvc.exe" -netsvcs (file missing)
---------------------------------------
Sletning af \mapper\ og filer:
Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Brug af Start->Søg.
Klik på "Skift søgefunktioner for filer og mapper"
Sæt prik i "Avanceret" og klik OK.
Klik på "Alle filer og mapper"
Klik på "Flere avancerede indstillinger"
Sæt flueben i de tre øverste.
-------------------
Mapper:
C:\Program Files\Lgpki\
C:\Program Files\Media Access\
C:\Program Files\Media Gateway\
C:\WINDOWS\etb\

-------------------
Filer:
C:\WINDOWS\system32\pksvc.exe
C:\WINDOWS\iruxex.exe
C:\windows\system32\elitednv32.exe
svcmgt.exe
esplorer.exe
pomedsrv.exe
wngard.exe
regscan.exe
grxsrv.exe
crsss32.exe
setver32.exe
winmplyer32.exe
lsass2.exe
winnt.exe
winsdns.exe
---------------------------------------
Dobbeltklik på drweb-cureit.exe, den vil køre en expressscan, det siger du ja til.
Når den skriver Done nederst til venstre, skal du klikke på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.
Klik så på den grønne pil ovre til højre på siden, så starter scanningen.
Klik så på Start->Søg, find filen drweb32w.log kopier det nederste af teksten herind, startende med:
Scan statistics.
---------------------------------------
Genstart normalt, hent og installer programmet Ad-aware hvis du da ikke har det i forvejen. Opdater det straks efter installationen, og inden du kører en scanning med denne. Fjern alt hvad den finder. Programmet samt brugervejledning på dansk finder du her: http://www.spywarefri.dk/tipsogtricks.htm#adaware
Følg også vejledningen her til udvidet søgning:
http://www.spywarefri.dk/manualer/adaware-manual.htm
---------------------------
Genstart normalt og kom med en frisk Hijackthislog.
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
Se alle it-kurser fra Computerworld Kurser
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.
Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel Indlæg Oprettet Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus 22 26/11/202510:42 23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus 8 31/08/202519:08 01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus 10 03/02/202514:20 04/02/202511:05
mulig ukendt virus Af jackie18 i Virus 3 18/01/202514:07 18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus 13 18/01/202511:40 20/01/202517:53
Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Opret Log ind

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten
Seneste spørgsmål Seneste aktivitet
I dag 13:58 Pris på fiber Af lurup i Internetforbindelser
I går 20:09 problem med download i <a href=" " download> tag i JavaScript Af Peer i JavaScript
I går 18:26 Problemer med Prestashop Af BCP i E-handel
I går 18:10 Google Home Af birdbrain i Apps til iOS
I går 14:46 Microsoft vil "stjæle" mine login oplysninger Af mort1 i Windows
White papers
Flere white papers »