Notifikationer

Markér alle som læst Log ud

agersnap Nybegynder

27. november 2005 - 20:24 Der er 17 kommentarer og
2 løsninger

HijackThis Logfile -

Hej

Er der en ekspert der vil tjekke denne logfil?

Min pc er langsom og der kommer alle mulige pop-ups...

Er der noget galt her?

Logfile of HijackThis v1.99.1
Scan saved at 20:21:16, on 27-11-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
c:\Programmer\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Programmer\Fælles filer\InterVideo\SchSvr\SchSvr.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\ISTsvc\istsvc.exe
C:\WINDOWS\ioiot.exe
C:\Programmer\SurfAccuracy\SAcc.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Fljzfes\Kcjwo.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Mor\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vinderland.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Programmer\YourSiteBar\ysb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmer\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Programmer\Fælles filer\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ccApp] "c:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [kcryMFG4G] C:\WINDOWS\ioiot.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Programmer\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Programmer\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Ibuol] C:\Program Files\Fljzfes\Kcjwo.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Programmer\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programmer\SideFind\sidefind.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O18 - Protocol: bw+0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Norton AntiVirus Auto Protect (navapsvc) - Symantec Corporation - c:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

Synes godt om

ejvindh Ekspert

27. november 2005 - 20:31 #1

Jeg kigger den igennem :-)

Synes godt om

agersnap Nybegynder

27. november 2005 - 20:40 #2

ok.. tak..

Synes godt om

ejvindh Ekspert

27. november 2005 - 20:43 #3

Den er lidt småslem *S*

Hent AproposFix her:
http://swandog46.geekstogo.com/aproposfix.exe
Gem programmet, hvor du kan finde det igen - du skal ikke køre programmet (endnu).

Download og gem denne scanner på skrivebordet. Du skal ikke aktivere det endnu.
http://www.spywareinfo.dk/download/mwav.exe

Hent Ewido herfra (14 dages version af plus-versionen)
http://www.spywarefri.dk/downloads1/ewido-setup.exe
Installer og kør Ewido - opdater programmet.

Gå ind i kontrolpanel-tilføj/fjern programmer, og se om du kan få lov til at afinstallere følgende programmer:
Internet Optimizer
Sidefind
YourSiteBar
SurfAccuracy
Spyspotter

Tast ctrl-alt-delete, Klik på Jobliste/Taskmanager, Processer/Processes. Find nedenstående processer, højreklik på dem og vælg afslut proces.
istsvc.exe
ioiot.exe
optimize.exe
Kcjwo.exe

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.

R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\nem220.dll
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - C:\Programmer\SideFind\sfbho.dll
O3 - Toolbar: (no name) - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - (no file)
O3 - Toolbar: YourSiteBar - {86227D9C-0EFE-4f8a-AA55-30386A3F5686} - C:\Programmer\YourSiteBar\ysb.dll
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [IST Service] C:\Programmer\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [kcryMFG4G] C:\WINDOWS\ioiot.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Programmer\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [SpySpotter System Defender] C:\Programmer\SpySpotter3\Defender.exe -startup
O4 - HKLM\..\Run: [Ibuol] C:\Program Files\Fljzfes\Kcjwo.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - C:\Programmer\SideFind\sidefind.dll
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {42F2C9BA-614F-47C0-B3E3-ECFD34EED658} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

ALLE O18-LINIER, DER LYDER SÅDAN HER:
O18 - Protocol: bw+0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Sletning af filer og mapper:
Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Genstart i fejlsikret (tryk på <F8> under opstarten), slet mapper og filer listet herunder (nogle af dem er muligvis allerede blevet slettet af Hijackthis).
-------------------
Mapper:
C:\Programmer\SideFind\
C:\Programmer\YourSiteBar\
C:\Programmer\ISTsvc\
C:\Programmer\SurfAccuracy\
C:\Program Files\Internet Optimizer\
C:\Programmer\SpySpotter3\
C:\Program Files\Fljzfes\
-------------------
Filer:
C:\WINDOWS\nem220.dll
C:\WINDOWS\wsem303.dll
c:\Windows\ALCXMNTR.EXE
C:\WINDOWS\ioiot.exe
---------------------------------------
Kør en fuld scanning med Ewido. Programmet laver en lille log, som du skal kopiere herind i dit næste svar.

Klik på mwav.exe som du hentede, programmet pakker sig selv ud og starter.
Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files

Klik på scan clean. Det kan godt tage lang tid (nogle timer), men den er også meget effektiv.

Dobbeltklik på AproposFix.exe og pak programmet ud til dit Skrivebord. Åben AproposFix mappen og dobbeltklik på RunThis.bat. Følg programmets vejledning.

Når programmet er færdigt, genstart i Normal tilstand, kør HijackThis og læg en frisk HijackThis log herind sammen med filen log.txt, der ligger i AproposFix mappen, og Ewido-loggen.

Synes godt om

agersnap Nybegynder

28. november 2005 - 16:50 #4

+ Oprettet den: 16:48:40, 28-11-2005
+ Rapport-Checksum: 7A95F5BF

+ Scanningsresultat:
HKLM\SOFTWARE\Avenue Media -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\Browser Helper\cf1 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf1 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf2 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf3 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf4 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Avenue Media\Internet Optimizer\WSE\cf5 -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CLSID\\ -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper\CurVer -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper.1 -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\BrowserHelperObject.BAHelper.1\CLSID\\ -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\Classes\CLSID\{86227D9C-0EFE-4f8a-AA55-30386A3F5686} -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\CLSID\{8CBA1B49-8144-4721-A7B1-64C578C9EED7}\TypeLib\\ -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\CLSID\{CEA206E8-8057-4A04-ACE9-FF0D69A92297} -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\CLSID\{CEA206E8-8057-4A04-ACE9-FF0D69A92297}\TypeLib\\ -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CLSID\\ -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj\CurVer -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj.1 -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.BHObj.1\CLSID\\ -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CLSID -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CLSID\\ -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj\CurVer -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj.1 -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\DyFuCA_BH.SinkObj.1\CLSID\\ -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8} -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}\TypeLib\\ -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{1C01D150-91A4-4DE0-9BF8-A35D1BDF1001} -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{1C01D150-91A4-4DE0-9BF8-A35D1BDF1001}\TypeLib\\ -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543} -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{339D8AFF-0B42-4260-AD82-78CE605A9543}\TypeLib\\ -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F} -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{A36A5936-CFD9-4B41-86BD-319A1931887F}\TypeLib\\ -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{AA4939C3-DECA-4A48-A454-97CD587C0EF5} -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{AA4939C3-DECA-4A48-A454-97CD587C0EF5}\TypeLib\\ -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542} -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}\TypeLib\\ -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{EEE4A2E5-9F56-432F-A6ED-F6F625B551E0} -> Dialer.Generic : Renset med backup
HKLM\SOFTWARE\Classes\Interface\{EEE4A2E5-9F56-432F-A6ED-F6F625B551E0}\TypeLib\\ -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder\CLSID\\ -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder\CurVer -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder.1 -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\SideFind.Finder.1\CLSID\\ -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\TypeLib\{0BE10B0D-B4DB-4693-9B1F-9AEAD54D17DC} -> Spyware.SafeSurfing : Renset med backup
HKLM\SOFTWARE\Classes\TypeLib\{40B1D454-9CA4-43CC-86AA-CB175EAC52FB} -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Classes\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44} -> Spyware.YourSiteBar : Renset med backup
HKLM\SOFTWARE\Classes\TypeLib\{58634367-D62B-4C2C-86BE-5AAC45CDB671} -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Classes\TypeLib\{D0288A41-9855-4A9B-8316-BABE243648DA} -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\ISTsvc -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\ISTsvc\history -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\Microsoft\SideFind -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Install.dll\\.Owner -> Spyware.CnsMin : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\ModuleUsage\C:/WINDOWS/Downloaded Program Files/Install.dll\\{205FF73B-CA67-11D5-99DD-444553540006} -> Spyware.CnsMin : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\AMeOpt -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DyFuCA -> Spyware.MoneyTree : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ISTsvc -> Spyware.ISTBar : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Kapabout -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Rotue -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\Policies\Avenue Media -> Spyware.InternetOptimizer : Renset med backup
HKLM\SOFTWARE\PowerScan -> Spyware.PowerScan : Renset med backup
HKLM\SOFTWARE\SideFind -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\SideFind\History -> Spyware.SideFind : Renset med backup
HKLM\SOFTWARE\YourSiteBar -> Spyware.ISTBar : Fejl under renselse
HKLM\SOFTWARE\YourSiteBar\Historyfiles -> Spyware.ISTBar : Fejl under renselse
HKLM\SOFTWARE\YourSiteBar\Historystring -> Spyware.ISTBar : Fejl under renselse
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Avenue Media -> Spyware.InternetOptimizer : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\IST -> Spyware.ISTBar : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Internet Explorer\Explorer Bars\{8CBA1B49-8144-4721-A7B1-64C578C9EED7} -> Spyware.SideFind : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Internet Explorer\Extensions\CmdMapping\\{10E42047-DEB9-4535-A118-B3F6EC39B807} -> Spyware.SideFind : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00000010-6F7D-442C-93E3-4A4827C2E4C8} -> Spyware.InternetOptimizer : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10E42047-DEB9-4535-A118-B3F6EC39B807} -> Spyware.SideFind : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{86227D9C-0EFE-4F8A-AA55-30386A3F5686} -> Spyware.YourSiteBar : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -> Spyware.MoneyTree : Renset med backup
HKU\S-1-5-21-184561148-3065742986-184145054-1009\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A3FDD654-A057-4971-9844-4ED8E67DBBB8} -> Spyware.ISTBar : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@2o7[1].txt -> Spyware.Cookie.2o7 : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@ad.yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@advertising[1].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@as-eu.falkag[2].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@atdmt[2].txt -> Spyware.Cookie.Atdmt : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@fastclick[2].txt -> Spyware.Cookie.Fastclick : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@overture[1].txt -> Spyware.Cookie.Overture : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@revenue[2].txt -> Spyware.Cookie.Revenue : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@statse.webtrendslive[2].txt -> Spyware.Cookie.Webtrendslive : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@trafficmp[1].txt -> Spyware.Cookie.Trafficmp : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@tribalfusion[1].txt -> Spyware.Cookie.Tribalfusion : Renset med backup
C:\Documents and Settings\Anne\Cookies\anne@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Renset med backup
C:\Documents and Settings\Anne\Lokale indstillinger\Temp\cln77.tmp -> TrojanDownloader.Dyfuca.dp : Renset med backup
C:\Documents and Settings\Anne\Lokale indstillinger\Temp\uninstall.exe -> TrojanDownloader.IstBar.gi : Renset med backup
C:\Documents and Settings\Anne\Lokale indstillinger\Temporary Internet Files\Content.IE5\VOOWPVP8\actalert[1].exe -> TrojanDownloader.Dyfuca.dp : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@247realmedia[1].txt -> Spyware.Cookie.247realmedia : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@2o7[1].txt -> Spyware.Cookie.2o7 : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@ads.pointroll[2].txt -> Spyware.Cookie.Pointroll : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@advertising[2].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@as-us.falkag[2].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@as1.falkag[2].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@atdmt[2].txt -> Spyware.Cookie.Atdmt : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@casalemedia[1].txt -> Spyware.Cookie.Casalemedia : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@doubleclick[2].txt -> Spyware.Cookie.Doubleclick : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@edge.ru4[1].txt -> Spyware.Cookie.Ru4 : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@ehg-warnerbrothers.hitbox[2].txt -> Spyware.Cookie.Hitbox : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@fastclick[2].txt -> Spyware.Cookie.Fastclick : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@hitbox[1].txt -> Spyware.Cookie.Hitbox : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@ilead.itrack[2].txt -> Spyware.Cookie.Itrack : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@questionmarket[1].txt -> Spyware.Cookie.Questionmarket : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@revenue[1].txt -> Spyware.Cookie.Revenue : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@server.iad.liveperson[1].txt -> Spyware.Cookie.Liveperson : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@tradedoubler[1].txt -> Spyware.Cookie.Tradedoubler : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@tribalfusion[2].txt -> Spyware.Cookie.Tribalfusion : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@valueclick[2].txt -> Spyware.Cookie.Valueclick : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Renset med backup
C:\Documents and Settings\Ejer\Cookies\ejer@z1.adserver[1].txt -> Spyware.Cookie.Adserver : Renset med backup
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Cookies\ejer@advertising[1].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\Cookies\ejer@servedby.advertising[2].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\iinstall.exe -> TrojanDownloader.IstBar.mz : Renset med backup
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\optimize.exe -> TrojanDownloader.Dyfuca.EI : Renset med backup
C:\Documents and Settings\Ejer\Lokale indstillinger\Temp\sidefind.exe -> TrojanDownloader.IstBar.jm : Renset med backup
C:\Documents and Settings\Ejer\Menuen Start\Programmer\Power Scan -> Spyware.PowerScan : Renset med backup
C:\Documents and Settings\Ejer\Menuen Start\Programmer\Power Scan\Power Scan.lnk -> Spyware.PowerScan : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@2o7[2].txt -> Spyware.Cookie.2o7 : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@ad.yieldmanager[2].txt -> Spyware.Cookie.Yieldmanager : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@ads.pointroll[1].txt -> Spyware.Cookie.Pointroll : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@adtech[2].txt -> Spyware.Cookie.Adtech : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@advertising[2].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@as-eu.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@as1.falkag[1].txt -> Spyware.Cookie.Falkag : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@atdmt[2].txt -> Spyware.Cookie.Atdmt : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@bluestreak[1].txt -> Spyware.Cookie.Bluestreak : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@com[2].txt -> Spyware.Cookie.Com : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@ehg-legonewyorkinc.hitbox[2].txt -> Spyware.Cookie.Hitbox : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@fastclick[1].txt -> Spyware.Cookie.Fastclick : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@hitbox[1].txt -> Spyware.Cookie.Hitbox : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@mediaplex[1].txt -> Spyware.Cookie.Mediaplex : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@revenue[2].txt -> Spyware.Cookie.Revenue : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@servedby.advertising[1].txt -> Spyware.Cookie.Advertising : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@statse.webtrendslive[1].txt -> Spyware.Cookie.Webtrendslive : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Renset med backup
C:\Documents and Settings\Mor\Cookies\mor@www.sidefind[2].txt -> Spyware.Cookie.Sidefind : Renset med backup
C:\Programmer\ISTsvc -> Spyware.ISTBar : Renset med backup
C:\Programmer\SurfAccuracy -> Adware.SurfAccuracy : Renset med backup
C:\RECYCLER\S-1-5-21-184561148-3065742986-184145054-1009\Dc14.exe -> Trojan.Small.cy : Renset med backup
C:\RECYCLER\S-1-5-21-184561148-3065742986-184145054-1009\Dc15.exe -> TrojanDownloader.Dyfuca.dp : Renset med backup
C:\RECYCLER\S-1-5-21-184561148-3065742986-184145054-1009\Dc7.dll -> Spyware.SideFind : Renset med backup

::Rapport slut

Er det det du mener..?

Synes godt om

ejvindh Ekspert

28. november 2005 - 20:26 #5

Ja, det var Ewido-loggen. Jeg vil også gerne se loggen fra Aproposfix, og en frisklavet HJT-log :-)

Synes godt om

agersnap Nybegynder

28. november 2005 - 20:31 #6

ja det sender jeg så imorgen, er det o.k..

Synes godt om

ejvindh Ekspert

28. november 2005 - 20:55 #7

Alt i orden :-)

Synes godt om

agersnap Nybegynder

29. november 2005 - 17:15 #8

Der er forresten også noget i vejen med min printer, den vil ikke printe når jeg trykker print, så printer den bare ud hvor meget blæk der er tilbage...

Synes godt om

agersnap Nybegynder

29. november 2005 - 17:26 #9

Logfile of HijackThis v1.99.1
Scan saved at 17:25:40, on 29-11-2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
c:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\Programmer\ewido\security suite\ewidoctrl.exe
C:\Programmer\ewido\security suite\ewidoguard.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7Debug\mdm.exe
c:\Programmer\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\System32\imapi.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\Fælles filer\InterVideo\SchSvr\SchSvr.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programmer\Messenger\msmsgs.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\WINDOWS\System32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\Hewlett-Packard\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Documents and Settings\Mor\Skrivebord\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vinderland.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Programmer\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Programmer\Hewlett-Packard\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Programmer\Fælles filer\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [ccApp] "c:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "c:\Programmer\Fælles filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe"
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [msnmsgr] "C:\Programmer\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O18 - Protocol: bw+0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - c:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Programmer\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Programmer\ewido\security suite\ewidoguard.exe
O23 - Service: Norton AntiVirus Auto Protect (navapsvc) - Symantec Corporation - c:\Programmer\Norton AntiVirus\navapsvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\Security Center\SymWSC.exe

Er det det du mener?

Synes godt om

ejvindh Ekspert

29. november 2005 - 19:51 #10

Det hjalp gevaldigt på den. Jeg ville nu også stadig gerne se loggen fra Aproposfix :-)

Da du fixede med HJT, har du vist overset at du skulle fixe alle de O18 linier, der lyder sådan her:
O18 - Protocol: bw+0s - {349AEFF1-1AEC-4BCA-9A80-95997C776939} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Derefter burde loggen være ren. Angående dit printerproblem, så kan det måske løses ved at afinstallere printeren, og geninstallere den.

Derudover vil jeg anbefale dig følgende for at få ryddet helt op:
For at gøre arbejdet helt færdig:
Det kan være en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.
Og så kan det også være en god ide at skjule dine systemfiler og -mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Det kan også være en god ide at få renset ud i dine midlertidige filer. Det kan gøres på en hurtig og nem måde med denne fil
www.spywareinfo.dk/download/cleantempxp2k.bat
---------------------------

For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Jeg vil anbefale at følgende som minimum bør være installeret: Antivirus, Spywareguard, Spywareblaster, IE-spyad og en firewall. Alle programmer kan du finde links til herfra:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser denne artikel om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414

Synes godt om

agersnap Nybegynder

29. november 2005 - 20:38 #11

øh, jeg kan ikke rigtig finde ud af at downloade denne hjemmeside (http://www.spywarefri.dk/virusscannere.htm#alle)

hvad gør jeg så?

Synes godt om

agersnap Nybegynder

29. november 2005 - 20:44 #12

Log of AproposFix v1

************

Running from directory:
C:\Documents and Settings\Mor\Skrivebord\aproposfix

************

Registry entries found:

[HKEY_LOCAL_MACHINE\Software\C1XV7A2saXt5]
@="uNr:myqYZZYZZaZKLKKBwjYZZYobZ4uzp 40ZQWQRCKfeZBPGTCPQZNAGG88ENaQWQ"
"Device"="\\\\.\\mnmmdK7"
"DriverPath"="C:\\WINDOWS\\system32\\drivers\\pciiaagp.sys"
"DriverName"="IpFRAME"
"HideUninstallerName"="C:\\Programmer\\Movpdate\\olecmd.exe"
"UninstallerPath"="C:\\WINDOWS\\system32\\qwiprapi.exe"
"UninstallerRegKey"="HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{79C5FDE8-CB21-4AE7-ADA7-6CF8D604B196}"
"UninstallerParams"="/CTUN"
"HDll"="C:\\WINDOWS\\system32\\exemscms.dll"
"ServerAddress"="adchannel.contextplus.net"
"LegalNote"="http://adchannel.contextplus.net/legal-note/nonbranded.html"
"PartnerId"="CP.IST2"
"InstallationId"="{Xe8982b1-c591-072c-425a-5ccc9df2f49d}"
"PageFiltering"=dword:00000001
"ClientName"="C:\\Programmer\\Movpdate\\idqpnpui.exe"

************

Removing hidden service:
Service IpFRAME removed.

Removing hidden folder:
Deletion of folder Movpdate succeeded!

Deleting files:

Deletion of file C:\WINDOWS\system32\drivers\pciiaagp.sys succeeded!
Deletion of file C:\WINDOWS\system32\odfsisgl.exe succeeded!
Deletion of file C:\WINDOWS\system32\exemscms.dll succeeded!
Deletion of file C:\WINDOWS\system32\qwiprapi.exe succeeded!

Backing up files:
Done!

Removing registry entries:

REGEDIT4

[-HKEY_CURRENT_USER\Software\C1XV7A2saXt5]
[-HKEY_LOCAL_MACHINE\Software\C1XV7A2saXt5]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{79C5FDE8-CB21-4AE7-ADA7-6CF8D604B196}]

Done!

Finished!

Synes godt om

ejvindh Ekspert

29. november 2005 - 20:51 #13

Det er ikke så vigtigt at komme ind på (http://www.spywarefri.dk/virusscannere.htm#alle), selvom jeg nu ingen problemer har med det. Den beskriver bare, hvorfor og hvordan du deaktiverer systemgendannelse. Dette var den tekst du skulle læse derinde:

Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik ok og genstart.

Når du skal aktivere systemgendannelse igen går du samme vej og fjerner fluebenet i "Deaktiver systemgendannelse".

Jeg takker også for aproposfix loggen. Det bekræfter mig i min mistanke, at det var en god ide at køre dette fix. Så ved jeg det til næste gang :-)

Synes godt om

agersnap Nybegynder

29. november 2005 - 20:58 #14

jeg kan kun finde noget der hedder systemoplysninger hvor skal jeg finde systemgendanelse..?

Synes godt om

ejvindh Ekspert

29. november 2005 - 21:14 #15

Den skulle ligge lige ovenover "systemoplysninger" :-)

Synes godt om

agersnap Nybegynder

29. november 2005 - 21:26 #16

okay tak har fundet den nu, er jeg så færdig, eller er der noget mere....

Synes godt om

ejvindh Ekspert

29. november 2005 - 21:33 #17

Næh, hvis du har fået fixet de O18-linier, og gjort de ting jeg skrev i afskeds-salutten, så har jeg ikke mere. :-)

Ikke udover at du skal huske at lukke spørgsmålet ved at markere mit navn ude til venstre for dialogboksen, og klikke på accepter. ;-)

Synes godt om

agersnap Nybegynder

29. november 2005 - 21:39 #18

det skal jeg nok gøre, tusind tak for hjælpen, det var rart at den blev normal igen, for den er vel normal...

Synes godt om

ejvindh Ekspert

29. november 2005 - 21:58 #19

Takker for point :-) Om computeren er normal skal jeg ikke gøre mig til dommer over (det kan du bedst selv vurdere), men loggen er i hvert fald ren ;-) Hvis du ikke synes alt er på plads, må du lige give en tilbagemelding på, hvad der mangler?

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

24/04

Test: Fra sofaen til haven - Sonos Play er en multikunstner der kan det meste

24/04

Nørgaard: Et fælt dilemma: Skal vi betale en milliard kroner eller 100.000 kroner for et system?

24/04

Kommunal it-formand: Derfor er det afgørende at vi kan beholde alle vores it-folk, når vi lægger kommuners it-drift sammen

24/04

Her er Danmarks fem bedste CIO’er lige nu: De er nomineret til prisen som Årets CIO 2026

24/04

AI-selskaber er på jagt efter ny træningsdata: Opkøber nu mailarkiver fra konkursramte selskaber

24/04

Ny sæson af kæmpesuccessen Silo på trapperne: Nu nærmer afslutningen sig

24/04

Nykredit overtager BEC med mere end 1.000 ansatte

24/04

Nu kårer vi de største leder-talenter i den danske it-verden: Giv os et praj, hvis du kender et talent

24/04

Antonio løfter sløret for de benhårde vilkår i Silicon Valley: Her er moralen altid til forhandling

24/04

Læs Computerworlds tema-nummer om fremtidens AI: Sådan kommer det til at påvirke os

24/04

Tre bestemte fejl får virksomheder til at snuble i AI

Vis flere artikler

IT-JOB

Jet Time A/S

Dataanalytiker (Data Analyst)

Capgemini Danmark A/S

IGNITE Graduate Program 2026

Netcompany A/S

Microsoft Operations Engineer

TV2

Erfaren leder til Finance og People & Culture teknologi i TV 2

Jyske Bank

Forretningsudvikler til Wealth, Indsigter og Opfølgning

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

24/0417:35	Kan ikke resette PC med Windows 8.1 Af TTA i Office & Kontorpakker
24/0413:33	Lukning af Microsoftkonto Af ErikHg i Windows
23/0416:10	Bat file. Af johnnylassen i Andet programmering
23/0410:28	“Signe” Svindel omtalt i medier Af nu_igen i Mobiltelefoner
22/0420:59	RAID controller virker ikke ved tilslutning af alle 4 harddiske Af Strawberry i Andet hardware

White papers

Find den SOC-model, der virker i praksis
SecureDevice
Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf
Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta

Flere white papers »