Notifikationer

Markér alle som læst Log ud

tuep Nybegynder

11. maj 2006 - 09:35 Der er 13 kommentarer og
1 løsning

Falsk messenger på spansk

Hej Eksperter

Her tilmorgen kom der en ny messenger op på min skærm og jeg så ikke at den var på spansk, men ellers så næsten ud som den plejer. Efter at have indtastet min mail og password, kom der så besked, på spansk, om at jeg ikke kunne logge på.
Efterfølgende kunne jeg ikke lukke de falsk messenger ned og den lå forrest, midt på skærmen, lige meget hvad jeg gjorde.
Da jeg forsøgte at lukke maskinen, var den væk!
Den kom igen da jeg tændt!

Har lavet en HiJack fil og håber nogen kan hjælpe:

Logfile of HijackThis v1.99.1
Scan saved at 09:18:33, on 11-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
C:\Programmer\CA\eTrust Antivirus\InoRT.exe
C:\Programmer\CA\eTrust Antivirus\InoTask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\DOCUME~1\sj\LOKALE~1\Temp\Midlertidig mappe 1 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Programmer\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [UC_Start] C:\Programmer\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Programmer\Fælles filer\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpybotSnD] "C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe" /taskbarhide /autocheck /autoupdate /autoimmunize /autofix /autoclose /waitmore
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Msn Messenger] C:\WINDOWS\system32\msnmsnr.scr
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [boby] C:\WINDOWS\system32\csrs.scr
O4 - HKCU\..\Run: [boby.] C:\WINDOWS\system32\Isass.scr
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bw+0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

På forhånd tak :-)

Synes godt om

forevernewbie Nybegynder

11. maj 2006 - 10:06 #1

Ja, du har "besøg". Kør de to scannere nævnt her http://www.eksperten.dk/artikler/954

Genstart, og kom med en ny log. Når vi er færdige, skal du skifte alle passwords, banknøgler osv.

Synes godt om

tuep Nybegynder

11. maj 2006 - 11:52 #2

hmmmm, jeg kan ikke finde drweb-cureit.exe efter at have lags SAS ind!?!? Har forsøgt lede/søge i både fejlsikker tilstand og normat tilstand, men den er der ikke!

Har fulgt dit svar i modsatte rækkefølge! Har lukket alt hvad lukkes kunne!

Synes godt om

fromsej Praktikant

11. maj 2006 - 13:46 #3

Så bare kom med SAS loggen og en frisk Hijackthislog.

Synes godt om

forevernewbie Nybegynder

11. maj 2006 - 15:41 #4

Til info, har du besøg af disse trojanere:
http://www.sophos.com/virusinfo/analyses/trojbancbangt.html

http://www.sophos.com/virusinfo/analyses/trojbancbanoh.html

Synes godt om

tuep Nybegynder

15. maj 2006 - 10:52 #5

"godmorgen" :-)

Ingen mindre end Fromsej er nu på banen! Dejligt :-)
Hermed først en Hijack log.

Hilsen Tue

Logfile of HijackThis v1.99.1
Scan saved at 09:53:18, on 15-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
C:\Programmer\CA\eTrust Antivirus\InoRT.exe
C:\Programmer\CA\eTrust Antivirus\InoTask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Programmer\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Programmer\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Programmer\IBM\Messages By IBM\ibmmessages.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmer\Logitech\iTouch\iTouch.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\msnmsnr.scr
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\DOCUME~1\sj\LOKALE~1\Temp\Midlertidig mappe 1 for hijackthis.zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Programmer\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [UC_Start] C:\Programmer\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Programmer\Fælles filer\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpybotSnD] "C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe" /taskbarhide /autocheck /autoupdate /autoimmunize /autofix /autoclose /waitmore
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [Msn Messenger] C:\WINDOWS\system32\msnmsnr.scr
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bw+0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

Synes godt om

tuep Nybegynder

15. maj 2006 - 10:54 #6

-og her kom så loggen fra SAS

SUPERAntiSpyware Scan Log
Generated 05/11/2006 at 10:44 AM

Core Rules Database Version : 2925
Trace Rules Database Version: 1049

Memory threats detected : 0
Registry threats detected : 5
File threats detected : 100

Adware.Tracking Cookie
C:\Documents and Settings\sj\Cookies\sj@revsci[1].txt
C:\Documents and Settings\sj\Cookies\sj@cgi-bin[1].txt
C:\Documents and Settings\sj\Cookies\sj@serving-sys[1].txt
C:\Documents and Settings\sj\Cookies\sj@track.adform[1].txt
C:\Documents and Settings\sj\Cookies\sj@bs.serving-sys[2].txt
C:\Documents and Settings\sj\Cookies\sj@1070847646[1].txt
C:\Documents and Settings\sj\Cookies\sj@adtech[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@2o7[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@ad.yieldmanager[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@ad1.emediate[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adopt.specificclick[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adrevolver[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adrevolver[3].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@ads.digitalpoint[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@ads.vnuemedia[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@ads2.jubii[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adserver.banneradministration[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adtech[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adv.surinter[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@adx.adhostcenter[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@apmebf[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@as1.falkag[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@bannerspace[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@belnk[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@bizrate[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@bluestreak[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@bs.serving-sys[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@c.goclick[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@c3.gostats[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@clickability[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@counter.fateback[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@counter.sparklit[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@creativeby.viewpoint[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@dist.belnk[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@e-2dj6wjmysiazwlq.stats.esomniture[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@fl01.ct2.comclick[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@hc2.humanclick[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@indextools[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@overture[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@qksrv[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@realmedia[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@server.iad.liveperson[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@serving-sys[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@statcounter[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@tacoda[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@track.adform[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@tradedoubler[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@tribalfusion[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@versiontracker[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@weborama[2].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@xiti[1].txt
C:\Documents and Settings\Mette Hübner\Cookies\mette hübner@zedo[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@2o7[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ad.yieldmanager[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ad1.emediate[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adopt.euroclick[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adopt.hbmediapro[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adopt.specificclick[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ads.pointroll[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ads.tiscali[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ads1.revenue[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adserver.banneradministration[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adserver.weakgame[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@adtech[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@apmebf[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@as-eu.falkag[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@as1.falkag[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@belnk[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@bizrate[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@bs.serving-sys[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@c4.zedo[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@clicktorrent[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@counter[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@dist.belnk[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@http.edge.vru4[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@i.screensavers[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@ilead.itrack[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@indextools[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@kanoodle[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@m1.webstats4u[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@qksrv[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@revenue[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@revsci[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@sel.as-eu.falkag[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@server.iad.liveperson[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@serving-sys[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@statcounter[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@superstats[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@track.adform[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@tradedoubler[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@tribalfusion[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@valueclick[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@www.etracker[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@www.screensavers[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@www.smartadserver[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@xiti[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@yieldmanager[2].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@z1.adserver[1].txt
C:\Documents and Settings\Sanne Jørgensen\Cookies\sanne jørgensen@zedo[1].txt

Adware.MyWebSearch
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\InprocServer32#ThreadingModel
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\Programmable
HKCR\CLSID\{07B18EA9-A523-4961-B6BB-170DE4475CCA}\TypeLib

Unclassified.Unknown Origin
C:\Programmer\Logitech\Desktop Messenger\8876480\7.2.0.137-8876480SL\Program\Restart.exe

Synes godt om

forevernewbie Nybegynder

15. maj 2006 - 16:44 #7

Fix denne med Hijackthis:

O4 - HKLM\..\Run: [Msn Messenger] C:\WINDOWS\system32\msnmsnr.scr

Slet denne fil:

C:\WINDOWS\system32\ msnmsnr.scr

Logitech Desktop Messenger gør ikke meget gavn, og laver også lidt ballade på maskinen (se loggen), så den vil jeg foreslå, at du afinstallerer.

Der ligger lidt rester af Norton, som du kan fjerne her
http://service1.symantec.com/Support/tsgeninfo.nsf/docid/2005033108162039

Kom med en frisk log efter genstart, og lad mig høre om "messengereren" er væk.

Synes godt om

tuep Nybegynder

16. maj 2006 - 09:16 #8

Det må jeg sige! Den er væk fra skrivebordet.
Nedenstående ny Hijack.

Hvis det er tid til svar, så kast :-)

1000 tak for hjælpen

Logfile of HijackThis v1.99.1
Scan saved at 09:12:15, on 16-05-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
C:\Programmer\CA\eTrust Antivirus\InoRT.exe
C:\Programmer\CA\eTrust Antivirus\InoTask.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\System32\RegSrvc.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\system32\TpKmpSVC.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\TpShocks.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
C:\Programmer\IBM\Messages By IBM\ibmmessages.exe
C:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe
C:\Programmer\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\IBMTOOLS\UTILS\ibmprc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Programmer\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Programmer\Logitech\iTouch\iTouch.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe
C:\PROGRA~1\CA\ETRUST~1\realmon.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Programmer\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\DOCUME~1\sj\LOKALE~1\Temp\Midlertidig mappe 2 for hijackthis[1].zip\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - c:\Programmer\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [S3TRAY2] S3Tray2.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Programmer\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Programmer\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe irprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [TPKMAPHELPER] C:\Programmer\ThinkPad\Utilities\TpKmapAp.exe -helper
O4 - HKLM\..\Run: [TpShocks] TpShocks.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [BMMLREF] C:\Programmer\ThinkPad\Utilities\BMMLREF.EXE
O4 - HKLM\..\Run: [BMMMONWND] rundll32.exe C:\PROGRA~1\ThinkPad\UTILIT~1\BatInfEx.dll,BMMAutonomicMonitor
O4 - HKLM\..\Run: [TP4EX] tp4ex.exe
O4 - HKLM\..\Run: [EZEJMNAP] C:\PROGRA~1\ThinkPad\UTILIT~1\EzEjMnAp.Exe
O4 - HKLM\..\Run: [UC_Start] C:\Programmer\IBM\Updater\\ucstartup.exe
O4 - HKLM\..\Run: [NAV CfgWiz] c:\Programmer\Fælles filer\Symantec Shared\CfgWiz.exe /GUID NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\\ibmmessages.exe
O4 - HKLM\..\Run: [UpdateManager] "c:\Programmer\Fælles filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [IBMPRC] C:\IBMTOOLS\UTILS\ibmprc.exe
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programmer\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [MMTray] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpybotSnD] "C:\Programmer\Spybot - Search & Destroy\SpybotSD.exe" /taskbarhide /autocheck /autoupdate /autoimmunize /autofix /autoclose /waitmore
O4 - HKLM\..\Run: [Realtime Monitor] C:\PROGRA~1\CA\ETRUST~1\realmon.exe -s
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [mmtask] "C:\Program Files\MUSICMATCH\MUSICMATCH Jukebox\mmtask.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ibmmessages] C:\Programmer\IBM\Messages By IBM\ibmmessages.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] \Program\
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Programmer\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [JAVA_IBM] Java (IBM)
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} (SupportSoft SmartIssue) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} (SupportSoft Script Runner Class) - http://www.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1F2F4C9E-6F09-47BC-970D-3C54734667FE} (LSSupCtl Class) - http://www.symantec.com/techsupp/asa/ctrl/LSSupCtl.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} (ActiveDataInfo Class) - http://www.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/activex/e-Safekey/DB/e-Safekey.cab
O18 - Protocol: bw+0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {F5F57FF2-3DFE-4FC3-ADFD-44B24E1D3D23} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: IBM Rapid Restore Ultra Service - Unknown owner - C:\Programmer\IBM\IBM Rapid Restore Ultra\rrpcsb.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\System32\ibmpmsvc.exe
O23 - Service: eTrust Antivirus RPC Server (InoRPC) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRpc.exe
O23 - Service: eTrust Antivirus Realtime Server (InoRT) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoRT.exe
O23 - Service: eTrust Antivirus Job Server (InoTask) - Computer Associates International, Inc. - C:\Programmer\CA\eTrust Antivirus\InoTask.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:\WINDOWS\system32\PsaSrv.exe (file missing)
O23 - Service: QCONSVC - IBM Corp. - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: RegSrvc - Intel Corporation - C:\WINDOWS\System32\RegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\WINDOWS\System32\S24EvMon.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\System32\ScsiAccess.EXE
O23 - Service: IBM KCU Service (TpKmpSVC) - Unknown owner - C:\WINDOWS\system32\TpKmpSVC.exe

Synes godt om

fromsej Praktikant

16. maj 2006 - 16:47 #9

Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, genstart i fejlsikret (tryk på <F8> under opstarten), slet mapper og filer listet længere nede.

O4 - HKCU\..\Run: [LDM] \Program\
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O18 - Protocol: Alle
---------------------------------------
Sletning af \mapper\ og filer:
Åbn Stifinder, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".
Brug af Start->Søg.
Klik på "Skift søgefunktioner for filer og mapper"
Sæt prik i "Avanceret" og klik OK.
Klik på "Alle filer og mapper"
Klik på "Flere avancerede indstillinger"
Sæt flueben i de tre øverste.
-------------------
Mapper:
<Ingen>
-------------------
Filer:
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
---------------------------------------
Genstart normalt vi behøver ikke flere logs.

Du bør lige deaktivere systemgendannelse, genstarte og genaktivere samt sætte filvisning til normal.
http://spywarefri.dk/virusscannere.htm#alle - Systemgendannelse.
Åbn en mappe, klik på Funktioner >Mappeindstillinger >Vis.
Sæt flueben ved "Skjul beskyttede operativsystemfiler".
Sæt flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis ikke skjulte filer og mapper".

For at holde den ren kan du kigge på vores pakke til formålet.
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm
Som minimum anbefaler jeg Spywareguard, Spywareblaster, IE-Spyad og IE Privacy Keeper.
Et par artikler om sikker surfing finder du her:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
http://fromsej.dk/html/avoid.html
Mvh:
Fromsej/Team Spywarefri.

Synes godt om

forevernewbie Nybegynder

16. maj 2006 - 16:58 #10

Det er nogle kedelige trojanere du har haft besøg af, så du bør udskifte alle dine passwords (også til MSN), bankkoder osv.

Synes godt om

tuep Nybegynder

17. maj 2006 - 11:25 #11

Jeg siger 1000 tak for hjælpen til alle. Det var godt nok en sej fætter at få bugt med!
Så skal jeg igang med at ændre div. passwords m.m.

Mvh. Tue

Synes godt om

fromsej Praktikant

17. maj 2006 - 15:54 #12

Velbekomme, og jeg siger tsk for point.*S*

Forevernewbie, skal vel have det halve?

Synes godt om

fromsej Praktikant

17. maj 2006 - 15:55 #13

Tsk = tak, der er nogen der har rykket tastaturet.

Synes godt om

tuep Nybegynder

17. maj 2006 - 17:09 #14

nej, Forevernewbie skal da have det samme :-)De ligger her: http://www.eksperten.dk/spm/710000

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

17/04

Stortest: ChatGPT, Gemini og Claude mod de europæiske og kinesiske alternativer – hvilken løsning er bedst?

17/04

Vigtige oplysninger om Forsvarets it-sikkerhed er på 73. dag mørklagt: “Jeg er rigtig træt af det her," siger chef i Rigsrevisionen

17/04

AI-topforsker til danske politikere: I risikerer at gøre jer mere afhængige af techgiganter

17/04

Nørgaard: Du bør tage fri fra arbejde så du kan arbejde igennem

17/04

Digital suverænitet: Fire europæiske it-selskaber bliver hoved-leverandører til EU - tegner milliard-kontrakt

17/04

10 måneders ingeniørarbejde kan nu klares på en enkelt dag ved hjælp af AI

17/04

Her er de bedste pc’er til prisen lige nu: Sidste udkald hvis du skal have en skarp pris

17/04

Google Chrome mangler basal beskyttelse mod tracking - så nemt er det at følge dig

17/04

Sam Altmans hjem blev angrebet med brand-bomber – nu kommer en af selskabets topchefer med en advarsel

17/04

Tusinder af danske bank-folk erstattes af AI: Formand er bekymret

17/04

Tidsrejser, traumer og den svære kunst at gøre det hele om

Vis flere artikler

IT-JOB

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Stærk sagsbehandler til støtte for Kapacitetsmanager og egen portefølje

Netcompany A/S

Data Management Consultant

Forsvaret

Operativ medarbejder i 3 Squadron i Jægerkorpset

Det Kongelige Danske Kunstakademis Skoler

IT-konsulent til forskerstøtte søges til Det Kongelige Akademi - Arkitektur, Design, Konservering

Netcompany A/S

Network Engineer

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I går 19:43	Installation af Adobe Photoshop Elements 2019 Af mort1 i Billedbehandling
17/0418:29	Gendanne slettet partition overskrevet med Windows 11 Af Strawberry i Windows
17/0416:11	Samle data fra flere kolonner i 1 Af FinnLauridsen i Excel
17/0414:44	ny fjernbetjening til DVD afspiller fra 2004 Af Nette i Andet hardware
17/0412:36	Manglende kode Af Bent i Windows

White papers

Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Arctic Wolf Security Operations Report 2025: Indblik i moderne sikkerhedsdrift
Arctic Wolf
Find den SOC-model, der virker i praksis
SecureDevice

Flere white papers »