dropper.mimail vil ikke forsvinde

AVG burde kunne slette den i fejlsikret. Ellers foreslå hende at køre denne scanner:


Hent denne scanner ned til skrivebordet ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe Vent med at køre den.


Start op i fejlsikret tilstand (tast f8 flere gange under opstart). Hvis du ikke kan det, så se her
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1


Dobbeltklik på drweb-cureit.exe. Den vil køre en express scan, og det siger du ja til.

Når den skriver "Select object for scanning" nederst til venstre, skal du klikke på Options->Change settings.

Skift til fanebladet SCAN, og fjern fluebenet ved "Heuristic analysis".

Skift til fanebladet Actions. Under ADWARE indstiller du til DELETE. Alle andre punkter under MALWARE sættes til MOVE. Fjern fluebenet ved PROMPT ON ACTION. Klik ANVEND og OK.

Klik på de drev du vil have scannet. Der kommer en rød prik, som viser at de er valgt.

Klik på den grønne pil ovre til højre på siden, for at starte scanningen.

hej forevernewbie. Tak for svaret. min veninde har nu prøvet overstående, men den finder den og den skriver at det er uncurable. Så hun har den stadigvæk og kan ikke komme af med den :(.. Så havde hun egentlig også fået fjernet en der hedder "gaelicum" men den bliver også ved med at vænne tilbage.

Prøv at lade hende køre denne scanner i stedet for:

Hent denne scanner, men vent med at scanne.

http://www.spywareinfo.dk/download/mwav.exe

Sæt flueben i følgende:
Memory, Startup folders, drive, Registry, System folders og Services.
Sæt prik i følgende:
All local drives og Scan all files.

Tip: du skal ikke klikke på Add to Startup folders så scannes din maskine hver gang du starter Windows op.

Så trykker du på Scan Clean. Den skanner nu, og det kan godt vare ret længe.


Når den er færdig, så klikker du i vinduet "Virus log information". Tryk så Ctrl+A, så er det markeret. Tryk så Ctrl+C, så er det kopieret til udklipsholder. Sæt det ind i et stykke notesblok,og kopier det her ind bagefter.


Lad mig også lige se en Hijackthis log fra hende, hvis muligt:

http://www.spywarefri.dk/downloads1/hijackthis.exe

Kør HijackThis, klik Do a systemscan and save a logfile, og kopier logfilen herind, så kigger jeg på den.

Hej!
Det er mig, der er veninden. :D

Jeg har downloadet programmet, men når jeg vil åbne det, får jeg at vide, at "det ikke er et gyldigt WIN32-program"?

Mvh
Julie. :)

Er det MWAV eller HijackThis der giver den fejl ?

Prøv lige at køre dette værktøj, som burde kunne fjerne den http://www.symantec.com/avcenter/venc/data/w32.mimail.removal.tool.html

Kør det helst i fejlsikret tilstand (tast f8 flere gange under opstart)

MWAV. :)

Jeg prøver det andet, du nævner. :)

Det lader til at andre har samme problem med MWAV i øjeblikket.

Hvis Symantec værktøjet ikke fjerner den, så prøv lige at køre Dr Web igen. Når den så siger incurable, så vælg delete i stedet. Det burde den tilbyde.

Både Symantec og Dr Web siger, at jeg ikke har virus - mens AVG siger, at dropper.mimail stadig er der. Hvem har mon ret? :D

Lad os lige prøve at se hvad HijackThis siger:

http://www.spywarefri.dk/downloads1/hijackthis.exe

Kør HijackThis, klik Do a systemscan and save a logfile, og kopier logfilen herind, så kigger jeg på den.

Logfile of HijackThis v1.99.1
Scan saved at 20:07:03, on 01-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmer\QuickTime\qttask.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\SPYWAREfighter\spfprc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
C:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearchIndexer.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Documents and Settings\Julie B J\Lokale indstillinger\Temporary Internet Files\Content.IE5\ODQNCLUN\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webbyen.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Programmer\SPYWAREfighter\spfprc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/229?24fc7947a45744c9b6d6b3c191d3174a
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/230?24fc7947a45744c9b6d6b3c191d3174a
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://pq.cvuvita.dk/qp2.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00024} (Ringkj›bing Landbobanks Netbank) - https://www.landbobanken.dk/slandbobankibp2500ib100.cab
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540000} - http://www.spywarestormer.com/files2/Install.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) - http://shopping.jubii.dk/foto/components/photoupload.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.freefiles.dk/scan/Msie/bitdefender.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - http://fc.hum.au.dk/ClientDownloads/fcplugin.cab
O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exe
O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp01.photoprintit.de/microsite/10023/defaults/activex/ImageUploader2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/10023/defaults/activex/ImageUploader3.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.cab
O16 - DPF: {F0FCC76D-767E-4759-A447-62289CA775AA} (Coreport SSO Client) - http://sail.scania.com/sail/v52/ie/controls/CoreportSsoClient.cab
O18 - Protocol: bw+0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmer\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Der er nu ingen tegn på Mimail i loggen, så AVG tager formentligt fejl. Hvis du har kørt onlinescanningerne fornyligt, og de ikke har fundet noget, må det være sådan det hænger sammen. Hvilken fil siger AVG er inficeret ?


Jeg vil foreslå dig at afinstallere Logitech Desktop Messenger. Den gør ikke meget gavn, og laver lidt ballade på maskinen (se alle linierne i loggen).


Hent denne scanner http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

Installer, og opdater scanneren manuelt. OBS, ved installationen bliver det foreslået at du registrerer med din email. Det behøver du ikke at gøre.


Start op i fejlsikret tilstand (tast f8 flere gange under opstart). Hvis du ikke kan det, så se her
http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1


Start SuperAntiSpyware, klik "Scan your computer", sæt flueben i dine drev, ovre til venstre i vinduet. Ovre til højre i vinduet, sætter du prik i "Perform Complete Scan". Klik "næste", nu scanner den. Når den er færdig, så markerer du det den finder, og lader scannereren fjerne det.

Genstart til normal tilstand (scanneren tilbyder måske at gøre det).


Åbn scanneren igen, og klik "preferences"-> "stastics/logs". Marker loggen, og klik "View log". Kopier loggen her ind i tråden, sammen med en frisk HijackThis log.

Logitech Desktop Messenger er hermed fjernet. :)

Jeg har hentet scanneren, men den vil ikke scanne i fejlsikret tilstand?

Okay, så kør den bare i normaltilstand

SUPERAntiSpyware Scan Log
Generated 07/02/2006 at 01:54 AM

Core Rules Database Version : 3000
Trace Rules Database Version: 1079

Memory threats detected  : 0
Registry threats detected : 12
File threats detected    : 140

Adware.Tracking Cookie
    C:\Documents and Settings\Julie B J\Cookies\julie b j@maxserving[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ehg.hitbox[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@dist.belnk[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@revenue[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@apmebf[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@bugs[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@statcounter[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@indextools[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ehg-nokiafin.hitbox[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@advertising[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adtech[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@e2.emediate[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@click.tdc-online[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@as1.falkag[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@cgi-bin[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@belnk[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@qksrv[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad.ofir[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@phg.hitbox[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tracker.affistats[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@www.etracker[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.pointroll[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@zedo[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@a[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ehg-dig.hitbox[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tradedoubler[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@fastclick[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@yadro[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@targetnet[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@yieldmanager[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@burstnet[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@indexstats[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@m1.webstats4u[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@atdmt[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@questionmarket[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@doubleclick[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@gettyimages.122.2o7[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@z1.adserver[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads2.jubii[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@track.adform[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@countercentral[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@clicks.hmcampaign[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@52412438[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ilead.itrack[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@bannere.fyens[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.skisport[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@hg1.hitbox[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad1.emediate[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.hveruge[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@as-us.falkag[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adserver.banneradministration[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@stat.onestat[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@server.iad.liveperson[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad.yieldmanager[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@valueclick[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@globalstat[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adopt.euroclick[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tribalfusion[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@serving-sys[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@mediaplex[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@123stat[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.as4x.tmcs[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tripod[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@pphlogger[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.softure[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adfair[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@image.masterstats[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.realtechnetwork[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.gallileus[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@elitehost[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adverts.digitalspy.co[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.planetactive[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tacoda[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@server3.web-stat[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@stat.postdanmark[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@1071214352[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad.zanox[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@komtrack[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@stat.www[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@e-2dj6wfkycjdjmlq.stats.esomniture[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@cassava[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@advertpro2.babymedia[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@admarketplace[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@paypopup[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@webstat[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.cnn[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@cnn.122.2o7[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ehg-yvesrocher.hitbox[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@www.webstat[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.vg.basefarm[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@cgi-bin[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@xiti[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adopt.hbmediapro[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@fixionmedia[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adserver.easy-ad[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@2o7[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@flashstat.jubii[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@rotator.adjuggler[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@adserv.eternalgaming[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@stat.inleadmedia[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@1072490498[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@click.drncampaign.buyingexperience[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@interclick[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@revsci[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@web4.realtracker[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@stats1.reliablestats[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@estat[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@banneradministration[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@realmedia[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad.adnet[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@mb[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@s[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.contactmusic[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@4stats[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@atwola[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@msnportal.112.2o7[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@www.statsinaflash[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ad.redzoneglobal[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@overture[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ads.as4x.tmcs.ticketmaster[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@clicktorrent[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@bs.serving-sys[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@www.belstat[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@ehg-gmi.hitbox[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@tdstats[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@nbcuniversal.122.2o7[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@fortunecity[2].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@888[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@www.888[1].txt
    C:\Documents and Settings\Julie B J\Cookies\julie b j@counter[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@ad.ofir[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@ad1.emediate[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@adfair[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@ads.cnn[1].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@adserver.banneradministration[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@indextools[2].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@m1.webstats4u[1].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@stat.postdanmark[1].txt
    C:\Documents and Settings\Julie B J\Lokale indstillinger\Temp\Cookies\julie b j@track.adform[1].txt

Registry Cleaner Trial
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs#C:\WINDOWS\Downloaded Program Files\Install.dll [
]

Trojan.Spyware Stormer
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}#SystemComponent
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}#Installer
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\Contains
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\Contains\Files
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\Contains\Files#C:\WINDOWS\Downloaded Program Files\Install.dll
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\DownloadInformation
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\DownloadInformation#CODEBASE
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\DownloadInformation#INF
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\InstalledVersion
    HKLM\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{205FF73B-CA67-11D5-99DD-444553540000}\InstalledVersion#LastModified

Unclassified.Unknown Origin
    C:\Program Files\Logitech\Desktop Messenger\8876480\6.1.4.68-8876480L\Program\Restart.exe

Logfile of HijackThis v1.99.1
Scan saved at 12:59:01, on 02-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Spyware Doctor\sdhelp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\SPYWAREfighter\spfprc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearchIndexer.exe
C:\Programmer\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Julie B J\Lokale indstillinger\Temporary Internet Files\Content.IE5\ODQNCLUN\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webbyen.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Programmer\SPYWAREfighter\spfprc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/229?24fc7947a45744c9b6d6b3c191d3174a
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/230?24fc7947a45744c9b6d6b3c191d3174a
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~2\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://pq.cvuvita.dk/qp2.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00024} (Ringkj›bing Landbobanks Netbank) - https://www.landbobanken.dk/slandbobankibp2500ib100.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) - http://shopping.jubii.dk/foto/components/photoupload.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.freefiles.dk/scan/Msie/bitdefender.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - http://fc.hum.au.dk/ClientDownloads/fcplugin.cab
O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exe
O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp01.photoprintit.de/microsite/10023/defaults/activex/ImageUploader2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/10023/defaults/activex/ImageUploader3.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.cab
O16 - DPF: {F0FCC76D-767E-4759-A447-62289CA775AA} (Coreport SSO Client) - http://sail.scania.com/sail/v52/ie/controls/CoreportSsoClient.cab
O18 - Protocol: bw+0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: fcp - {B3133379-8789-4D3C-9593-C205D7297501} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmer\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Så blev din log ren. Får du stadigvæk meddelelser fra AVG om Mimail ?

Du kan lige fixe resterne af Desktopmessenger:

Kør en scanning med HijackThis, så du kan se alle filer. Luk alle vinduer, sæt flueben ved disse linier, og klik fix checked.

Fix alle 018 liner:

O18 - Protocol: bw+0 - {7DA76D32-94EE-487D-B1BE-1AFFE926AFC1} - C:\Programmer\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

Dette skriver AVG:

,"","Virus found Dropper.Mimail","C:\Documents and Settings\All Users\Dokumenter\XXX.folder","02-07-2006 15:55:47","XXX.folder","73.82 KB"

Jeg tror at AVG reagerer fejlagtigt på et eller andet. For en sikkerheds skyld, så prøv lige at få xxx.folder tjekket her http://virusscan.jotti.org/

"The file you uploaded is 0 bytes. It is very likely a firewall or a piece of malware is prohibiting you from uploading this file" - det var svaret. :)

Prøv om du kan scanne den her http://www.virustotal.com/en/indexf.html

Antivirus Version Update Result
AntiVir n -  no virus found
Authentium n -  no virus found
Avast n -  no virus found
AVG n -  no virus found
BitDefender n -  no virus found
CAT-QuickHeal n -  no virus found
ClamAV n -  no virus found
DrWeb n -  no virus found
eTrust-InoculateIT n -  no virus found
eTrust-Vet n -  no virus found
Ewido n -  no virus found
Fortinet n -  no virus found
F-Prot n -  no virus found
Ikarus n -  no virus found
Kaspersky n -  no virus found
McAfee n -  no virus found
Microsoft n -  no virus found
NOD32v2 n -  no virus found
Norman n -  no virus found
Panda n -  no virus found
Sophos n -  no virus found
Symantec n -  no virus found
TheHacker n -  no virus found
UNA n -  no virus found
VBA32 n -  no virus found
VirusBuster n - no virus found


Aditional Information
File size: 0 bytes
MD5: d41d8cd98f00b204e9800998ecf8427e

Jeg tror altså ikke der er noget skummelt i den der. Prøv lige at højreklikke på filen, vælg egenskaber, og se hvem der evt har lavet den, hvornår den er oprettet osv. Hvis du så ellers mener at den kan undværes, så syntes jeg du skal slette den, så du får fred for AVG. Inden du sletter den, syntes jeg du skulle lave en zippet kopi af den, for alle tilfældes skyld, og gemme den på en USB disk eller en CD.

Jeg kunne ikke finde filen, men fandt i stedet en mappe kaldet "pamela" under delte dokumenter. Det navn så jeg også i forbindelse med en af mine utallige scanninger. Jeg slettede indholdet, scannede med avg og vupti! Ingen virus. :D

Tusind, tusind tak for hjælpen. Det er en skam, at "bare-mig" har været så nærig med de points. ;) :D

Hun beder dig svare på tråden i stedet for at kommentere, så du kan få dine points. :)


Mange taknemmelige hilsner,

Julie :o)

Pyt med pointene, bare godt det lykkedes :)

Lige et par afsluttende råd:

Efter et virus/spyware angreb, er det altid en god ide at rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.

Hent ATF Cleaner her fra http://www.atribune.org/content/view/19/2/

Start ATF Cleaner. Sæt flueben i "Select all" (du kan undlade cookies, hvis du vil). Klik "Empty selected".

Link til sikring af din computer http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Tak - det vil jeg lige kigge på. :)

julie78.. nærig og nærig looool jeg vidste jo ik dit problem var sååå stort, så havde jeg sat nogle flere på *Gg*

Du får point nu forevernewbie :D

Jeg holder mig pænt ude af jeres lille diskussion *S*

Tak for point

forevernewbie: Jeg bliver lige nødt til at spørge dig om noget. :)

Siden jeg fik fjernet denne virus, har jeg ikke kunnet bruge universitetets konferencesystem, FirstClass (FC). Jeg kan logge ind, men når jeg vil læse en mail eller en besked, får jeg flg. besked:

"Windows kan ikke finde 'fcp://@fc.hum.dk,#7701070/TYS
Studenterforum/#32425927'. Kontroller, at du skrev navnet korrekt, og
forsøg derefter igen. Hvis du vil søge efter en fil, skal du klikke på
knappen Start og derefter klikke på Søg."

Jeg klikker på "OK" og så står der flg.:

"Hjælpeprogrammet tilfcp://@fc.hum.dk,#7701070/TYS
Studenterforum/#32425927.kan ikke åbnes. Den protokol, der er angivet i
denne adresse, er ugyldig. Kontroller, at adressen er korrekt, og prøv
igen."

Jeg klikker på "OK" - og så åbner den et nyt vindue.


Nogen idé om, hvad der kan være sket? Mon der er fjernet noget, der ikke skulle have været fjernet?

Jeg har selvfølgelig skrevet til IT-afdelingen, men det virker ikke som om, de vil hjælpe: "Der er nok noget galt med din computer"... Jo tak... ;) :D

Jeg går ud fra at denne activeX er dit login:

O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - http://fc.hum.au.dk/ClientDownloads/fcplugin.cab

Den minder i mistænkelig grad om noget spyware, og en af scannerne kan have taget fejl, og fjernet noget den ikke skulle. Hvis du har mulighed for at geninstallere dit login, vil det nok være et forsøg værd.

Hvad er det dog for en IT afdeling ? Er de der ikke for at hjælpe ?

Hej!

De har sikkert travlt med at hjælpe de højere herrer... ;) :D

Jeg har i mellemtiden downloadet en ny "klient", så jeg kan logge på på en anden måde. Så håber jeg, det bliver ved med at fungere, for jeg kan ikke undvære adgangen til intranettet.

Jeg har lige været væk fra computeren et par timer, og da jeg kommer tilbage, er skærmen sort, og der står noget med www.ami.com American et-eller-andet. Jeg har aldrig set det før, så jeg tænker straks "åh nej"... Jeg kunne intet gøre, så jeg måtte slukke på kontakten. Da jeg startede igen, meldte microsoft om fejl, og jeg sendte en fejlrapport. Er det mon endnu en virus?

Mange hilsener,
Julie.

Jeg trykkede iøvrigt ikke på linket - det turde jeg ikke, så jeg ved ikke, hvad det er. :)

Kom lige med en HijackThis log. Den side er iøvrigt ok.

Logfile of HijackThis v1.99.1
Scan saved at 18:04:17, on 18-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Lexmark X1100 Series\lxbkbmon.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Programmer\Logitech\Video\LogiTray.exe
C:\Programmer\SPYWAREfighter\spfprc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Programmer\Skype\Phone\Skype.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\Logitech\Video\FxSvr2.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearchIndexer.exe
C:\Programmer\HP\Digital Imaging\bin\hpqgalry.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Julie B J\Lokale indstillinger\Temporary Internet Files\Content.IE5\O9UR0DEZ\hijackthis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webbyen.dk/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.dk/0SEDADK/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: MSN Search Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O3 - Toolbar: MSN Search Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programmer\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Programmer\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Programmer\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [spywarefighterguard] C:\Programmer\SPYWAREfighter\spfprc.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU\..\Run: [Skype] "C:\Programmer\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [RealPlayer] "C:\Programmer\Real\RealPlayer\realplay.exe" /RunUPGToolCommandReBoot
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] C:\Programmer\Logitech\Video\ManifestEngine.exe boot
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programmer\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows-pc-søgning.lnk = C:\Programmer\MSN Toolbar Suite\DS\02.05.0001.1119\da-dk\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Programmer\MSN Toolbar Suite\TB\02.05.0000.1105\da-dk\msntb.dll/search.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Åbn på ny baggrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/229?24fc7947a45744c9b6d6b3c191d3174a
O8 - Extra context menu item: Åbn på ny forgrundsfane - res://C:\Programmer\MSN Toolbar Suite\TAB\02.05.0000.1105\da-dk\msntabres.dll/230?24fc7947a45744c9b6d6b3c191d3174a
O9 - Extra button: FirstClass® - {02011FE3-C22B-451d-9A25-BF4DBB38B8E7} - C:\WINDOWS\Downloaded Program Files\fcplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {05D96F71-87C6-11D3-9BE4-00902742D6E0} (QuickPlace Class) - http://pq.cvuvita.dk/qp2.cab
O16 - DPF: {1A8790BD-AEBD-11BD-A2BD-00625BD00024} (Ringkj›bing Landbobanks Netbank) - https://www.landbobanken.dk/slandbobankibp2500ib100.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {59B18099-4C1D-4A08-A9F7-ED0554006749} (Select Class) - http://shopping.jubii.dk/foto/components/photoupload.ocx
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - http://www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSScanner37380.cab
O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.freefiles.dk/scan/Msie/bitdefender.cab
O16 - DPF: {99B6E512-3893-4155-9964-8EB8E06099CB} (WebSpyWareKiller Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebSWK.cab
O16 - DPF: {9C196458-4145-46AF-8A77-1506878DFECA} (FirstClass® Control) - http://fc.hum.au.dk/ClientDownloads/fcplugin.cab
O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-0504.exe
O16 - DPF: {AABB591F-CEB3-404A-A979-AA30B16CB914} (IPLabs Image Uploader 2.5) - http://asp01.photoprintit.de/microsite/10023/defaults/activex/ImageUploader2.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C81B5180-AFD1-41A3-97E1-99E8D254DB98} (CSS Web Installer Class) - http://scanner.virus112.com/cabs/cssweb.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A675EE8} (IP-Uploader Control) - http://asp03.photoprintit.de/microsite/10023/defaults/activex/ImageUploader3.cab
O16 - DPF: {EDAF796E-9210-4417-ADDC-2AB18E4F6C27} (Hjemmeside.KvikFoto) - http://www.123hjemmeside.dk/builder/pages/KvikFoto.cab
O16 - DPF: {F0FCC76D-767E-4759-A447-62289CA775AA} (Coreport SSO Client) - http://sail.scania.com/sail/v52/ie/controls/CoreportSsoClient.cab
O20 - Winlogon Notify: SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Der er ikke noget snavs i loggen, men den her indikerer et problem:

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

Jeg vil umiddelbart foreslå dig at gå Start/Kør, og skrive chkdsk /r

Du vil blive bedt om en genstart. Kontrollen af harddisken kan godt tage lang tid.

Hvis det ikke hjælper, syntes jeg at du skulle oprette et spørgsmål i hardware kategorien, hvor der er flere hajer, der måske kan hjælpe dig. Læg evt et link til denne tråd.

Tusind tak, det vil jeg prøve. :)

Velbekomme

Der står, at det ikke kan køres, da diskenheden er i brug?

Så skal du bare trykke j og genstarte

j og <enter> selvfølgelig

Det prøvede jeg med det samme, men der skete intet, da jeg havde genstartet. Er alt så ok? :)

Jeg havde misforstået det med <enter>, så nu fungerede det. :D Jeg var her ikke, da den blev færdig - er alt så ok? :)

Prøv lige igen. Vælg j og tast <enter> og genstart. Der skal komme en blå skærm efter starten, hvor din harddisk bliver scannet for fejl.

Så ikke dit indlæg, men hvordan kører maskinen nu ?

Jeg synes ikke, jeg kan mærke forskel - men der var heller ikke noget galt som sådan - udover at jeg ikke forstod, hvorfor den sorte skærm med ami.com kom frem. :)

Jeg må blive dig svar skyldig mht til den skærm. Det ser ikke ud som der er snavs, men du kan da prøve at køre nogle scannere. Dr Web og SuperAntiSpyware f,eks.

Ja, det vil jeg gøre. :)
Tusind tak fordi du tog dig tid til at hjælpe mig. :) :)

Velbekomme :)