Notifikationer

Markér alle som læst Log ud

mr_y Nybegynder

29. marts 2007 - 12:58 Der er 3 kommentarer og
1 løsning

sløv pc med trojansk hest

Hej Eksperter

min pc er blevet sløv og mit antivirus melder om en trojansk hest. Ville lige høre om det var som det skulle være efter jeg har prøvet en del gange at fjerne den. :)

Logfile of HijackThis v1.99.1
Scan saved at 12:55:53, on 29-03-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TELIAS~1\backweb\9786136\Program\ServiceWrapper-9786136.exe
C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fsgk32st.exe
C:\Programmer\Telia SafeSurf\Anti-Virus\FSGK32.EXE
C:\Programmer\Telia SafeSurf\backweb\9786136\program\fsbwsys.exe
C:\Programmer\Telia SafeSurf\backweb\9786136\Program\fspex.exe
C:\Programmer\Telia SafeSurf\Common\FSMA32.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fssm32.exe
C:\Programmer\Telia SafeSurf\Common\FSMB32.EXE
C:\Programmer\ipMonitor8\ipmrptsrv8.exe
C:\Programmer\Telia SafeSurf\Common\FCH32.EXE
C:\Programmer\ipMonitor8\ipmservice8.exe
C:\Programmer\Telia SafeSurf\Common\FAMEH32.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fsqh.exe
C:\Programmer\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe
C:\Programmer\Telia SafeSurf\FSPC\fspc.exe
C:\Programmer\Telia SafeSurf\Anti-Virus\fsrw.exe
C:\Programmer\Telia SafeSurf\Common\FSM32.EXE
C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Programmer\NetLimiter 2 Pro\nlsvc.exe
C:\Programmer\ipMonitor8\ipm8watchdog.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\Telia SafeSurf\Anti-Virus\fsav32.exe
C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Programmer\Telia SafeSurf\FWES\Program\fsdfwd.exe
C:\PROGRA~1\TELIAS~1\Anti-Spyware\fsaw.exe
C:\Programmer\Telia SafeSurf\FSGUI\fsguidll.exe
C:\Programmer\Internet Explorer\IEXPLORE.EXE
C:\Programmer\BitComet\BitComet.exe
C:\Documents and Settings\polle\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/ig?hl=da
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Programmer\ICOO Loader\addons\icooue.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Programmer\BitComet\tools\BitCometBHO.dll
O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Programmer\ICOO Loader\addons\icoou.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Programmer\Telia SafeSurf\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Programmer\Telia SafeSurf\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Programmer\Telia SafeSurf\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [DLPSP] "C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLPSP.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Programmer\Fælles filer\InstallShield\UpdateService\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [SNM] C:\Programmer\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [StartCCC] C:\Programmer\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [18WoS_AASetup.exe] C:\Downloads\18WoS_AASetup-dm[1].exe /r
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Telia SafeSurf.lnk = C:\Programmer\Telia SafeSurf\backweb\9786136\Program\fspex.exe
O8 - Extra context menu item: &Bloker dette pop up-vindue - C:\Programmer\Telia SafeSurf\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Download all links using BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Programmer\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: Web Filter - {200DB664-75B5-47c0-8B45-A44ACCF73F01} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Websidefilter, pause - {200DB664-75B5-47c0-8B45-A44ACCF73F02} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Afvis websted - {200DB664-75B5-47c0-8B45-A44ACCF73F03} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: (no name) - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra 'Tools' menuitem: &Tillad websted - {200DB664-75B5-47c0-8B45-A44ACCF73F04} - C:\Programmer\Telia SafeSurf\FSPC\fspcmsie.dll
O9 - Extra button: Internet Explorer-beskyttelse - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\Telia SafeSurf\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: Internet Explorer-beskyttelse... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Programmer\Telia SafeSurf\Anti-Spyware\ieshield.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 - Broken Internet access because of LSP provider 'winsflt.dll' missing
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Programmer\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/tdccsp-0506.exe
O18 - Protocol: bw+0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programmer\Fælles filer\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AutoExNT - Unknown owner - C:\WINDOWS\system32\AutoExNT.Exe
O23 - Service: Telia SafeSurf (BackWeb Plug-in - 9786136) - BackWeb Technologies Inc. - C:\PROGRA~1\TELIAS~1\backweb\9786136\Program\ServiceWrapper-9786136.exe
O23 - Service: DevWatchR1 (DEVWATCHR1) - - C:\Programmer\Firestorm Software\LANBrowser\DEVWatchSVC.exe
O23 - Service: Dell Printer Status Watcher (DLPWD) - Dell Inc. - C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLPWDNT.EXE
O23 - Service: Dell Printer Status Database (DLSDB) - Dell Inc. - C:\Programmer\Dell Printers\Additional Color Laser Software\Status Monitor\DLSDBNT.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Programmer\Telia SafeSurf\Anti-Virus\fsgk32st.exe
O23 - Service: FSBWSYS (fsbwsys) - F-Secure Corp. - C:\Programmer\Telia SafeSurf\backweb\9786136\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Programmer\Telia SafeSurf\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure HTTP Server (fshttps) - F-Secure Corporation - C:\Programmer\Telia SafeSurf\FSPC\fshttps\fshttps.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Programmer\Telia SafeSurf\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: ipMonitorRpt - ipMonitor Corporation - C:\Programmer\ipMonitor8\ipmrptsrv8.exe
O23 - Service: ipMonitorSrv - ipMonitor Corporation - C:\Programmer\ipMonitor8\ipmservice8.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programmer\Fælles filer\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Programmer\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Programmer\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

Synes godt om

levich Nybegynder

29. marts 2007 - 17:37 #1

Jeg ser på det, øjeblik.

Synes godt om

levich Nybegynder

29. marts 2007 - 17:51 #2

(1)
Hent http://downloads.stevengould.org/cleanup/CleanUp40.exe
Læs vejledningen til Cleanup her: http://www.bleepingcomputer.com/forums/tutorial93.html

Hent AVG Anti-Spyware her: http://www.ewido.net/en/download/.
Installer programmer og opdater det, men vent med at scanne.

Hent og udpak Killbox http://www.bleepingcomputer.com/files/spyware/KillBox.zip

Hent http://www.cexx.org/LSPFix.exe.
Hvis du senere ikke kan komme på internettet, skal du køre lspfix.exe, marker "I know what I am doing" og klik på finish.

(2)
Scan med AVG Anti-Spyware, fix de ting som den finder og gem loggen, f.eks. på skrivebordet.

(3)
Fix følgende linjer med HijackThis:
O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Programmer\ICOO Loader\addons\icooue.dll
O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Programmer\ICOO Loader\addons\icoou.dll
O4 - HKLM\..\Run: [SNM] C:\Programmer\SpyNoMore\SNM.exe /startup
O4 - HKCU\..\Run: [18WoS_AASetup.exe] C:\Downloads\18WoS_AASetup-dm[1].exe /r
O18 - Protocol: bw+0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Windows Log - Unknown owner - C:\WINDOWS\system32\nvsvcd.exe

Endvidere fix alle linjer, der starter med:
O18
Undtagen
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
og
O18 - Protocol: offline-8876480 - {2B3E9E77-9A76-4B97-B01D-D9C5A56C6B1B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

(4)
Start KillBox, sæt prik i "Delete on reboot", kopier nedenstående filnavn(e) til tekstfeltet i Killbox og klik herefter på den røde knap med det hvide kryds. Gentag det for alle filerne, men sig først ja til at genstarte, når du kommer til den sidste fil. Du skal genstarte i fejlsikret tilstand.

C:\WINDOWS\system32\nvsvcd.exe

(5)
Åbn "denne computer", i menuen skal du klikke på Funktioner -> Mappeindstillinger -> Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler" og ved "Skjul filtypenavne for kendte filtyper", sæt prik i "Vis skjulte filer og mapper". Husk at trykke på knappen "Anvend på alle mapper" i stedet for "ok".

søg efter og slet følgende fil(er):
C:\Downloads\18WoS_AASetup-dm[1].exe
C:\WINDOWS\system32\nvsvcd.exe
… og følgende mappe(r):
C:\Programmer\ICOO Loader\
C:\Programmer\SpyNoMore\

Bemærk at nogle af dem kan allerede være slettet af AVG Anti-Spyware.

(6)
Kør Cleanup. Gå til option og sæt flueben ved cookies, prefetch, temp og all users. Tryk på “cleanup”.

(7)
Genstart computeren normalt. Lav en ny log med HijackThis, og send den herind sammen med loggen fra AVG Anti-Spyware, som du gemte tidligere.

Synes godt om

mr_y Nybegynder

14. juni 2007 - 13:01 #3

jeg har givet op kom med et svar og du får points. jeg har reinstalleret min maskine

Synes godt om

levich Nybegynder

14. juni 2007 - 18:08 #4

Synes godt om

Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Følg dette spørgsmål

Opret Preview

Se alle it-kurser fra Computerworld Kurser

IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Se alle it-kurser

Flere spørgsmål fra Virus kategorien

Titel	Indlæg	Oprettet	Seneste aktivitet
Vil skrifte antivirusprogram. Af ErikHg i Virus	22	26/11/202510:42	23/12/202514:29
Er gratis Bitdefender værd at installere ? Af Ikke-ekspert i Virus	8	31/08/202519:08	01/09/202514:18
Ukendte filer på min Pc Af jonpet i Virus	10	03/02/202514:20	04/02/202511:05
mulig ukendt virus Af jackie18 i Virus	3	18/01/202514:07	18/01/202516:39
virus popper op med jævne mellemrum Af Malm i Virus	13	18/01/202511:40	20/01/202517:53

Se alle spørgsmål i kategorien Opret spørgsmål

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester

Alle kategorier på Eksperten

Seneste artiklerRSS

03/04

Podcasten Hard Fork giver et skarpt blik på ugens vigtigste tech-historier

03/04

Nørgaard: Læs skideballen fra en ukrainer til Rheinmetal - og derfor trender #MadeByHousewives

03/04

Læs hele Computerworlds løn-magasin: Så meget får danske it-folk i løn

02/04

Sådan kan du implementere ansvarlig AI i din organisation

01/04

Vi tester to udgaver af Denons Home-højttalere - og vi er ikke i tvivl om dommen

01/04

Som slagterlærling traf Rasmus et livsændrende valg: Nu er han udviklingschef i kæmpe energivirksomhed

01/04

Hård kritik efter tirsdagens stor-nedbrud: MitID er som en stor hullet ost og kan udvikle sig til en national katastrofe

01/04

OpenAI får kæmpemæssig kapitaltilførsel: Bliver værdisat til 5.500 milliarder kroner

01/04

Anthropic-medarbejder har ved et uheld lækket hele Claude Codes kildekode: 500.000 linier kode sluppet fri

01/04

Mørklægger årsag til tirsdagens timelange MitID-nedbrud: Vil intet fortælle af 'sikkerhedsmæssige årsager'

01/04

Hver fjerde forventer nul kroner i lønforhøjelse: It-testerne er blandt branchens mest pessimistiske for tredje år i træk

Vis flere artikler

IT-JOB

Netcompany A/S

IT Consultant

Unik System Design A/S

QA Engineer

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Udviklingskonsulent til Planlægning, Strategi og Organisation i Cyberdivisionen

Statens IT

Site Reliability Engineer med fokus på automation

Forsvarsministeriets Materiel- og Indkøbsstyrelse

Netværksteknikere til design, drift og vedligehold ved Cyberdivisionen

Vis flere jobs

Seneste spørgsmål Seneste aktivitet

I dag 09:43	AI google.com Af Peter Olsen i Andre onlineløsninger
31/0310:22	Makro der gemmer vedhæftet fil fra Msg og omdøber filen Af lokesa i Excel
30/0313:45	Kablet forbindelse mellem android telefon og windows 11 pc Af 1Dorte i Android
30/0312:04	Elementtype vises - og ikke billedet? Af hkprofil i Billedbehandling
29/0312:08	Problemer med replay af købte kursusvideoer Af annam i Browsere

White papers

Undgå at printeren bliver svageste led i sikkerheden
Konica Minolta
Arctic Wolf Threat Report 2026: Sådan ændrer ransomware-landskabet sig
Arctic Wolf
Samarbejde mellem AI og mennesker styrker sikkerheden
Konica Minolta
Erfaringer fra frontlinjen: Sådan ændrer trusselsbilledet sig
Arctic Wolf

Flere white papers »