Avatar billede askhoej Praktikant
11. juli 2006 - 22:38 Der er 3 kommentarer og
1 løsning

HijackThis log - ABetterInternet.Nail

Hej,

Jeg har problemer med at få fjernet ABetterInternet.Nail fra en computer, er der nogen der har nogen gode råd?

/askhoej


*****************

Logfile of HijackThis v1.99.1
Scan saved at 19:32:05, on 11-07-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTSERV.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\Programmer\Logitech\SetPoint\LBTWiz.exe
C:\Programmer\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\Programmer\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Programmer\Logitech\MediaLife\MediaLifeService.exe
C:\Programmer\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programmer\ewido anti-spyware 4.0\ewido.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\MSN Messenger\MsnMsgr.Exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\WIDCOMM\Bluetooth-software\BTTray.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
C:\Programmer\ewido anti-spyware 4.0\guard.exe
C:\Programmer\Logitech\Easy Synchronization\servicestub.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Programmer\Logitech\Easy Synchronization\LogitechEasySync.exe
C:\WINDOWS\regstrmon.exe
C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
C:\WINDOWS\winamp.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Documents and Settings\Sidsel.SIDSELINHA\Skrivebord\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\winamp.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech BT Wizard] LBTWiz.exe -silent
O4 - HKLM\..\Run: [Easy Synchronization] C:\Programmer\Logitech\Easy Synchronization\LogitechEasySync.exe
O4 - HKLM\..\Run: [MMTray] "C:\Programmer\Musicmatch\Musicmatch Jukebox\mm_tray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NVIDIA nTune] "C:\Programmer\NVIDIA Corporation\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programmer\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Programmer\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [MediaLifeService] "C:\Programmer\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] "C:\Programmer\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Programmer\Fælles filer\Real\Update_OB\realsched.exe"  -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SpySweeper] "C:\Programmer\Webroot\Spy Sweeper\SpySweeper.exe" /startintray
O4 - HKLM\..\Run: [!ewido] "C:\Programmer\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\RunOnce: [Easy Synchronization] C:\Programmer\Logitech\Easy Synchronization\LogitechEasySync.exe --ports
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmer\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Programmer\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_06\bin\ssv.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {3BFFE033-BF43-11D5-A271-00A024A51325} (iNotes6 Class) - http://mail.subsero.dk/iNotes6W.cab
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: bw+0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: offline-8876480 - {EF38BF1A-DFC3-4012-B5E1-1B3E318584C7} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: LBTWlgn - c:\programmer\fælles filer\logitech\bluetooth\LBTWlgn.dll
O20 - Winlogon Notify: WRNotifier - C:\WINDOWS\SYSTEM32\WRLogonNTF.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Programmer\WIDCOMM\Bluetooth-software\bin\btwdins.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Programmer\ewido anti-spyware 4.0\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech Inc. - C:\Programmer\Fælles filer\Logitech\Bluetooth\LBTSERV.EXE
O23 - Service: Logitech Easy Synchronization - Unknown owner - C:\Programmer\Logitech\Easy Synchronization\servicestub.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: regstrmon - Unknown owner - C:\WINDOWS\regstrmon.exe
O23 - Service: Webroot Spy Sweeper Engine (svcWRSSSDK) - Webroot Software, Inc. - C:\Programmer\Webroot\Spy Sweeper\WRSSSDK.exe
O23 - Service: winamp service control - Unknown owner - C:\WINDOWS\winamp.exe
Avatar billede magictouch Nybegynder
12. juli 2006 - 09:08 #1
Kigger på den ;)
Avatar billede magictouch Nybegynder
12. juli 2006 - 09:23 #2
Download free Trial af SuperAntiSpyware Pro til Skrivebordet:

http://www.superantispyware.com/downloads/SUPERAntiSpywarePro1241.exe

Installer den, og lad den opdatere med nyeste opdateringer.

Så vil den spørge om din mail adresse, det er op til dig selv om du vil udfylde det.Tryk så på Næste og Næste igen -Udfør.

Dansk vejledning her:
http://www.spywarefri.dk/manualer/superantispyware-manual.htm

Luk progammet.



Og denne -

Hent Ccleaner:http://www.ccleaner.com/ccdownload.asp
Installer programmet, men lad vær med at køre det endnu!
Husk at vælge dansk ved installationen.
Fjern flueben ved - Tilføj Yahoo Toolbar. Hvis du ikke ønsker den.
Ccleaner programmet fjerner overflødige Temp filer.
Og gør de nedenstående scanninger hurtigere




Download cureit til skrivebordet   
ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe





Klik på Start-kør. Skriv: Services.msc Tast OK.
Find følgende services, højreklik på dem og vælg egenskaber. Under starttype vælger du deaktiveret. "regstrmon "

Samme procedure med –
winamp service control


Kør en scanning med Hijackthis, så du kan se alle filer.

Du får herunder nogle filer, som du skal fixe. Det, du skal gøre, er at sætte et flueben ud for disse filer. Når du har gjort det, så lukker du alle andre vinduer ned. Det er meget vigtigt at det eneste vindue, som er åbent er HijackThis vinduet. Husk også at lukke dette vindue, når du har markeret filerne. Nu må du fixe. Klik på Fix checked:
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\winamp.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O18 - Protocol: bw+0  <<< Fix ALLE  018 linjer



Genstart til fejlsikret tilstand. Du trykker F8 nogle gange når Windows starter op.

Åbn Stifinder, gå op i værktøjslinjen, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved "Skjul beskyttede operativsystemfiler".
Fjern flueben ved "Skjul filtypenavne for kendte filtyper".
Sæt prik i "Vis skjulte filer og mapper".

Slet nedenstående filer og mapper, mærket med fedt. Bliv ikke forbavset  hvis du ikke kan finde alle filer  eller mapper, da de kan være fjernet automatisk under fixet med Hijackthis.



Exe Filer:
C:\WINDOWS\winamp.exe
C:\WINDOWS\regstrmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe



Kør CCleaner.
Tryk så på "Renser" i menuen i venstre side.
Nu skal du trykke på knappen "Kør Cleaner" - det gør du mindst 2 gange.
Luk programmet.



Dobbeltklik på cureit exe filen laver den en kort startup/express scan.
Så popper der en skærm op- Tryk på Start
Lad den fixe hvad den finder (Say Yes to all)
Derefter skal du klikke på Options->Change settings.
Skift til fanebladet Scan, fjern fluebenet ved Heuristic analysis.
Skift til fanebladet Actions, her skal alle punkter under Malware sættes til Move.
Fjern flueben ved – Prompt on action.
Ved Move Path sletter du hvad der står, og skriver: c:\infected
Tryk på Anvend

Klik så på det eller de drev du vil have scannet, der kommer en rød prik for at vise det/de er valgt.
Tryk så på den grønne pil nederst  til højre, så scanner den, og fixer problemerne.

Når scanningen er færdig, gå op i file – Tryk på- Save Report list.

Så ligger der en en fil der her hedder drweb csv –på skrivebordet

Luk Programmet





Start superantispyware ved at højreklikke på den gule og sorte bille ved uret
Tryk på - Scan for, Adware,Malware  - linjen
Tryk på - Preference - Knappen.
Fjern flueben ved -Start SuperAntiSpyware when Windows starts.

tryk på Fanebladet -Scanning control.

ved scanning options, skal der kun være flueben i de to nederste

Fanebladet- Real Time Protections. Fjerner du fluben ved - Enable Real Time Protection

Tryk så på Close

Tryk på - Scan Your computer - Knappen. sæt flueben ved de drev der skal scannes. Det er vigtigt at drev hvor Windows (systemdrevet) ligger, har et  flueben.

Flyt så prikken ved- Perform quick Scan,  ned til - Perform complete Scan.

Tryk på Næste, så går den i gang med at scanne.

Det kan godt tage lang tid hvis du har meget på computeren


Når scanninngen er færdig popper der en boks op, tryk OK.

Sæt flueben ved alt den har fundet- næste. Så vil den fixe/slette infektionerne.

Lad den genstarte.


Efter genstart -

Klik på "Start" - Vælg "Søg".
Klik på linket "Skift indstillinger".
Klik på "Skift søgefunktioner for filer og mapper"
Sæt prik i "Avanceret" og klik OK.
Klik på "Alle filer og mapper"
Klik på "Flere avancerede indstillinger"
Sæt flueben i de tre øverste.
Find:
superantispyware scan log






Send en ny hijackthis herind, sammen med Superantispyware loggen, loggen fra drweb (drweb csv) og fortæl hvordan tingene ser ud nu
Avatar billede askhoej Praktikant
13. juli 2006 - 22:37 #3
det virkede helt perfekt, tusind tak - smider du et svar
Avatar billede magictouch Nybegynder
14. juli 2006 - 07:11 #4
Jamen det lyder da godt, og velbekomme (:->)
Avatar billede Ny bruger Nybegynder

Din løsning...

Tilladte BB-code-tags: [b]fed[/b] [i]kursiv[/i] [u]understreget[/u] Web- og emailadresser omdannes automatisk til links. Der sættes "nofollow" på alle links.

Loading billede Opret Preview
Kategori
IT-kurser om Microsoft 365, sikkerhed, personlig vækst, udvikling, digital markedsføring, grafisk design, SAP og forretningsanalyse.

Log ind eller opret profil

Hov!

For at kunne deltage på Computerworld Eksperten skal du være logget ind.

Det er heldigvis nemt at oprette en bruger: Det tager to minutter og du kan vælge at bruge enten e-mail, Facebook eller Google som login.

Du kan også logge ind via nedenstående tjenester