/ Forside/ Teknologi / Internet / Sikkerhed / Spørgsmål
Login
Glemt dit kodeord?
Brugernavn 

Kodeord  


Reklame
Top 10 brugere
Sikkerhed
#NavnPoint
stl_s 37026
arlet 26827
miritdk 20260
o.v.n. 12167
als 8951
refi 8694
tedd 8272
BjarneD 7338
Klaudi 7257
10  molokyle 6481
Trojan.Peacomm Hjælp
Fra : ups8700
Vist : 616 gange
100 point
Dato : 24-01-07 08:17

HEJ
Jeg er blevet angrebet af denne Trojan.Peacomm og jeg håber at i kan hjælpe mig med at fjerne den og hvad jeg skal gøre.

Logfile of HijackThis v1.99.1
Scan saved at 20:09:47, on 23-01-2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Programmer\Norton Internet Security\ISSVC.exe
C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programmer\Java\jre1.5.0_10\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Programmer\r\CyberLink\PowerDVD\DVDLauncher.exe
C:\Programmer\Dell\Media Experience\DMXLauncher.exe
C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe
C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Programmer\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\Windows Media Player\WMPNSCFG.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
C:\Programmer\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Programmer\Fælles filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programmer\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe
C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Programmer\Spyware Doctor\sdhelp.exe
C:\WINDOWS\system32\svchost.exe
C:\Programmer\Windows Media Player\WMPNetwk.exe
C:\Programmer\iPod\bin\iPodService.exe
C:\WINDOWS\System32\alg.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\Messenger\msmsgs.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://signon.stofanet.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://signon.stofanet.dk/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = http://sigon.stofanet.dk/proxy.pac
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\programmer\google\googletoolbar1.dll (file missing)
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programmer\Fælles filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programmer\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\programmer\google\googletoolbar1.dll (file missing)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\yt.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Programmer\Java\jre1.5.0_10\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Programmer\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Programmer\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Programmer\r\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Programmer\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [ccApp] "C:\Programmer\Fælles filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\FÆLLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Programmer\Fælles filer\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programmer\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [RegistrySmart] "C:\Program Files\RegistrySmart\RegistrySmart.exe" -boot
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LemmingsRevolutionSetup.exe] C:\DOCUME~1\MIKEHA~1\SKRIVE~1\LEMMIN~1.EXE /r
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [EA Core] "C:\Programmer\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [Zinio DLM] C:\Programmer\Zinio\ZinioDeliveryManager.exe /autostart
O4 - HKCU\..\Run: [WMPNSCFG] C:\Programmer\Windows Media Player\WMPNSCFG.exe
O4 - Startup: Hurtig start af Microsoft Office OneNote 2003.lnk = C:\Programmer\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = ?
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Google Search - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links - res://C:\Programmer\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Programmer\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Si&milar Pages - res://C:\Programmer\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://C:\Programmer\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programmer\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3D6DDD23-870A-4FC8-B3AF-5F67C935A9B7} (Util Class) - https://udstedelse.certifikat.tdc.dk/csp/authenticode/PrimeInkCSP-1204.exe
O16 - DPF: {402EE96E-2CE8-482D-ADA5-CECEEA07E16D} (TurnTool Scene) - http://www.turntool.com/ViewerInstall.exe
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://topsecretdenmark.spaces.live.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {4FAE30E1-EE9C-477D-8D06-BF8D3429B60F} (WebIQ Technology Client) - http://webiq001.webiqonline.com/WebIQ/bin/WebIQ.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133294080812
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1151825139093
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://opdatering.tdc.dk/csp/authenticode/tdccsp-0506.exe
O18 - Protocol: bw+0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: offline-8876480 - {B82E3BCB-C0B7-4A3B-9671-1D6F80755239} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Data Management Job Dispatch - Autodesk Inc - C:\Programmer\Autodesk\Data Management Server 5\Server\Dispatch\Connectivity.WindowsService.JobDispatch.exe
O23 - Service: Autodesk EDM Server - - C:\Programmer\Autodesk\Data Management Server 5\Server\Webserver\Connectivity.EDMWS.Server.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Programmer\Fælles filer\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Programmer\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programmer\Fælles filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Programmer\iPod\bin\iPodService.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programmer\Norton Internet Security\ISSVC.exe
O23 - Service: MSSQL$AUTODESKVAULT - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlservr.exe" -sAUTODESKVAULT (file missing)
O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Programmer\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Programmer\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FÆLLES~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Programmer\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programmer\Fælles filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: SQLAgent$AUTODESKVAULT - Unknown owner - C:\Programmer\Microsoft SQL Server\MSSQL$AUTODESKVAULT\Binn\sqlagent.EXE" -i AUTODESKVAULT (file missing)

 
 
Kommentar
Fra : stl_s


Dato : 24-01-07 11:21

Hent Blacklight her https://europe.f-secure.com/blacklight/try.shtml Scroll ned på siden, og klik "iaccept". På næste side kan du downloade Blacklight til skrivebordet (tag den øverste). Dobbeltklik filen, og klik scan. Når den er færdig laver den en log på skrivebordet. Kopier loggen her ind. Du skal ikke lade Blacklight fjerne noget endnu.

Kommentar
Fra : ups8700


Dato : 24-01-07 14:21

Så nu har jeg også kørt Blacklight og her er hvad der kom du af det.

01/24/07 14:09:24 [Info]: BlackLight Engine 1.0.55 initialized
01/24/07 14:09:24 [Info]: OS: 5.1 build 2600 (Service Pack 2)
01/24/07 14:09:24 [Note]: 7019 4
01/24/07 14:09:24 [Note]: 7005 0
01/24/07 14:09:27 [Note]: 7006 0
01/24/07 14:09:27 [Note]: 7011 2996
01/24/07 14:09:27 [Note]: 7026 0
01/24/07 14:09:27 [Note]: 7026 0
01/24/07 14:09:42 [Note]: FSRAW library version 1.7.1021
01/24/07 14:19:35 [Note]: 7007 0

Kommentar
Fra : stl_s


Dato : 24-01-07 14:27

Ok, du er så tilsyneladende sluppet for den version der installerer et rootkit. Så burde denne scanner kunne løse problemet:

1.

Hent denne virus scanner ned til skrivebordet.

http://www.spywareinfo.dk/download/mwav.exe

---------------------------------------------------------
2.

Så starter du op i fejlsikret tilstand http://www.spywareinfo.dk/htm/fejlsikret_tilstand.htm

Lykkes det ikke, så se her http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1

(OBS: Hvis du bruger Bootsafe, som er en nødløsning, så tjek vejledningen for hvordan du kommer tilbage i normal tilstand)

---------------------------------------------------------
3.

Kør nu zipfilen som du hentede og klik UNZIP, så bliver scanneren pakket ud og brugerfladen åbner.


Sæt et flueben i DRIVE. Klik nu på Scan/Clean, og så scanner den for virus og sletter hvad den finder.

---------------------------------------------------------
4.

Jeg vil gerne se hvad scanneren har fundet og slettet, så gør venligst dette når scanningen er færdig (KAN tage lang tid):

I vinduet VIRUS LOG INFORMATION (vinduet åbner KUN hvis scanneren finder virus) markerer du teksten med musen, og trykker så på CTRL og C knapperne samtidig. Så er teksten kopieret til udklipsholderen. Sæt det ind i et tekst dokument (f,eks Notesblok eller Wordpad), og sæt det ind i tråden i dit næste indlæg.


OBS: Scanneren kan også generere en meget lang log. Den skal du venligst IKKE kopiere ind.


Luk scanneren ved at klikke EXIT og EXIT igen (Ignorer reklamen for købe versionen).

Kommentar
Fra : ups8700


Dato : 24-01-07 14:57

Ok Nu har jeg kørt mwav i fejlsikret tilstand og der kommer ikke en log frem men der er den meget lange log.

Accepteret svar
Fra : stl_s

Modtaget 100 point
Dato : 24-01-07 15:07

Du er sikker på, at dit eget antivirus ikke har slettet den ? Det burde faktisk kunne gøre det. Prøv lige at opdatere dit Norton, og kør en scanning med det i fejlsikret tilstand.

Godkendelse af svar
Fra : ups8700


Dato : 24-01-07 17:51

Tak for svaret og en gode hjælp stl_s.

Kommentar
Fra : stl_s


Dato : 24-01-07 17:58

Velbekomme .

Btw, fandt dit Norton virussen, eller var den væk ?

Under alle omstændigheder, så vil jeg foreslå du lige slutter af med dette:

Efter et virus/spyware angreb, er det altid en god ide at rydde op i systemgendannelses filerne. Deaktiver systemgendannelse http://spywareinfo.dk/tip-og-tricks/deaktiver_systemgendannelse.htm - genstart din computer - aktiver systemgendannelse.

Ryd op i tempfiler. Hent evt ATF Cleaner her fra http://www.atribune.org/content/view/19/2/

Start ATF Cleaner. Sæt flueben i "Select all" (du kan undlade cookies, hvis du vil). Klik "Empty selected".

Kommentar
Fra : ups8700


Dato : 26-01-07 12:18

Ja det vil jeg gøre så og så må vi håbe der ikke kommer fler af den slask.

Du har følgende muligheder
Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.
Søg
Reklame
Statistik
Spørgsmål : 177455
Tips : 31962
Nyheder : 719565
Indlæg : 6408147
Brugere : 218880

Månedens bedste
Årets bedste
Sidste års bedste