---

Er der en venlig sjæl derude som vil hjelpe mig med en av vores venners PC Den var så fylt med snavs jeg har fået renset en masse men ?Jeg kender intet til Windows 2000 kan ikke finde nogen gendannelse av Pc en som man har på XP og jeg kan heller ikke bruge det der mscomfig så Pc eren starter hurtigere op , VH vonna

---

Ja Windows 2000

---

Der findes ingen gendannelse i Windows 2000

..men for at PC'en starter hurtigere op kan du med fordel rense registreringsdatabasen med dette program:

http://www.tweaknow.com/RegCleaner.html (..brug linket ude til venstre: 'Download')

</MOLOKYLE>

---

hej molokyle jeg har nu skannet med RegCleaner jrg mener ikke at der skete det storeDer har været en masse skitt på PCen og også Trojan som jeg ikke er lidt usikker på er helt væk jeg har brugt AVG Virus skanner og AVG spejvar Skanner +en anden spyvar skanner og de fant alle snavs

---

Prøv at smide en Hijack this log herind så er jeg sikker på Stl_s nok skal kigge på den!!

http://www.spywarefri.dk/vaerktoj.htm nummer 12 på listen

---

Prøv også:

Hent evt. Spywareblaster; en 'run once' applikation som virker som et passivt filter:

http://www.javacoolsoftware.com/spywareblaster.html

..en manual finder du her: http://www.spywarefri.dk/manualer/spywareblaster-manual.htm

Et af de bedste programmer til at rense ud i det 'snavs' du evt. allerede har reddet dig er:

http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

..og manualen til programmet findes her: http://www.spywarefri.dk/manualer/superantispyware-manual.htm

</MOLOKYLE>

---

tjahhh - jeg ville nok vente og se om stl_s kommer forbi i eftermiddag og tilbyder at hjælpe

---

Ja jeg vil prøve alt og går nu igang

---

Og husk du må endelig ikk selv slette noget med hijack this

---

ikke godt alt det der hvis maskinen er inficeret - vent og få hjælp af stl_s !!!!

---

Du kan 'lurekigge' på din hijackthis log hér: http://startup.networktechs.com/

..men som 'de andre' siger: DON'T TOUCH THAT DILE !!!

</MOLOKYLE>

---

hvorfor forvirre tingenes tilstand ?????

hvis der skal hjælpes seriøst så er det værd at vente til stl_s kommer på banen efter arbejdet - den mand ved ski da hvad han gør fra step 1 til end of story

forud for det kan du gøre dette :

hent denne til skrivebordet - følg vejledningen - kopier loggen herind som vist i vejledningen http://sptlarsenserious.googlepages.com/hijackthis

og lad så være med at lade for mange kokke fordærve maden

---

---

Visse vasse...

</MOLOKYLE>

---

du er en NØD molo - og du ved det

---

Præcis som dette ligner en kastanie: http://www.hort.cornell.edu/4hplants/Fruits/Images/Macadamia%20Nut%2025.jpg

..men i virkeligheden ER en nød !

</MOLOKYLE>

---

Logfile of HijackThis v1.99.1
Scan saved at 12:47:46, on 22-02-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\AGRSMMSG.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Browser MOUSE\mouse32a.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINNT\system32\eapemel.exe
C:\WINNT\system32\internat.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\eapemel.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Miaorkem] eapemel.exe
O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Miaorkem] eapemel.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146075767640
O18 - Protocol: bw+0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)

---

Godt så bare vent indtil stl_s kommer og skriver hvad du skal

---

Ja, der er nogle ubehageligheder der skal væk.

Hent og dobbeltklik denne fil. Den pakker sig ud til C:\SDFix:
http://downloads.andymanchesta.com/RemovalTools/SDFix.zip

Så starter du op i fejlsikret tilstand http://www.spywareinfo.dk/htm/fejlsikret_tilstand.htm

Lykkes det ikke, så se her http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1

(OBS: Hvis du bruger Bootsafe, som er en nødløsning, så tjek vejledningen for hvordan du kommer tilbage i normal tilstand)


Gå så ind i mappen SDFix på C drevet. Dobbeltklik på filen RunThis.bat, for at starte værktøjet. Tryk "y" for at bekræfte, at du kører værktøjet på egen risiko. Så vil værktøjet gå i gang med at fjerne trojanservicen, og lave et par reparationer af registreringsdatabasen. På et tidspunkt vil det bede dig om at trykke en taste for at genstarte computeren. Det skal du gøre, hvorefter computeren vil genstarte efter 15 sekunder.

Genstarten vil tage lidt længere end sædvanligt, idet værktøjet skal have tid til at udføre sit arbejde. Når skrivebordet dukker op, vil værktøjet skrive "Finished". Tryk herefter en taste for at indlæse dine skrivebordsikoner igen.

Åben så SDFix-mappen, find filen Report.txt, og kopier indholdet af denne fil herind.

-------------------------------------------------------------------

1.

Hent denne virus scanner ned til skrivebordet.

http://www.spywareinfo.dk/download/mwav.exe

---------------------------------------------------------
2.

Så starter du op i fejlsikret tilstand http://www.spywareinfo.dk/htm/fejlsikret_tilstand.htm

Lykkes det ikke, så se her http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1

(OBS: Hvis du bruger Bootsafe, som er en nødløsning, så tjek vejledningen for hvordan du kommer tilbage i normal tilstand)

---------------------------------------------------------
3.

Kør nu zipfilen som du hentede og klik UNZIP, så bliver scanneren pakket ud og brugerfladen åbner.


Sæt et flueben i DRIVE. Klik nu på Scan/Clean, og så scanner den for virus og sletter hvad den finder.

---------------------------------------------------------
4.

Jeg vil gerne se hvad scanneren har fundet og slettet, så gør venligst dette når scanningen er færdig (KAN tage lang tid):

I vinduet VIRUS LOG INFORMATION (vinduet åbner KUN hvis scanneren finder virus) markerer du teksten med musen, og trykker så på CTRL og C knapperne samtidig. Så er teksten kopieret til udklipsholderen. Sæt det ind i et tekst dokument (f,eks Notesblok eller Wordpad), og sæt det ind i tråden i dit næste indlæg.


OBS: Scanneren kan også generere en meget lang log. Den skal du venligst IKKE kopiere ind.


Luk scanneren ved at klikke EXIT og EXIT igen (Ignorer reklamen for købe versionen).


Kom også med en frisk HijackThis log.

---

Hej stl-s Jeg kommer godt ind på fejlsikret men jeg kan ikke åbne filen SDFix

---

Hvilken fejl får du ?

Prøv lige at køre scanneren først, og så prøv igen.

---

Jeg prøver engang til ,har prøvet flere gange

---

nei den gik slett ikke kunne ikke finde filen i fejlsikret

---

Vonna, du skal sørge for at begge programmer bliver pakket ud og installeret i normal tilstand.

---

Hej stl_s Så sker der noget hvad skal jeg trykke efter at jeg har trykket Y for at bekrefte at jeg bruger den på eget ansvar

---

Så trykker du på <enter> knappen.

---

Er det denne raport du skulle have stl_s


SDFix: Version 1.68

Run by Otto - to 22-02-2007 @ 21:50:21,95

Microsoft Windows 2000 [version 5.00.2195]

Running From: C:\SDFix

Safe Mode:
Checking Services:

Name:

Path:


Checking For Malware Registry Entries
Restoring Windows Registry Entries
Restoring Default Hosts File


C:\WINNT\system32\Microsoft\backup.ftp Found...
C:\WINNT\system32\Microsoft\backup.tftp Found...

Checking files:

Genuine:
C:\WINNT\system32\Microsoft\backup.ftp
C:\WINNT\system32\Microsoft\backup.tftp

Dummy:
C:\WINNT\system32\ftp.exe
C:\WINNT\system32\tftp.exe

Files copied to SDFix\Backups

Restoring files if backups are found

Final Check:

Genuine:
C:\WINNT\system32\Microsoft\backup.ftp
C:\WINNT\system32\Microsoft\backup.tftp
C:\WINNT\system32\ftp.exe
C:\WINNT\system32\tftp.exe
C:\WINNT\system32\dllcache\ftp.exe
C:\WINNT\system32\dllcache\tftp.exe

Dummy:


Rebooting...

Normal Mode:
Checking Files:

Below files will be copied to Backups folder then removed:

C:\WINNT\system32\Microsoft\backup.ftp - Deleted
C:\WINNT\system32\Microsoft\backup.tftp - Deleted



ADS Check:

C:\WINNT\system32
No streams found.


Final Check:

Remaining Services:
------------------


Remaining Files:
---------------

Backups Folder: - C:\SDFix\backups\backups.zip


Checking For Files with Hidden Attributes :


Add/Remove Programs List:

Adobe Acrobat 5.0
Agere Systems AC'97 Modem
ATI Display Driver
AVG Free Edition
AVG Anti-Spyware 7.5
Browser MOUSE
Delsim Dialer
HijackThis 1.99.1
HP Imaging Device Functions 5.3
HP Image Zone 5.3
HP Solution Center & Imaging Support Tools 5.3
HP Extended Capabilities 5.3
IKEA Home Planner Kitchen
Microsoft Base Smart Card Crypto-udbyder
LiveReg (Symantec Corporation)
LiveUpdate 2.6 (Symantec Corporation)
Living Waterfalls Screensaver
Macromedia Shockwave Player
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Ahead Nero 6 Demo
Internet Explorer Q903235
Adobe Flash Player 9 ActiveX
Softwarevejledning til ESC86
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
TweakNow RegCleaner Standard
Samlet opdateringspakke 1 til Windows 2000 SP4
WinZip
Yahoo! Toolbar
Microsoft Office 2000 Premium
PhotoGallery
CP_Package_Variety1
Destinations
HP Software Update
CP_Package_Variety3
Sonic_PrimoSDK
CP_Panorama1Config
Unload
Logitech SetPoint
TrayApp
InstantShareDevices
HP Photosmart 330,380,420,470,7800,8000,8200 Series
CP_CalendarTemplates1
MUSICMATCH© Jukebox
FullDPAppQFolder
RandMap
WebReg
CP_Package_Basic1
MarketResearch
DeviceFunctionQFolder
SkinsHP1
eSupportQFolder
PowerDVD
CustomerResearchQFolder
Microsoft .NET Framework 2.0
PSTAPlugin
PSPrinters08
CP_AtenaShokunin1Config
Logitech Desktop Messenger
Microsoft Office Professional Edition 2003
Microsoft .NET Framework 1.1 Danish Language Pack
CameraDrivers
CueTour
DeviceManagementQFolder
PanoStandAlone
CP_Package_Variety2
BufferChm
Microsoft .NET Framework 1.1
SUPERAntiSpyware Free Edition
HPProductAssistant
SolutionCenter
ScanToWeb
PS8200
Status
EasyCleaner

Finished

---

Ja tak .

Så vil jeg foreslå, at du kører MWAV scanneren.

---

Den fant ingev virus ,derfor ingen log

---

Okay, så må vi i gang med at fjerne det manuelt. Kom lige med en frisk HijackThis log.

---

Logfile of HijackThis v1.99.1
Scan saved at 23:11:59, on 22-02-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\AGRSMMSG.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Browser MOUSE\mouse32a.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINNT\system32\eapemel.exe
C:\WINNT\system32\internat.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINNT\system32\eapemel.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Miaorkem] eapemel.exe
O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Miaorkem] eapemel.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146075767640
O18 - Protocol: bw+0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)

---

Puha den ser grim ud

---

Det er såmænd ikke så galt. Du har "kun" besøg af en orm, som ikke er kendt af scannerne endnu.

For at gøre den kendt af mange antivirus, kan du hjælpe med at gå her ind, og få filen scannet http://www.virustotal.com/en/indexf.html Klik gennemse og find filen (med fed skrift) C:\WINNT\system32\eapemel.exe og klik send. Afvent resultatet, og kopier det gerne her ind.

Men væk skal den .


Hent Avenger her:
http://swandog46.geekstogo.com/avenger.zip

1. Pak Avenger-programmet ud og dobbeltklik på avenger.exe

2. Sæt en prik i "Input Script Manually" og klik på luppen - nu dukker der et lille vindue op, hvor du skal kopiere indholdet mellem de stiplede linier ind:

-----------------------------

Files to delete:
%windir%\system32\eapemel.exe
%windir%\termsrv.exe

-----------------------------

3. Klik på Trafiklyset i Avenger. Programmet vil opfordre dig til at genstarte computeren straks, hvilket du skal gøre. Programmet vil lukke din computer, slette filerne og starte computeren igen.

4. Efter genstarten vil der dukke et notepad-vindue op, med en log for Avengers handlinger. Den må du gerne lægge ind i dit næste svar.


-------------------------------------------------


Kør en scanning med HijackThis, og maximer derefter Hijackthis vinduet, så du kan se alle linierne.

Luk alle vinduer, på nær HijackThis. Sæt flueben ved disse linier, og klik på fix checked knappen.


O4 - HKLM\..\Run: [Miaorkem] eapemel.exe
O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe
O4 - HKCU\..\Run: [Miaorkem] eapemel.exe
O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)


Kom også med en frisk HijackThis log, efter en genstart.


Btw, du kan med fordel afinstallere Logitech Desktop Messenger. Den bruger mange ressourcer, og er ikke til meget nytte.

---

Nu forstår jeg ikke helt---

men skal jeg herind først

http://www.virustotal.com/en/indexf.html

---

Pyt med det Vonna. Spring bare VirusTotal over. Den fil skal nok blive gjort kendt snart alligevel. Fortsæt bare med næste trin.

---

Da jeg trykkede på Trafiklyset fik jeg besked på error

---

Hmm, der er åbenbart en fejl i Avenger i øjeblikket. Jeg oplever det samme.

Ok, men filerne kan måske slettes manuelt.

Start op i fejlsikret tilstand, og slet filerne:

C:\WINNT(= Windows)\system32\eapemel.exe

C:\WINNT\termsrv.exe (Er måske væk)

Fix linierne i HijackThis. Genstart til normal tilstand, og kom med en frisk log.

---

Den lukker ikke ned så der er noget som ikke er helthar prøvet 2gange med trafiklyset men?

---

Ja, Avenger programmet er ikke i orden i øjeblikket, så prøv at slette manuelt, som beskrevet.

---

filerne er fjernet
hvad mener du med Fix linierne i HijackThis.

---

Godt filerne er væk. Så skal du bare fixi i HijackThis. Det gør du således:

Kør en scanning med HijackThis, og maximer derefter Hijackthis vinduet, så du kan se alle linierne.

Luk alle vinduer, på nær HijackThis. Sæt flueben ved disse linier, og klik på fix checked knappen.


O4 - HKLM\..\Run: [Miaorkem] eapemel.exe
O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe
O4 - HKCU\..\Run: [Miaorkem] eapemel.exe
O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)

---

Logfile of HijackThis v1.99.1
Scan saved at 01:39:51, on 23-02-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\AGRSMMSG.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Browser MOUSE\mouse32a.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINNT\system32\internat.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Miaorkem] eapemel.exe
O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Miaorkem] eapemel.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146075767640
O18 - Protocol: bw+0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)

---

Linierne er der nu endnu. Prøv lige igen. Spørg hvis du er i tvivl om noget:

Kør en scanning med HijackThis, og maximer derefter Hijackthis vinduet, så du kan se alle linierne.

Luk alle vinduer, på nær HijackThis. Sæt flueben ved disse linier, og klik på fix checked knappen.


O4 - HKLM\..\Run: [Miaorkem] eapemel.exe

O4 - HKLM\..\RunServices: [Miaorkem] eapemel.exe

O4 - HKCU\..\Run: [Miaorkem] eapemel.exe

O23 - Service: Terminal Server-Services - Unknown owner - C:\WINNT\termsrv.exe (file missing)

---

Logfile of HijackThis v1.99.1
Scan saved at 02:04:29, on 23-02-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\AGRSMMSG.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Browser MOUSE\mouse32a.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\WINNT\system32\internat.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Programmer\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146075767640
O18 - Protocol: bw+0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Programmer\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe

---

Tak for svaret stl_s.Dessverre hjalp din indsat ikke så jeg kommer nok til at formatere

---

Hov, vent lidt Vonna. Skal vi give op nu ? . Prøv lige at beskrive problemet.

---

Hej stl_s ja problemet er det samme som i går Trojan jeg har skannet og skannet og ryddet opp det meste av dagen men jeg tror ikke at det har hjulpet ,den har også en meget sen opstart ,jeg er lidt usikker på meg selv ,da jeg ikke kender noget til Windows 2000 om jeg klarer at instalere den på ny ,var det min egen ,havde jeg ikke haft nogle betænkeligheder, men jeg går igang ,jeg skal nok klare det ,

---

Vonna, ellers prøv at komme med en ny Hijackthis log.

Og kør dette program, og kom med loggen fra det:

Hent Combofix, og gem den på dit skrivebord:
http://download.bleepingcomputer.com/sUBs/combofix.exe

Kør så combofix.exe, og følg anvisningerne.

Du bør ikke klikke på vinduet imens værktøjet kører, idet det kan få din computer til at fryse.
Når combofix er færdig, og efter det har genstartet, skulle der gerne åbnes en logfil: combofix.txt som kan findes her-C:\combofix.txt

---

dette var det eneste jeg fik ud av den Combofix

The tool, ComboFix has been temporarily withdrawn.

The author discovered a rootkit infection that will intefere with ComboFix's running.

This will cause Combofix to be UNSAFE FOR USE on your machine.

Even if you manage to find a mirror for the tool, PLEASE DO NOT RUN THIS TOOL

Apologies for any inconvenience caused

---

Logfile of HijackThis v1.99.1
Scan saved at 00:25:05, on 24-02-2007
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\System32\Ati2evxx.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\SOUNDMAN.EXE
C:\WINNT\AGRSMMSG.exe
C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
C:\Programmer\Browser MOUSE\mouse32a.exe
C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe
C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
C:\Programmer\Logitech\SetPoint\SetPoint.exe
C:\Programmer\Fælles filer\Logitech\KHAL\KHALMNPR.EXE
C:\Programmer\HP\Digital Imaging\bin\hpqimzone.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Programmer\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINNT\system32\ZoneLabs\vsmon.exe
C:\Programmer\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
C:\WINNT\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINNT\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINNT\explorer.exe
C:\Programmer\Internet Explorer\iexplore.exe
C:\Programmer\HJTrenamed.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.dk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: @msdxmLC.dll,-1@1030,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Programmer\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] C:\Programmer\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [FLMOFFICE4DMOUSE] C:\Programmer\Browser MOUSE\mouse32a.exe
O4 - HKLM\..\Run: [HPHUPD08] C:\Programmer\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Programmer\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Programmer\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [LDM] C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Hurtig start.lnk = C:\Programmer\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Programmer\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Programmer\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O12 - Plugin for .spop: C:\Programmer\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1146075767640
O18 - Protocol: bw+0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {09E37907-A1F5-4E0A-8C4F-652E5BDFFE24} - C:\Programmer\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\System32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Programmer\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\system32\HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINNT\system32\ZoneLabs\vsmon.exe

---

---

Hvor finder AVG trojaneren, og hvad hedder den?

Prøv lige at scanne maskinen igennem med SuperAntiSpyware:

Hent denne scanner http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

Installer, og opdater scanneren manuelt. OBS, ved installationen bliver det foreslået at du registrerer med din email. Det behøver du ikke at gøre.


Så starter du op i fejlsikret tilstand http://www.spywareinfo.dk/htm/fejlsikret_tilstand.htm

Lykkes det ikke, så se her http://www.ctrlaltdel.dk/forum/forum_posts.asp?TID=110&PN=1


Start SuperAntiSpyware, klik "Scan your computer", sæt flueben i dine drev, ovre til venstre i vinduet. Ovre til højre i vinduet, sætter du prik i "Perform Complete Scan". Klik "næste", nu scanner den. Når den er færdig, så markerer du det den finder, og lader scannereren fjerne det.

Genstart til normal tilstand (scanneren tilbyder måske at gøre det).

Åbn scanneren igen, og klik "preferences"-> "stastics/logs". Marker loggen, og klik "View log". Kopier loggen her ind i tråden, sammen med en frisk HijackThis log.

---

Hej stl_s Ja du skal have tat for dine store indsat men da vi ikke har haft Internet i dag ja det kom tilbage for 10 minutter siden, valgte jeg at formatere PCen og det gik ud over alle forvetninger så nu kører den som en drøm Den havde Windous 2000 som er meg helt fremmed ,jeg brugte Recovery CD og skulle den nu være som den var fra Frabrikken Jeg er lidt uforstående fordi nu er det Windous XP Nå men lige meget nu skal den leveres til Ejermanden som helt sikkert bliver glad

Endnu engang tusin tak for hjelpen. Venligs vonna

Eftersom du ikke er logget ind i systemet, kan du ikke skrive et indlæg til dette spørgsmål.

Hvis du ikke allerede er registreret, kan du gratis blive medlem, ved at trykke på "Bliv medlem" ude i menuen.