Hej Doctor og velkommen til Spywarefri

Der er en del snavs i din log - desværre.

Gå i Start -> Kontrol Panel -> Tilføj/fjern programmer og kig efter følgende eller noget der ligner (hvis du finder noget så fjern det):

VirutalBouncer
Browser Enhancer
Ultimate Browser Enhancer
L O.P. Un instal1
Live 0n line Portal

Genstart herefter i Fejlsikret tilstand (ved at taste F8 under opstart).

Kør HijackThis, scan og sæt et flueben ud for hver af følgende linier (hvis du fik fjernet noget via Tilføj/fjern, så er alle linierne der muligvis ikke længere):

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://allaboutsearching.com/searchbar.html
R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Page = http://allaboutsearching.com/searchbar.html
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://allaboutsearching.com/passthrough/index.html?http://paritas/
R1 - HKCU/Software/Microsoft/Internet Explorer/Search,SearchAssistant = http://allaboutsearching.com/searchbar.html
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Search Bar = http://allaboutsearching.com/searchbar.html
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Search Page = http://allaboutsearching.com/searchbar.html
R0 - HKLM/Software/Microsoft/Internet Explorer/Search,SearchAssistant = http://allaboutsearching.com/searchbar.html
N3 - Netscape 7: user_pref(“browser.startup.homepage”, “allaboutsearching.com”); (C:/Documents and Settings/rasmus/Application Data/Mozilla/Profiles/default/35c63yoh.slt/prefs.js)

O2 - BHO: (no name) - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:/WINNT/twaintec.dll
O2 - BHO: (no name) - {3FBF0566-DD69-67D4-FB4A-695854F09D86} - C:/PROGRA~1/INTERN~2/DefaultGreat.dll
O2 - BHO: (no name) - {76D4AC95-701C-4424-983B-8066CF6459F7} - C:/WINNT/system32/iipxrip.dll
O3 - Toolbar: Road Grey - {23A470B1-4401-2D1A-E1EA-96ABCA448334} - C:/PROGRA~1/INTERN~2/DefaultGreat.dll

O4 - HKLM/../Run: [KQXEKRX] C:/WINNT/KQXEKRX.exe
O4 - HKLM/../Run: [body store] C:/PROGRA~1/List Bleh Seek/Trans frag.exe
O4 - HKLM/../Run: [winactive] C:/Program Files/Window Active/winactive.exe
O4 - Startup: Virtual Bouncer.lnk = C:/Program Files/VBouncer/VirtualBouncer.exe

Find og slet følgende:

C:/WINNT/KQXEKRX.exe
C:/(Programs eller Progam Files)/List Bleh Seek/ <<—hele mappen
C:/Program Files/Window Active/ <<—hele mappen
C:/Program Files/VBouncer/ <<—hele mappen

Genstart i Normal tilstand, kør HijackThis, scan og læg en frisk log herind.

God fornøjelse

Hej igen
Nu har jeg gjort ovenstående og min log ser nu sådan ud:

Logfile of HijackThis v1.97.7
Scan saved at 11:32:09, on 05-04-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINNT/System32/smss.exe
C:/WINNT/system32/winlogon.exe
C:/WINNT/system32/services.exe
C:/WINNT/system32/lsass.exe
C:/WINNT/system32/svchost.exe
C:/WINNT/system32/svchost.exe
C:/WINNT/system32/spoolsv.exe
C:/Program Files/Common Files/Symantec Shared/ccEvtMgr.exe
C:/PROGRA~1/Iomega/System32/AppServices.exe
C:/WINNT/System32/mgabg.exe
C:/Program Files/Norton AntiVirus/navapsvc.exe
C:/Program Files/Norton AntiVirus/AdvTools/NPROTECT.EXE
C:/WINNT/system32/regsvc.exe
C:/WINNT/system32/MSTask.exe
C:/WINNT/System32/WBEM/WinMgmt.exe
C:/WINNT/system32/svchost.exe
C:/Program Files/Iomega/AutoDisk/ADService.exe
C:/WINNT/system32/rundll32.exe
C:/WINNT/Explorer.EXE
C:/WINNT/System32/sistray.EXE
C:/WINNT/SOUNDMAN.EXE
C:/Program Files/Common Files/Symantec Shared/ccApp.exe
C:/WINNT/System32/PDesk/PDesk.exe
C:/Program Files/Logitech/MouseWare/system/em_exec.exe
C:/Program Files/Iomega/AutoDisk/ADUserMon.exe
C:/Program Files/Iomega/DriveIcons/ImgIcon.exe
C:/Program Files/Common Files/Real/Update_OB/realsched.exe
C:/Program Files/D-Tools/daemon.exe
C:/Program Files/Nokia/Nokia PC Suite 5/DataLayer.exe
C:/Program Files/Common Files/Nokia/NCLTools/NclTray.exe
C:/WINNT/Mixer.exe
C:/Program Files/HighCriteria/TotalRecorder/TotRecSched.exe
C:/Program Files/QuickTime/qttask.exe
C:/Program Files/Java/j2re1.4.2_03/bin/jusched.exe
C:/Program Files/Common Files/Nokia/Services/ServiceLayer.exe
C:/Program Files/Adobe/Adobe Version Cue/ControlPanel/VersionCueTray.exe
C:/PROGRA~1/PESTPA~1/PPMemCheck.exe
C:/WINNT/system32/internat.exe
C:/Program Files/MSN Messenger/msnmsgr.exe
C:/Program Files/ICQ/ICQ.exe
C:/Program Files/Microsoft ActiveSync/WCESCOMM.EXE
C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Distillr/acrotray.exe
C:/Program Files/Maxtor MaxBoost/MaxBoost/PFDEnable.exe
C:/Documents and Settings/rasmus/Desktop/hijackthis.exe

R0 - HKLM/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd={SUB_PRD}&clcid;={SUB_CLSID}&pver;={SUB_PVER}&ar=home
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 - HKLM/Software/Microsoft/Internet Explorer/Main,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
N3 - Netscape 7: user_pref(“browser.startup.homepage”, “http://home.netscape.com/”); (C:/Documents and Settings/rasmus/Application Data/Mozilla/Profiles/default/35c63yoh.slt/prefs.js)
N3 - Netscape 7: user_pref(“browser.search.defaultengine”, “engine://C:\Program Files\Netscape\Netscape\searchplugins\SBWeb_01.src”); (C:/Documents and Settings/rasmus/Application Data/Mozilla/Profiles/default/35c63yoh.slt/prefs.js)
O1 - Hosts: `Å auto.search.msn.com
O1 - Hosts: `Å search.netscape.com
O1 - Hosts: `Å ieautosearch
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINNT/System32/msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Program Files/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: &Google; - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:/WINNT/Downloaded Program Files/googlenav.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Acrobat/AcroIEFavClient.dll
O3 - Toolbar: AccessibilityToolbar - {9E0C6AAD-A8E3-4E49-9DBD-786099B599A4} - C:/Program Files/AccessibilityToolbar Toolbar/AccessibilityToolbar.dll
O4 - HKLM/../Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM/../Run: [SiS Tray] C:/WINNT/System32/sistray.EXE
O4 - HKLM/../Run: [SiS KHooker] C:/WINNT/System32/khooker.exe
O4 - HKLM/../Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM/../Run: [ccApp] “C:/Program Files/Common Files/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Program Files/Common Files/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [Advanced Tools Check] C:/PROGRA~1/NORTON~1/AdvTools/ADVCHK.EXE
O4 - HKLM/../Run: [Matrox Powerdesk] C:/WINNT/System32/PDesk/PDesk.exe /Autolaunch
O4 - HKLM/../Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM/../Run: [ADUserMon] C:/Program Files/Iomega/AutoDisk/ADUserMon.exe
O4 - HKLM/../Run: [Iomega Drive Icons] C:/Program Files/Iomega/DriveIcons/ImgIcon.exe
O4 - HKLM/../Run: [Deskup] C:/Program Files/Iomega/DriveIcons/deskup.exe /IMGSTART
O4 - HKLM/../Run: [TkBellExe] C:/Program Files/Common Files/Real/Update_OB/realsched.exe -osboot
O4 - HKLM/../Run: [DAEMON Tools-1033] “C:/Program Files/D-Tools/daemon.exe”  -lang 1033
O4 - HKLM/../Run: [DataLayer] C:/Program Files/Nokia/Nokia PC Suite 5/DataLayer.exe
O4 - HKLM/../Run: [Nokia Tray Application] C:/Program Files/Common Files/Nokia/NCLTools/NclTray.exe
O4 - HKLM/../Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM/../Run: [TotalRecorderScheduler] C:/Program Files/HighCriteria/TotalRecorder/TotRecSched.exe
O4 - HKLM/../Run: [QuickTime Task] “C:/Program Files/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [Mirabilis ICQ] C:/Program Files/ICQ/ICQNet.exe
O4 - HKLM/../Run: [SunJavaUpdateSched] C:/Program Files/Java/j2re1.4.2_03/bin/jusched.exe
O4 - HKLM/../Run: [AdobeVersionCue] C:/Program Files/Adobe/Adobe Version Cue/ControlPanel/VersionCueTray.exe
O4 - HKLM/../Run: [PPMemCheck] C:/PROGRA~1/PESTPA~1/PPMemCheck.exe
O4 - HKCU/../Run: [internat.exe] internat.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Program Files/MSN Messenger/msnmsgr.exe” /background
O4 - HKCU/../Run: [H/PC Connection Agent] “C:/Program Files/Microsoft ActiveSync/WCESCOMM.EXE”
O4 - HKCU/../RunOnce: [ICQ] C:/Program Files/ICQ/ICQ.exe -trayboot
O4 - Global Startup: Acrobat Assistant.lnk = C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Distillr/acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: MaxBoost.lnk = C:/Program Files/Maxtor MaxBoost/MaxBoost/PFDEnable.exe
O8 - Extra context menu item: &Google; Search - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links; - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed; Snapshot of Page - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmcache.html
O8 - Extra context menu item: Si&milar; Pages - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmsimilar.html
O9 - Extra ‘Tools’ menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra ‘Tools’ menuitem: Create Mobile Favorite… (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra ‘Tools’ menuitem: ICQ (HKLM)
O9 - Extra button: Toggle AccessibilityToolbar toolbar (HKLM)
O9 - Extra ‘Tools’ menuitem: &AccessibilityToolbar; toolbar (HKLM)
O12 - Plugin for .UVR: C:/Program Files/Internet Explorer/Plugins/NPUPano.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37760.9908217593
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 - HKLM/System/CCS/Services/Tcpip/Parameters: Domain = paritasinteractive.dk
O17 - HKLM/System/CCS/Services/Tcpip/../{8AC2D57A-BE32-4136-BB71-F9D00D1EB345}: NameServer = 192.168.0.2
O17 - HKLM/System/CS1/Services/Tcpip/Parameters: Domain = paritasinteractive.dk
O17 - HKLM/System/CS2/Services/Tcpip/Parameters: Domain = paritasinteractive.dk

Hej Doctoren

Der er stadig lidt som skal væk.
Det er disse, som skal fixes:

O1 - Hosts: `Å auto.search.msn.com
O1 - Hosts: `Å search.netscape.com
O1 - Hosts: `Å ieautosearch

Den her toolbar herunder, er det en du selv har bedt om. Jeg kan ikke se hverken om den skulle være legal, eller det modsatte. Hvis det ikke er en du selv har bedt om, så fix den:
O3 - Toolbar: AccessibilityToolbar - {9E0C6AAD-A8E3-4E49-9DBD-786099B599A4} - C:/Program Files/AccessibilityToolbar Toolbar/AccessibilityToolbar.dll

Fjerner du ovenstående skal dissse også fixes:
O9 - Extra button: Toggle AccessibilityToolbar toolbar (HKLM)
O9 - Extra ‘Tools’ menuitem: &AccessibilityToolbar; toolbar (HKLM)

Dem her kan du også med fordel fixe. De forsvinder ikke, kun fra run, og her ligger de bare og sluger dine kræfter. Alle kan nås bagefter, via startprogrammer:

O4 - HKLM/../Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM/../Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM/../Run: [TkBellExe] C:/Program Files/Common Files/Real/Update_OB/realsched.exe -osboot
O4 - HKLM/../Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM/../Run: [QuickTime Task] “C:/Program Files/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [SunJavaUpdateSched] C:/Program Files/Java/j2re1.4.2_03/bin/jusched.exe

Genstart, ny log til tjek.

Nu har jeg igen gjort ovenstående og min log ser sådan ud:
(AccessibilityToolbar har jeg selv installeret og “:/WINNT/SOUNDMAN.EXE” + nogle af de andre programmer har jeg ikke pillet ved…)

Logfile of HijackThis v1.97.7
Scan saved at 12:42:06, on 05-04-2004
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:/WINNT/System32/smss.exe
C:/WINNT/system32/winlogon.exe
C:/WINNT/system32/services.exe
C:/WINNT/system32/lsass.exe
C:/WINNT/system32/svchost.exe
C:/WINNT/system32/svchost.exe
C:/WINNT/system32/spoolsv.exe
C:/Program Files/Common Files/Symantec Shared/ccEvtMgr.exe
C:/PROGRA~1/Iomega/System32/AppServices.exe
C:/WINNT/System32/mgabg.exe
C:/Program Files/Norton AntiVirus/navapsvc.exe
C:/Program Files/Norton AntiVirus/AdvTools/NPROTECT.EXE
C:/WINNT/system32/regsvc.exe
C:/WINNT/system32/MSTask.exe
C:/WINNT/System32/WBEM/WinMgmt.exe
C:/WINNT/system32/svchost.exe
C:/Program Files/Iomega/AutoDisk/ADService.exe
C:/WINNT/Explorer.EXE
C:/WINNT/System32/sistray.EXE
C:/WINNT/SOUNDMAN.EXE
C:/Program Files/Common Files/Symantec Shared/ccApp.exe
C:/WINNT/System32/PDesk/PDesk.exe
C:/Program Files/Logitech/MouseWare/system/em_exec.exe
C:/Program Files/Iomega/AutoDisk/ADUserMon.exe
C:/Program Files/Iomega/DriveIcons/ImgIcon.exe
C:/Program Files/Common Files/Real/Update_OB/realsched.exe
C:/Program Files/D-Tools/daemon.exe
C:/Program Files/Nokia/Nokia PC Suite 5/DataLayer.exe
C:/Program Files/Common Files/Nokia/NCLTools/NclTray.exe
C:/WINNT/Mixer.exe
C:/Program Files/HighCriteria/TotalRecorder/TotRecSched.exe
C:/Program Files/Adobe/Adobe Version Cue/ControlPanel/VersionCueTray.exe
C:/Program Files/Common Files/Nokia/Services/ServiceLayer.exe
C:/WINNT/system32/internat.exe
C:/Program Files/MSN Messenger/msnmsgr.exe
C:/Program Files/Microsoft ActiveSync/WCESCOMM.EXE
C:/Program Files/ICQ/ICQ.exe
C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Distillr/acrotray.exe
C:/Program Files/Maxtor MaxBoost/MaxBoost/PFDEnable.exe
C:/Documents and Settings/rasmus/Desktop/hijackthis.exe
C:/Program Files/Microsoft ActiveSync/WCESMgr.exe

R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://paritas/
N3 - Netscape 7: user_pref(“browser.startup.homepage”, “http://home.netscape.com/”); (C:/Documents and Settings/rasmus/Application Data/Mozilla/Profiles/default/35c63yoh.slt/prefs.js)
N3 - Netscape 7: user_pref(“browser.search.defaultengine”, “engine://C:\Program Files\Netscape\Netscape\searchplugins\SBWeb_01.src”); (C:/Documents and Settings/rasmus/Application Data/Mozilla/Profiles/default/35c63yoh.slt/prefs.js)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/PROGRA~1/SPYBOT~1/SDHelper.dll
O3 - Toolbar: &Radio; - {8E718888-423F-11D2-876E-00A0C9082467} - C:/WINNT/System32/msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Program Files/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: &Google; - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:/WINNT/Downloaded Program Files/googlenav.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Acrobat/AcroIEFavClient.dll
O3 - Toolbar: AccessibilityToolbar - {9E0C6AAD-A8E3-4E49-9DBD-786099B599A4} - C:/Program Files/AccessibilityToolbar Toolbar/AccessibilityToolbar.dll
O4 - HKLM/../Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM/../Run: [SiS Tray] C:/WINNT/System32/sistray.EXE
O4 - HKLM/../Run: [SiS KHooker] C:/WINNT/System32/khooker.exe
O4 - HKLM/../Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM/../Run: [ccApp] “C:/Program Files/Common Files/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Program Files/Common Files/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [Advanced Tools Check] C:/PROGRA~1/NORTON~1/AdvTools/ADVCHK.EXE
O4 - HKLM/../Run: [Matrox Powerdesk] C:/WINNT/System32/PDesk/PDesk.exe /Autolaunch
O4 - HKLM/../Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM/../Run: [ADUserMon] C:/Program Files/Iomega/AutoDisk/ADUserMon.exe
O4 - HKLM/../Run: [Iomega Drive Icons] C:/Program Files/Iomega/DriveIcons/ImgIcon.exe
O4 - HKLM/../Run: [Deskup] C:/Program Files/Iomega/DriveIcons/deskup.exe /IMGSTART
O4 - HKLM/../Run: [TkBellExe] C:/Program Files/Common Files/Real/Update_OB/realsched.exe -osboot
O4 - HKLM/../Run: [DAEMON Tools-1033] “C:/Program Files/D-Tools/daemon.exe”  -lang 1033
O4 - HKLM/../Run: [DataLayer] C:/Program Files/Nokia/Nokia PC Suite 5/DataLayer.exe
O4 - HKLM/../Run: [Nokia Tray Application] C:/Program Files/Common Files/Nokia/NCLTools/NclTray.exe
O4 - HKLM/../Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM/../Run: [TotalRecorderScheduler] C:/Program Files/HighCriteria/TotalRecorder/TotRecSched.exe
O4 - HKLM/../Run: [Mirabilis ICQ] C:/Program Files/ICQ/ICQNet.exe
O4 - HKLM/../Run: [AdobeVersionCue] C:/Program Files/Adobe/Adobe Version Cue/ControlPanel/VersionCueTray.exe
O4 - HKCU/../Run: [internat.exe] internat.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Program Files/MSN Messenger/msnmsgr.exe” /background
O4 - HKCU/../Run: [H/PC Connection Agent] “C:/Program Files/Microsoft ActiveSync/WCESCOMM.EXE”
O4 - HKCU/../RunOnce: [ICQ] C:/Program Files/ICQ/ICQ.exe -trayboot
O4 - Global Startup: Acrobat Assistant.lnk = C:/Program Files/Adobe/AdobeCS/Adobe Acrobat 6.0/Distillr/acrotray.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:/Program Files/Common Files/Adobe/Calibration/Adobe Gamma Loader.exe
O4 - Global Startup: MaxBoost.lnk = C:/Program Files/Maxtor MaxBoost/MaxBoost/PFDEnable.exe
O8 - Extra context menu item: &Google; Search - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links; - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed; Snapshot of Page - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmcache.html
O8 - Extra context menu item: Si&milar; Pages - res://C:/WINNT/Downloaded Program Files/googlenav.dll/cmsimilar.html
O9 - Extra ‘Tools’ menuitem: Sun Java Console (HKLM)
O9 - Extra button: Create Mobile Favorite (HKLM)
O9 - Extra ‘Tools’ menuitem: Create Mobile Favorite… (HKLM)
O9 - Extra button: ICQ Pro (HKLM)
O9 - Extra ‘Tools’ menuitem: ICQ (HKLM)
O9 - Extra button: Toggle AccessibilityToolbar toolbar (HKLM)
O9 - Extra ‘Tools’ menuitem: &AccessibilityToolbar; toolbar (HKLM)
O12 - Plugin for .UVR: C:/Program Files/Internet Explorer/Plugins/NPUPano.dll
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/da/big/1.1.62-big/GoogleNav.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37760.9908217593
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O17 - HKLM/System/CCS/Services/Tcpip/Parameters: Domain = paritasinteractive.dk
O17 - HKLM/System/CCS/Services/Tcpip/../{8AC2D57A-BE32-4136-BB71-F9D00D1EB345}: NameServer = 192.168.0.2
O17 - HKLM/System/CS1/Services/Tcpip/Parameters: Domain = paritasinteractive.dk
O17 - HKLM/System/CS2/Services/Tcpip/Parameters: Domain = paritasinteractive.dk

Hej igen

Din computer er helt ren nu.

Og så skal du også lige skjule dine filer og mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

For at sikre din pc fremover ville det være en god idé at bruge nogle af programmerne fra vores lille pakke som du kan se her:
http://www.spywarefri.dk/pakken.htm

Jeg tjekker pakken.
Rigtigt mange gange tak for hjælpen!

Velbekommen. Jeg låser tråden igen, skulle du få brug for os en anden gang, så opretter du bare et nyt spørgsmål.