Du kan lige starte med og fjerne MessengerPlus3 i tilføj/fjern programmer. Det er en af de veje hvor snavset kommer ind.

Siger bare lige det her for at hjælpe, da teamet har nok og lave [:D]

Ja, og efter MessengerPlus er fjernet, genstarter du og kommer med en ny log.

Hej Igen.

Først og fremmest tak for det hurtige svar. Nu er Messenger 3 plus fjernet, computeren genstartet og hijack this har fået lov til at scanne compteren og her er hvad den har fundet.

Mvh.

Steffen

Logfile of HijackThis v1.98.2
Scan saved at 22:40:59, on 07-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/System32/Ati2evxx.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/S24EvMon.exe
C:/WINDOWS/system32/ZCfgSvc.exe
C:/WINDOWS/Explorer.EXE
C:/WINDOWS/system32/spoolsv.exe
C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/Programmer/D-Tools/daemon.exe
C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
C:/Programmer/QuickTime/qttask.exe
C:/Programmer/iTunes/iTunesHelper.exe
C:/Programmer/SlySoft/AnyDVD/AnyDVD.exe
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/Programmer/Fælles filer/Microsoft Shared/VS7Debug/mdm.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton Internet Security/NISUM.EXE
C:/Programmer/Internet Explorer/iexplore.exe
C:/WINDOWS/System32/RegSrvc.exe
c:/progra~1/intern~1/iexplore.exe
C:/Programmer/Analog Devices/SoundMAX/SMAgent.exe
C:/WINDOWS/System32/svchost.exe
C:/Programmer/WinZip/WZQKPICK.EXE
C:/WINDOWS/System32/WLTRYSVC.EXE
C:/WINDOWS/System32/bcmwltry.exe
C:/Programmer/Fælles filer/Symantec Shared/Security Center/SymWSC.exe
C:/Programmer/Norton Internet Security/ccPxySvc.exe
C:/Programmer/iPod/bin/iPodService.exe
C:/WINDOWS/system32/wuauclt.exe
C:/Documents and Settings/Steffen Bach/Skrivebord/Hijack this/hijackthis.exe
C:/Programmer/Messenger/msmsgs.exe

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://www.wlohngkykoskuyvjdi.net/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETOX/Y78hWy/2NO9YpcHx8QB.html
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.google.dk/
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Programmer/Spybot - Search & Destroy/SDHelper.dll
O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O2 - BHO: (no name) - {E8A0FDAE-B7A4-A079-3290-053E3D3000AD} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
O4 - HKLM/../Run: [PRONoMgr.exe] C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
O4 - HKLM/../Run: [Cpqset] C:/Programmer/HPQ/Default Settings/cpqset.exe
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/system32/NeroCheck.exe
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Programmer/Fælles filer/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [DAEMON Tools-1033] “C:/Programmer/D-Tools/daemon.exe”  -lang 1033
O4 - HKLM/../Run: [EM_EXEC] C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [iTunesHelper] C:/Programmer/iTunes/iTunesHelper.exe
O4 - HKLM/../Run: [AnyDVD] C:/Programmer/SlySoft/AnyDVD/AnyDVD.exe
O4 - HKLM/../Run: [Symantec NetDriver Monitor] C:/PROGRA~1/SYMNET~1/SNDMon.exe
O4 - HKLM/../Run: [Extrabyteloudname] C:/Documents and Settings/All Users/Application Data/kind way extra byte/Copy Move.exe
O4 - HKLM/../Run: [Creative Defy Inside Mfcd] C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/encseek.exe
O4 - HKCU/../Run: [Deaf Ball] C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:/Programmer/WinZip/WZQKPICK.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099747965651
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.bang-olufsen.com/InstallObjs/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab

1. For at kunne se alle filer:

Åbn en mappe, klik på Funktioner=>Mappeindstillinger=>Vis.
Fjern flueben ved “Skjul beskyttede operativsystemfiler”.
Fjern flueben ved “Skjul filtypenavne for kendte filtyper”.
Sæt prik i “Vis skjulte filer og mapper”.

2. Kør HijackThis, scan og sæt et flueben ud for følgende linier - luk øvrige programvinduer - klik “Fix checked”:

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://www.wlohngkykoskuyvjdi.net/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETOX/Y78hWy/2NO9YpcHx8QB.html
O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O2 - BHO: (no name) - {E8A0FDAE-B7A4-A079-3290-053E3D3000AD} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O4 - HKLM/../Run: [Extrabyteloudname] C:/Documents and Settings/All Users/Application Data/kind way extra byte/Copy Move.exe
O4 - HKLM/../Run: [Creative Defy Inside Mfcd] C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/encseek.exe
O4 - HKCU/../Run: [Deaf Ball] C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe
O4 - Startup: PowerReg Scheduler.exe

3. Dernæst genstart i Fejlsikret tilstand (ved at taste F8 under opstart).

4. Find og slet

C:/DOCUMENTS AND SETTINGS/STEFFE~1/APPLICATION DATA/SUPPOR~1 <<—hele mappen
C:/DOCUMENTS AND SETTINGS/STEFFE~1/APPLICATION DATA/INSIDE~1 <<—hele mappen
C:/Documents and Settings/All Users/Application Data/kind way extra byte/ <<—hele mappen
C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/ <<—hele mappen

5. Gå herefter i Start -> Programmer -> Tilbehør -> Systemværktøjer -> Diskoprydning og slet temp-filer, temporary internet files og papirkurv.

Genstart i Normal tilstand, kør HijackThis, scan og læg en frisk log herind.

Hej Spywarefri.

Så har jeg kørt jeres “how to do” igennem men var dog ikke i stand til at finde og slette disse to mapper.

C:/DOCUMENTS AND SETTINGS/STEFFE~1/APPLICATION DATA/SUPPOR~1 <<—hele mappen
C:/DOCUMENTS AND SETTINGS/STEFFE~1/APPLICATION DATA/INSIDE~1 <<—hele mappen

Jeg valgte at fortsætte og kører hele listen igennem og her er så Hijack this loggen.

Mvh.

Steffen

Logfile of HijackThis v1.98.2
Scan saved at 10:21:55, on 08-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/System32/Ati2evxx.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/S24EvMon.exe
C:/WINDOWS/system32/ZCfgSvc.exe
C:/WINDOWS/Explorer.EXE
C:/WINDOWS/system32/spoolsv.exe
C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
C:/Programmer/QuickTime/qttask.exe
C:/Programmer/iTunes/iTunesHelper.exe
C:/Programmer/MSN Messenger/msnmsgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/Programmer/WinZip/WZQKPICK.EXE
C:/Programmer/Fælles filer/Microsoft Shared/VS7Debug/mdm.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton Internet Security/NISUM.EXE
C:/WINDOWS/System32/RegSrvc.exe
C:/Programmer/Analog Devices/SoundMAX/SMAgent.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/WLTRYSVC.EXE
C:/WINDOWS/System32/bcmwltry.exe
C:/Programmer/Norton Internet Security/ccPxySvc.exe
C:/Programmer/Fælles filer/Symantec Shared/Security Center/SymWSC.exe
C:/Programmer/Messenger/msmsgs.exe
C:/Programmer/iPod/bin/iPodService.exe
C:/Documents and Settings/Steffen Bach/Skrivebord/Hijack this/hijackthis.exe

R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.google.dk/
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Programmer/Spybot - Search & Destroy/SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
O4 - HKLM/../Run: [PRONoMgr.exe] C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
O4 - HKLM/../Run: [Cpqset] C:/Programmer/HPQ/Default Settings/cpqset.exe
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/system32/NeroCheck.exe
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Programmer/Fælles filer/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [EM_EXEC] C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [Symantec NetDriver Monitor] C:/PROGRA~1/SYMNET~1/SNDMon.exe
O4 - HKLM/../Run: [iTunesHelper] C:/Programmer/iTunes/iTunesHelper.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Programmer/MSN Messenger/msnmsgr.exe” /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:/Programmer/WinZip/WZQKPICK.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099747965651
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.bang-olufsen.com/InstallObjs/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab

Hej steffen

De “døde” i knaldet/fixet;)
For de er ikke loggen mere

Hvordan går det med -Swizzor.br.?

Hej Igen.

Desværre virker det til at Swissor.br består og lever i bedste velgående på min computer. Jeg har kørt Ad-aware SE igennem og der dukker swissor.br op. Jeg unlod at slette den men kørte Hijack This igennem igen og vedlægger logfilen her.

Som en tillægs ting er der begyndt at dukke en ekstra toolbar op i toppen samt i bunden af min Internet Explorer, som jeg ikke kan få lov til at fjerne. Desuden dukker der ikoner op for disse toolbars på skrivebordet. Er det noget i kan hjælpe mig med også.

Mvh.

Steffen

Logfile of HijackThis v1.98.2
Scan saved at 12:01:29, on 08-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/System32/Ati2evxx.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/S24EvMon.exe
C:/WINDOWS/system32/ZCfgSvc.exe
C:/WINDOWS/system32/spoolsv.exe
C:/WINDOWS/Explorer.EXE
C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
C:/Programmer/QuickTime/qttask.exe
C:/Programmer/iTunes/iTunesHelper.exe
C:/Programmer/MSN Messenger/msnmsgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/Programmer/Fælles filer/Microsoft Shared/VS7Debug/mdm.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton Internet Security/NISUM.EXE
C:/Programmer/WinZip/WZQKPICK.EXE
C:/WINDOWS/System32/RegSrvc.exe
C:/Programmer/Analog Devices/SoundMAX/SMAgent.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/WLTRYSVC.EXE
C:/WINDOWS/System32/bcmwltry.exe
C:/Programmer/Norton Internet Security/ccPxySvc.exe
C:/Programmer/Fælles filer/Symantec Shared/Security Center/SymWSC.exe
C:/Programmer/iPod/bin/iPodService.exe
C:/Programmer/Internet Explorer/iexplore.exe
C:/WINDOWS/system32/wuauclt.exe
c:/progra~1/intern~1/iexplore.exe
C:/Programmer/Messenger/msmsgs.exe
C:/Documents and Settings/Steffen Bach/Skrivebord/Hijack this/hijackthis.exe

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://www.rtrbsnkokjfpkdjxrddiely.com/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETMnTFIiZAAdZ9O9YpcHx8QB.php
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.google.dk/
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: IE Privacy Keeper - Last IE Window Detector - {1201333E-BAD9-481C-BCF5-6904498CF85B} - C:/Programmer/UnH Solutions/IE Privacy Keeper/IEPKbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Programmer/Spybot - Search & Destroy/SDHelper.dll
O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
O4 - HKLM/../Run: [PRONoMgr.exe] C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
O4 - HKLM/../Run: [Cpqset] C:/Programmer/HPQ/Default Settings/cpqset.exe
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/system32/NeroCheck.exe
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Programmer/Fælles filer/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [EM_EXEC] C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [Symantec NetDriver Monitor] C:/PROGRA~1/SYMNET~1/SNDMon.exe
O4 - HKLM/../Run: [iTunesHelper] C:/Programmer/iTunes/iTunesHelper.exe
O4 - HKLM/../Run: [Creative Defy Inside Mfcd] C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/logo bait.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Programmer/MSN Messenger/msnmsgr.exe” /background
O4 - HKCU/../Run: [Deaf Ball] C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:/Programmer/WinZip/WZQKPICK.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099747965651
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.bang-olufsen.com/InstallObjs/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab

Hejsa Steffen du skal lige fixe disse:

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://www.rtrbsnkokjfpkdjxrddiely.com/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETMnTFIiZAAdZ9O9YpcHx8QB.php
O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O4 - HKCU/../Run: [Deaf Ball] C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe

Disse programmer skal slettes i fejlsikret tilstand. Du genstarter og trykker F8 når Windows starter op.

Søg efter disse filer og mapper markeret med fed:

C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe

Hent denne scanner:
http://www.fbeej.dk/programmer/sysclean238.exe
Du siger ok til at hente den.
Når den er hentet, spørger den til om den må udpakke programmet til C:/Sysclean. Det siger du ja til.
Så kommer der et vindue op med ”forsiden” af programmet. Tryk på scan.

Derefter genstarter du og sender en ny log ind til check

Hej.

Så har jeg kørt ovenstående instruktion igennem og her er så Hijack this loggen. Det ser for mine utrænet øjne ud til at de filer som jeg efterhånden har slettet en del gange bliver ved med at dukke op.

Glæder mig til at høre jeres forslag.

Mvh.

Steffen

Logfile of HijackThis v1.98.2
Scan saved at 14:34:32, on 08-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/System32/Ati2evxx.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/S24EvMon.exe
C:/WINDOWS/system32/ZCfgSvc.exe
C:/WINDOWS/Explorer.EXE
C:/WINDOWS/system32/spoolsv.exe
C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
C:/Programmer/QuickTime/qttask.exe
C:/Programmer/iTunes/iTunesHelper.exe
C:/Programmer/MSN Messenger/msnmsgr.exe
c:/progra~1/intern~1/iexplore.exe
C:/Programmer/Internet Explorer/iexplore.exe
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/Programmer/Fælles filer/Microsoft Shared/VS7Debug/mdm.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton Internet Security/NISUM.EXE
C:/Programmer/WinZip/WZQKPICK.EXE
C:/WINDOWS/System32/RegSrvc.exe
C:/Programmer/Analog Devices/SoundMAX/SMAgent.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/WLTRYSVC.EXE
C:/WINDOWS/System32/bcmwltry.exe
C:/Programmer/Norton Internet Security/ccPxySvc.exe
C:/Programmer/Fælles filer/Symantec Shared/Security Center/SymWSC.exe
C:/Programmer/Messenger/msmsgs.exe
C:/Programmer/iPod/bin/iPodService.exe
C:/Documents and Settings/Steffen Bach/Skrivebord/Hijack this/hijackthis.exe

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://savssletcnplfg.net/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETN6hQcxVQQJ3dO9YpcHx8QB.htm
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.ugygpgsqkvlnoxmltvve.com/btkActNA72e2__UCud7nHag7RQOeqtXiqbMD8mh_XpU.html
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: IE Privacy Keeper - Last IE Window Detector - {1201333E-BAD9-481C-BCF5-6904498CF85B} - C:/Programmer/UnH Solutions/IE Privacy Keeper/IEPKbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Programmer/Spybot - Search & Destroy/SDHelper.dll
O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
O4 - HKLM/../Run: [PRONoMgr.exe] C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
O4 - HKLM/../Run: [Cpqset] C:/Programmer/HPQ/Default Settings/cpqset.exe
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/system32/NeroCheck.exe
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Programmer/Fælles filer/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [EM_EXEC] C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [Symantec NetDriver Monitor] C:/PROGRA~1/SYMNET~1/SNDMon.exe
O4 - HKLM/../Run: [iTunesHelper] C:/Programmer/iTunes/iTunesHelper.exe
O4 - HKLM/../Run: [Creative Defy Inside Mfcd] C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/mix close.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Programmer/MSN Messenger/msnmsgr.exe” /background
O4 - HKCU/../Run: [Deaf Ball] C:/DOCUME~1/STEFFE~1/APPLIC~1/INSIDE~1/site help internet.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:/Programmer/WinZip/WZQKPICK.EXE
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099747965651
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.bang-olufsen.com/InstallObjs/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab

Hej steffen

Kør en ny scanning med hijackthis og fix disse herunder:

R1 - HKCU/Software/Microsoft/Internet Explorer/Main,Search Bar = http://savssletcnplfg.net/btkActNA72fLxFc6mnQFhZwFkgAVFrX6R_ATIFwDETN6hQcxVQQJ3dO9YpcHx8QB.htm
R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.ugygpgsqkvlnoxmltvve.com/btkActNA72e2__UCud7nHag7RQOeqtXiqbMD8mh_XpU.html

De to herover kan være vanskelige. Fix genstart, fix genstart, bliv ved til de er helt væk.

O2 - BHO: (no name) - {B3630808-2A7A-A421-64A9-1ED8F9E59861} - C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe
O8 - Extra context menu item: E&ksporter; til Microsoft Excel - res://C:/PROGRA~1/MICROS~2/Office10/EXCEL.EXE/3000

Prøv så lige fra fejsikret tilstand, og se om der er en rest her, hvis så slet den fil med fed:

C:/DOCUME~1/STEFFE~1/APPLIC~1/SUPPOR~1/Media 64.exe

Genstart, og så må vi jo desværre nok lige bede om en ny log igen.

Så prøver vi igen.

Jeg har løbet det ovenstående igennem og her er så hvad Hijack this har fundet af gode ting og sager.

Mvh.

Steffen

Logfile of HijackThis v1.98.2
Scan saved at 16:53:58, on 08-11-2004
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:/WINDOWS/System32/smss.exe
C:/WINDOWS/system32/winlogon.exe
C:/WINDOWS/system32/services.exe
C:/WINDOWS/system32/lsass.exe
C:/WINDOWS/System32/Ati2evxx.exe
C:/WINDOWS/system32/svchost.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/S24EvMon.exe
C:/WINDOWS/system32/ZCfgSvc.exe
C:/WINDOWS/system32/spoolsv.exe
C:/WINDOWS/Explorer.EXE
C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe
C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
C:/Programmer/QuickTime/qttask.exe
C:/Programmer/iTunes/iTunesHelper.exe
C:/Programmer/MSN Messenger/msnmsgr.exe
C:/Programmer/Internet Explorer/iexplore.exe
C:/Programmer/WinZip/WZQKPICK.EXE
C:/Programmer/Fælles filer/Symantec Shared/ccEvtMgr.exe
C:/Programmer/Fælles filer/Microsoft Shared/VS7Debug/mdm.exe
C:/Programmer/Norton AntiVirus/navapsvc.exe
C:/Programmer/Norton Internet Security/NISUM.EXE
C:/WINDOWS/System32/RegSrvc.exe
C:/Programmer/Analog Devices/SoundMAX/SMAgent.exe
C:/WINDOWS/System32/svchost.exe
C:/WINDOWS/System32/WLTRYSVC.EXE
C:/WINDOWS/System32/bcmwltry.exe
C:/Programmer/Fælles filer/Symantec Shared/Security Center/SymWSC.exe
C:/Programmer/Norton Internet Security/ccPxySvc.exe
C:/Programmer/iPod/bin/iPodService.exe
C:/WINDOWS/system32/wuauclt.exe
C:/Documents and Settings/Steffen Bach/Skrivebord/Hijack this/hijackthis.exe
C:/Programmer/Messenger/msmsgs.exe

R0 - HKCU/Software/Microsoft/Internet Explorer/Main,Start Page = http://www.google.dk/
R0 - HKCU/Software/Microsoft/Internet Explorer/Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:/Programmer/Adobe/Acrobat 6.0/Reader/ActiveX/AcroIEHelper.dll
O2 - BHO: IE Privacy Keeper - Last IE Window Detector - {1201333E-BAD9-481C-BCF5-6904498CF85B} - C:/Programmer/UnH Solutions/IE Privacy Keeper/IEPKbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:/Programmer/Spybot - Search & Destroy/SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:/Programmer/Norton AntiVirus/NavShExt.dll
O4 - HKLM/../Run: [ATIPTA] C:/Programmer/ATI Technologies/ATI Control Panel/atiptaxx.exe
O4 - HKLM/../Run: [PRONoMgr.exe] C:/Programmer/Intel/NCS/PROSet/PRONoMgr.exe
O4 - HKLM/../Run: [Cpqset] C:/Programmer/HPQ/Default Settings/cpqset.exe
O4 - HKLM/../Run: [NeroCheck] C:/WINDOWS/system32/NeroCheck.exe
O4 - HKLM/../Run: [ccApp] “C:/Programmer/Fælles filer/Symantec Shared/ccApp.exe”
O4 - HKLM/../Run: [ccRegVfy] “C:/Programmer/Fælles filer/Symantec Shared/ccRegVfy.exe”
O4 - HKLM/../Run: [EM_EXEC] C:/PROGRA~1/Logitech/MOUSEW~1/SYSTEM/EM_EXEC.EXE
O4 - HKLM/../Run: [QuickTime Task] “C:/Programmer/QuickTime/qttask.exe” -atboottime
O4 - HKLM/../Run: [Symantec NetDriver Monitor] C:/PROGRA~1/SYMNET~1/SNDMon.exe
O4 - HKLM/../Run: [iTunesHelper] C:/Programmer/iTunes/iTunesHelper.exe
O4 - HKLM/../Run: [Creative Defy Inside Mfcd] C:/Documents and Settings/All Users/Application Data/Dart Phone Creative Defy/mix close.exe
O4 - HKCU/../Run: [msnmsgr] “C:/Programmer/MSN Messenger/msnmsgr.exe” /background
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:/Programmer/Microsoft Office/Office10/OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:/Programmer/WinZip/WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:/WINDOWS/System32/msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:/Programmer/Messenger/msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1099747965651
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {90C9629E-CD32-11D3-BBFB-00105A1F0D68} (InstallShield International Setup Player) - http://www.bang-olufsen.com/InstallObjs/isetup.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.bgbank.dk/html/activex/e-Safekey/BG/e-Safekey.cab

Hej Steffen

Det ser jo godt ud. Din log er endelig ren. Kan du mærke at din maskine har fået det godt nu.?

Efter sådan en tur er det altid en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.

Derefter skal du have renset browser cachen

1. Klik på Funktioner - Internetindstillinger

2. Under midlertidige filer, klik på Slet cookies

3. Under midlertidige filer, klik på slet filer – sæt flueben i slet alt offline indhold

4. Under Oversigten, klik på ryd oversigten

5. Klik på ok.

Tøm din papirkurv.

Lidt råd med på vejen herfra skal du da også have.
For at sikre din pc fremover ville det være en god idé at bruge nogle af programmerne fra vores lille pakke som du kan se her:
http://www.spywarefri.dk/pakken.htm

Især vil jeg anbefale Spybot/og eller Ad-aware, SpywareBlaster, IE Privacy Keeper/el. EmtyTempFolder, IE-Spyad og SpywareGuard som minimum. De er alle gratis, fylder ikke meget, sløver ikke din pc og konflikter ikke med dine andre programmer

Ønsker du ikke mange små prg. så kan du i stedet købe et prg. som Spy Sweeper. Den ligger også i pakken, hvor du kan læse lidt mere. Der ligger også et link til dansk manual. Jeg kan varmt anbefale dette prg. Installer og så gerne SpywareBlaster som vil stå godt til Spy Sweeper.

Og så skal du også lige skjule dine filer og mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Hej Spywarefri.

Ja, så ser det sørme ud til at jeg er sluppet af med swizzor.br, dog er der skår i glæden. For selvom jeg er sluppet af med swizzor.br, siger spybot at jeg har 5 filer under kategorien DSO Exploit, med venlig hilsen fra Bill Gates. Jeg synes at jeg har prøvet alt for at slippe af med dem og de to toolbars der bliver ved med at dukke op når jeg åbner for Internet Explorer. Men efter at havde bedt spybot om at afhjælpe problemet og har genstartet, ligger de der stadigt. Jeg har endda prøvet at deaktivere systemgendannelse, slette de 5 filer vha. spybot, genstarte, aktiverer systemgendannelse. Men ligelidt hjælper det, de er der stadigt sammen med de to toolbars i Explorer.

Håber at I har en ide til at slippe af men DSO exploite og mine to toolbars.

Mvh.

Steffen

Hej Steffen

Den DSO exploite er en bug i programmet. Du kan læse om det her:
http://www.fbeej.dk/spybot_melder_om_dso_exploit.htm

Dejligt at høre du slap fri for swizzor.br.

Hej igen.

Så er DSO exploite problement løst. Så nu vil jeg høre om du har noget kendskab til en Toolbar der starter op sammen med Internet Explorer. Det er ikke muligt at fravælge den eller deaktiverer den, på nogen måde.

En kort beskrivelse af toolbar’en: Den indeholder 6 pre-defineret knapper hvor man kan vælge imellem make money, music, casino, investing, travel og montgage. Derudover er der 6 dropdown menuer samt en search funktion. Når search funktionen benyttes kommer internet explorer med en advarelse om at sende oplysninger fra klassificerede websteder vil andre kunne se disse plysninger.

Er det noget Du/I er bekendt med og kan hjælpe mig af med.

Mvh.

Steffen