Hent HijackThis og smid loggen herind, så fjerner vi det manuelt. http://www.zerosrealm.com[...]
--
/Armageddon - [email protected] http://www.mdegn.dk[...]

Logfile of HijackThis v1.98.0 Scan saved at 23:28:59, on 30-07-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedccSetMgr.exe C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE C:WINDOWSsystem32driversKodakCCS.exe C:ProgrammerFælles filerMicrosoft SharedVS7Debugmdm.exe C:ProgrammerNorton AntiVirus avapsvc.exe C:ProgrammerNorton AntiVirusAdvToolsNPROTECT.EXE C:WINDOWSSystem32 vsvc32.exe C:ProgrammerNorton AntiVirusSAVScan.exe C:WINDOWSSystem32ScsiAccess.EXE C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSExplorer.EXE C:ProgrammerMicrosoft HardwareMousepoint32.exe C:ProgrammerLogitechiTouchiTouch.exe C:ProgrammerFælles filerSymantec SharedccApp.exe D:ProgrammerD-Toolsdaemon.exe C:WINDOWSSystem32 undll32.exe C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSSystem32RUNDLL32.EXE D:ProgrammerPowerDVDPDVDServ.exe C:PROGRA~1FLLESF~1PCSuiteServicesSERVIC~1.EXE C:WINDOWSSystem32emswvs.exe C:ProgrammerMSN Messengermsnmsgr.exe D:ProgrammerAd-aware 6Ad-aware.exe d:ProgrammerWinRARWinRAR.exe C:DOCUME~1STEFAN~1LOKALE~1TempRar$EX00.828HijackThis.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.dk[...] R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe, O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:WINDOWS waintec.dll O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:ProgrammerSnagIt 7SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:ProgrammerSnagIt 7SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar2.dll O4 - HKLM..Run: [POINTER] point32.exe O4 - HKLM..Run: [zBrowser Launcher] C:ProgrammerLogitechiTouchiTouch.exe O4 - HKLM..Run: [ccApp] "C:ProgrammerFælles filerSymantec SharedccApp.exe" O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [DAEMON Tools-1033] "D:ProgrammerD-Toolsdaemon.exe" -lang 1033 -lock O4 - HKLM..Run: [Openwares LiveUpdate] C:Program FilesLiveUpdateLiveUpdate.exe O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [DataLayer] C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE O4 - HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [RemoteControl] d:ProgrammerPowerDVDPDVDServ.exe O4 - HKLM..Run: [mgglzgpv] C:WINDOWSSystem32emswvs.exe O4 - HKLM..Run: [Windows SA] C:Program FilesWindowsSAomniscient.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present O8 - Extra context menu item: &Google Search - res://c:programmergoogleGoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:programmergoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:programmergoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://c:programmergoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:programmergoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com[...] O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk[...] O16 - DPF: {41A22D90-5502-4C52-9FB7-67901FBBD515} - https://udstedelse.certifikat.tdc.dk[...] O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com[...] O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com[...] O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com[...] O16 - DPF: {71AEE1E3-1B65-41FA-BBD2-565CBD1359D8} - https://skinfakse.certifikat.dk[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} (Util Class) - https://idun.certifikat.tdc.dk[...] O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.bgbank.dk[...] O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.bgbank.dk[...] O16 - DPF: {F9408298-9658-482C-8B02-93F09A80225F} - https://udstedelse.certifikat.tdc.dk[...] O17 - HKLMSystemCCSServicesTcpip..{6D3DFA71-B99D-4C12-8AF0-EA3B6D73D953}: NameServer = 194.255.56.78,194.255.56.79
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

Hejsa, Der er et par småting som lige skal fixes. Start med at deaktivere systemgendannelse. Højreklik på "Denne Computer" på skrivebordet, vælg egenskaber og fanebladet "Systemgendannelse" og sæt flueben i "Deaktiver systemgendannelse". Klik ok og genstart. Kør en ny scanning med HJT og sæt flueben ved disse: R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe, O2 - BHO: twaintecObj Class - {000020DD-C72E-4113-AF77-DD56626C6C42} - C:WINDOWS waintec.dll O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe O4 - HKLM..Run: [mgglzgpv] C:WINDOWSSystem32emswvs.exe O4 - HKLM..Run: [Windows SA] C:Program FilesWindowsSAomniscient.exe O9 - Extra button: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O9 - Extra 'Tools' menuitem: Subscribe in Desktop Sidebar - {09FE188B-6E85-479e-9411-51FB2220DF80} - (no file) O17 - HKLMSystemCCSServicesTcpip..{6D3DFA71-B99D-4C12-8AF0-EA3B6D73D953}: NameServer = 194.255.56.78,194.255.56.79 Luk alle øvrige programvinduer så kun HJT er åben. Klik på ”Fix checked”. Luk programmet og genstart i fejlsikret tilstand (tryk F8 efter POST skærmen). Find og slet disse: C:\WINDOWS\System32\emswvs.exe C:\WINDOWS\twaintec.dll C:\Program Files\WindowsSA\ Genstart normalt. Kør en ny scanning med HJT og smid loggen herind til kontrol.
--
/Armageddon - [email protected] http://www.mdegn.dk[...]

Logfile of HijackThis v1.98.0 Scan saved at 00:09:50, on 31-07-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedccSetMgr.exe C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSSYSTEM32Userinit.exe C:WINDOWSExplorer.EXE C:ProgrammerMicrosoft HardwareMousepoint32.exe C:ProgrammerLogitechiTouchiTouch.exe C:ProgrammerFælles filerSymantec SharedccApp.exe D:ProgrammerD-Toolsdaemon.exe C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE C:WINDOWSSystem32 undll32.exe C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE C:ProgrammerMessenger Plus! 3MsgPlus.exe C:WINDOWSSystem32RUNDLL32.EXE D:ProgrammerPowerDVDPDVDServ.exe C:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE C:WINDOWSsystem32driversKodakCCS.exe C:PROGRA~1FLLESF~1PCSuiteServicesSERVIC~1.EXE C:ProgrammerFælles filerMicrosoft SharedVS7Debugmdm.exe C:ProgrammerNorton AntiVirus avapsvc.exe C:ProgrammerNorton AntiVirusAdvToolsNPROTECT.EXE C:WINDOWSSystem32 vsvc32.exe C:ProgrammerNorton AntiVirusSAVScan.exe C:WINDOWSSystem32ScsiAccess.EXE C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedCCPD-LCsymlcsvc.exe C:Documents and SettingsStefan R HaugeSkrivebordhjtHijackThis.exe C:ProgrammerMSN Messengermsnmsgr.exe C:WINDOWSSystem32imapi.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.dk[...] R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:WINDOWSSYSTEM32Userinit.exe, O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:ProgrammerSnagIt 7SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:ProgrammerSnagIt 7SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar2.dll O4 - HKLM..Run: [POINTER] point32.exe O4 - HKLM..Run: [zBrowser Launcher] C:ProgrammerLogitechiTouchiTouch.exe O4 - HKLM..Run: [ccApp] "C:ProgrammerFælles filerSymantec SharedccApp.exe" O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [DAEMON Tools-1033] "D:ProgrammerD-Toolsdaemon.exe" -lang 1033 -lock O4 - HKLM..Run: [Openwares LiveUpdate] C:Program FilesLiveUpdateLiveUpdate.exe O4 - HKLM..Run: [DataLayer] C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE O4 - HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [RemoteControl] d:ProgrammerPowerDVDPDVDServ.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present O8 - Extra context menu item: &Google Search - res://c:programmergoogleGoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:programmergoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:programmergoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://c:programmergoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:programmergoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com[...] O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk[...] O16 - DPF: {41A22D90-5502-4C52-9FB7-67901FBBD515} - https://udstedelse.certifikat.tdc.dk[...] O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com[...] O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com[...] O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com[...] O16 - DPF: {71AEE1E3-1B65-41FA-BBD2-565CBD1359D8} - https://skinfakse.certifikat.dk[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} (Util Class) - https://idun.certifikat.tdc.dk[...] O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.bgbank.dk[...] O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.bgbank.dk[...] O16 - DPF: {F9408298-9658-482C-8B02-93F09A80225F} - https://udstedelse.certifikat.tdc.dk[...]
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

Fix lige disse igen og smid en ny log herind: F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:WINDOWSSYSTEM32Userinit.exe,
--
/Armageddon - [email protected] http://www.mdegn.dk[...]

ok men hvad er der galt med dem?
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

og hvor kommer alt der lort fra, ja okay internettet :-) men syntes sgu ikke jeg har været nogen steder det skulle kunne være kommet ind
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

er der noget jeg kan gøre for at beskytte mig selv noget bedre
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

Der er ikke noget galt med dem, men de skal normalt ikke bruges. Du kan bruge disse programmer til at beskytte systemet: Ad-aware http://www.lavasoft.de[...] SpyBot S&D http://www.safer-networking.org[...] SpywareBlaster http://www.javacoolsoftware.com[...]
--
/Armageddon - [email protected] http://www.mdegn.dk[...]

Logfile of HijackThis v1.98.0 Scan saved at 01:09:01, on 31-07-2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:WINDOWSSystem32smss.exe C:WINDOWSsystem32winlogon.exe C:WINDOWSsystem32services.exe C:WINDOWSsystem32lsass.exe C:WINDOWSsystem32svchost.exe C:WINDOWSSystem32svchost.exe C:ProgrammerFælles filerSymantec SharedccSetMgr.exe C:ProgrammerFælles filerSymantec SharedccEvtMgr.exe C:WINDOWSsystem32spoolsv.exe C:PROGRA~1SymantecNORTON~1GHOSTS~2.EXE C:WINDOWSsystem32driversKodakCCS.exe C:ProgrammerFælles filerMicrosoft SharedVS7Debugmdm.exe C:ProgrammerNorton AntiVirus avapsvc.exe C:ProgrammerNorton AntiVirusAdvToolsNPROTECT.EXE C:WINDOWSSystem32 vsvc32.exe C:WINDOWSExplorer.EXE C:ProgrammerNorton AntiVirusSAVScan.exe C:ProgrammerMicrosoft HardwareMousepoint32.exe C:ProgrammerLogitechiTouchiTouch.exe C:ProgrammerFælles filerSymantec SharedccApp.exe C:WINDOWSSystem32ScsiAccess.EXE C:WINDOWSSystem32svchost.exe D:ProgrammerD-Toolsdaemon.exe C:ProgrammerFælles filerSymantec SharedCCPD-LCsymlcsvc.exe C:WINDOWSSystem32 undll32.exe C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE C:ProgrammerMessenger Plus! 3MsgPlus.exe C:PROGRA~1FLLESF~1PCSuiteServicesSERVIC~1.EXE D:ProgrammerPowerDVDPDVDServ.exe C:Documents and SettingsStefan R HaugeSkrivebordhjtHijackThis.exe C:ProgrammerMSN Messengermsnmsgr.exe R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.dk[...] R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Hyperlinks F0 - system.ini: Shell= F2 - REG:system.ini: UserInit=C:WINDOWSSYSTEM32Userinit.exe, O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - D:ProgrammerSnagIt 7SnagItBHO.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:ProgrammerAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:programmergooglegoogletoolbar2.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:ProgrammerNorton AntiVirusNavShExt.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - D:ProgrammerSnagIt 7SnagItIEAddin.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:programmergooglegoogletoolbar2.dll O4 - HKLM..Run: [POINTER] point32.exe O4 - HKLM..Run: [zBrowser Launcher] C:ProgrammerLogitechiTouchiTouch.exe O4 - HKLM..Run: [ccApp] "C:ProgrammerFælles filerSymantec SharedccApp.exe" O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup O4 - HKLM..Run: [nwiz] nwiz.exe /install O4 - HKLM..Run: [DAEMON Tools-1033] "D:ProgrammerD-Toolsdaemon.exe" -lang 1033 -lock O4 - HKLM..Run: [Openwares LiveUpdate] C:Program FilesLiveUpdateLiveUpdate.exe O4 - HKLM..Run: [DataLayer] C:PROGRA~1FLLESF~1PCSuiteDATALA~1DATALA~1.EXE O4 - HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE O4 - HKLM..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit O4 - HKLM..Run: [RemoteControl] d:ProgrammerPowerDVDPDVDServ.exe O4 - HKCU..Run: [MessengerPlus3] "C:ProgrammerMessenger Plus! 3MsgPlus.exe" /WinStart O4 - HKCU..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe O4 - HKCU..Run: [msnmsgr] "C:ProgrammerMSN Messengermsnmsgr.exe" /background O6 - HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present O8 - Extra context menu item: &Google Search - res://c:programmergoogleGoogleToolbar2.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://c:programmergoogleGoogleToolbar2.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://c:programmergoogleGoogleToolbar2.dll/cmcache.html O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://c:programmergoogleGoogleToolbar2.dll/cmsimilar.html O8 - Extra context menu item: Translate into English - res://c:programmergoogleGoogleToolbar2.dll/cmtrans.html O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com[...] O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com[...] O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - https://netbank.bgbank.dk[...] O16 - DPF: {41A22D90-5502-4C52-9FB7-67901FBBD515} - https://udstedelse.certifikat.tdc.dk[...] O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://www.ea.com[...] O16 - DPF: {6BEA1C48-1850-486C-8F58-C7354BA3165E} (Install Class) - http://updates.lifescapeinc.com[...] O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} - http://toolbar.google.com[...] O16 - DPF: {71AEE1E3-1B65-41FA-BBD2-565CBD1359D8} - https://skinfakse.certifikat.dk[...] O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com[...] O16 - DPF: {A590956F-AE99-4419-BB39-3C721276C625} (Util Class) - https://idun.certifikat.tdc.dk[...] O16 - DPF: {D3426292-3750-4D80-9D0F-2816F61A6D15} (SpeedTest Control) - http://81.19.245.211[...] O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey®) - https://netbank.bgbank.dk[...] O16 - DPF: {F6A56D95-A3A3-11D2-AC26-400000058481} (Danske e-Sec) - https://netbank.bgbank.dk[...] O16 - DPF: {F9408298-9658-482C-8B02-93F09A80225F} - https://udstedelse.certifikat.tdc.dk[...] O17 - HKLMSystemCCSServicesTcpip..{6D3DFA71-B99D-4C12-8AF0-EA3B6D73D953}: NameServer = 194.255.56.78,194.255.56.79
--
Jeg repræsenterer mig selv ved dette svar og ikke TDC.

Hvis du er færdig med at rense systemet så husk at aktivere systemgendannelse igen.
--
/Armageddon - [email protected] http://www.mdegn.dk[...]