Min virus er gået "baglås" (kan ikke åbne nogle programmmer osv.)

Download denne fil:
http://www.kellys-korner-xp.com/regs_edits/exefix.reg
Dobbeltklik på filen og svar ja til at "merge" filen i registreringsdatabasen.
Genstart og se om der er nogle ændringer i dit problem.

Det vil jeg prøve, hvis den altså opfatter at den har fået plugget en mp3afspiller i røven til formålet ;)

EDIT:

Overskriften skulle selvfølgelig være:

Min computer er gået "baglås" (kan ikke åbne nogle programmmer osv.) ;)

Det ændrer unægtelig tingene en hel del.*S*
Du kan prøve en Repair, hvis det er XP eller Win2000.
Der er en glimrende vejledning her:
http://hcma.dk/tips1to10.htm#no4

Det virker :D! Stort fromsej. Du er hermed udnævnt som dagens mand i skysovs!

Hvordan kan jeg beskytte mig mod sådan en fejl her? Og hvorfor er fejlen opstået?

Du skal have ordentlig beskyttelse mof virus og diverse andet.
Men det kan være en fejl, der af uransagelige årsager er opstået.
Windows er, uanset hvad William Havelåge påstår, ikke h e l t ufejlbarligt.

Det kan have været virus, men det kan vi måske se, hvis du følger vejledningen i denne artikel:
http://www.eksperten.dk/artikler/755

*SUK* Mof = mod.
Linket glemte jeg så også, godt plejehjemmet snart sender os i seng.
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Hehe. Skal du ikke have dine point :)? Og der må snart fixes en opdatering af forumet, så men fx kan editere sine posts.

Point, jo men jeg vil gerne lige tjekke om det er en virus der er årsagen først.*S*

Jeg vil lige prøve at følge guiden (http://www.eksperten.dk/artikler/755) og så vender jeg tilbage med et resultat.

Så er jeg kommet igennem det hele.

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on:            22:58:48, 14-04-2006
+ Report-Checksum:        C5F53D2B

+ Scan result:

    :mozilla.6:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.7:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.8:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.38:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.39:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.40:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.41:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.42:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.64:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
    :mozilla.93:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.95:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.96:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.114:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.115:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.116:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.117:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.118:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.119:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.125:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.126:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.127:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.128:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.129:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.130:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.131:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.133:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.134:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.135:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.136:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.137:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.138:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.139:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.140:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.141:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.142:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.143:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.144:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.145:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.152:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.153:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.154:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.155:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.159:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.160:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.161:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.162:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.171:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.174:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
    :mozilla.221:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.222:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.223:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.224:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.225:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.228:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.229:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.230:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.231:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.232:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.233:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.234:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.235:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.236:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.239:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.254:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.255:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.256:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.257:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.258:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.265:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
    :mozilla.299:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
    :mozilla.324:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.383:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.387:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.388:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.437:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.443:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.444:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
    :mozilla.456:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.457:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.458:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.459:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.460:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.471:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.475:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.477:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.487:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.496:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.510:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
    :mozilla.519:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.521:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
    :mozilla.522:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
    :mozilla.523:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Starware : Cleaned with backup
    :mozilla.563:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.604:C:\Documents and Settings\Administrator\Application Data\Mozilla\Firefox\Profiles\7fw47405.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup
    C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup


::Report End

Logfile of HijackThis v1.99.1
Scan saved at 23:00:02, on 14-04-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version! (Jeg bruger en skrællet version af Win XP - i dette tilfælde er IE fjernet)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
E:\Appz\ewido anti-malware\SecuritySuite.exe
C:\WINDOWS\system32\NOTEPAD.EXE
E:\Appz\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Appz\Adobe\Reader 7.0.7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] E:\Appz\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WinampAgent] "E:\Appz\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Appz\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PowerStrip] e:\appz\power strip\pstrip.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: Sitecom WL-022 Wireless LAN Utility.lnk = ?
O4 - Global Startup: system.vbs
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\Appz\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Appz\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - E:\Appz\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Appz\ewido anti-malware\ewidoguard.exe
O23 - Service: MSCoolServ - Unknown owner - C:\WINDOWS\system32\mscolsrv.exe" -service (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

Noget er der i den.

Hent og installer denne scanner:
http://www.superantispyware.com/downloads/SUPERAntiSpyware1241.exe

Start programmet, klik på Check for updates, når det er opdateret, luk programmet og genstart i fejlsikret.

Start programmet, klik på Scan your Computer, sæt flueben i de drev der skal scannes.
(Fixed disk betyder harddisk)
Flyt prikken til Perform complete scan og klik på Næste, så kører scanningen.

Når den er færdig kommer der et vindue med en opsummering, klik på OK, klik så på næste og så på Udfør.

Der kommer et vindue med Quarantine and removal Complete, klik på OK, klik på Udfør.
Luk programmet, genstart normalt.

Start programmet igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, den åbner i notesblok, kopier resultatet herind.

Vi skal også se en frisk hijackthislog.

SUPERAntiSpyware Scan Log
Generated 04/15/2006 at 00:00 AM

Core Rules Database Version : 2874
Trace Rules Database Version: 1032

Memory threats detected  : 0
Registry threats detected : 3
File threats detected    : 9

Remote Administrator
    HKLM\System\ControlSet001\Services\r_server
    C:\WINDOWS\system32\r_server.exe
    HKLM\System\ControlSet002\Services\r_server
    HKLM\System\CurrentControlSet\Services\r_server
    C:\Documents and Settings\All Users\Start Menu\Programs\Remote Administrator v2.2\Settings for Remote Administrator server.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Remote Administrator v2.2\Start Remote Administrator server.lnk
    C:\Documents and Settings\All Users\Start Menu\Programs\Remote Administrator v2.2\Stop Remote Administrator server.lnk
    E:\Appz\Radmin\r_server.exe

Adware.Tracking Cookie
    C:\Documents and Settings\Administrator\Cookies\administrator@atdmt[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@cgi-bin[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@advertising[2].txt
    C:\Documents and Settings\Administrator\Cookies\administrator@stats2[1].txt




Logfile of HijackThis v1.99.1
Scan saved at 00:05:02, on 15-04-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Appz\ewido anti-malware\ewidoctrl.exe
E:\Appz\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\r_server.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\loadqm.exe
E:\Appz\Gmail Notifier\gnotify.exe
E:\Appz\Winamp\Winampa.exe
E:\Appz\DAEMON Tools\daemon.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
E:\appz\power strip\pstrip.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
E:\Appz\SUPERAntiSpyware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\Sitecom WL-022 Wireless LAN Utility\WLANUTL.exe
E:\Appz\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Appz\Adobe\Reader 7.0.7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] E:\Appz\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WinampAgent] "E:\Appz\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Appz\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PowerStrip] e:\appz\power strip\pstrip.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Appz\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: Sitecom WL-022 Wireless LAN Utility.lnk = ?
O4 - Global Startup: system.vbs
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\Appz\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Appz\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: SASWinLogon - E:\Appz\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - E:\Appz\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Appz\ewido anti-malware\ewidoguard.exe
O23 - Service: MSCoolServ - Unknown owner - C:\WINDOWS\system32\mscolsrv.exe" -service (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

Hent CWShredder her:
http://danborg.org/spy/CWS/cwshredder.exe
Placer det i en mappe for sig selv.
Kør CWShredder, afbryd din internetforbindelse fysisk(stikket ud), deaktiver ALLE sikkerhedsprogrammer, luk alle vinduer undtaget cwshredder, klik på Fix, den scanner nu, når den er færdig klik på Next, klik på Exit.
---------------------------------------
Kør Hijackthis, scan, sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked, genstart.

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R3 - Default URLSearchHook is missing
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - Global Startup: system.vbs
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:

---------------------------------------
Kom med en frisk Hijackthislog.
Husk at genaktivere dine sikkerhedsprogrammer.

Du skal lige bemærke at Remote Admin er blevet fjernet.

Det vil jeg påbegynde. Jeg har været til glatbanekursus i dag, så derfor er jeg først kommet online nu ;)

Logfile of HijackThis v1.99.1
Scan saved at 18:27:41, on 15-04-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Appz\ewido anti-malware\ewidoctrl.exe
E:\Appz\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\r_server.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\loadqm.exe
E:\Appz\Gmail Notifier\gnotify.exe
E:\Appz\Winamp\Winampa.exe
E:\Appz\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
E:\appz\power strip\pstrip.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
E:\Appz\SUPERAntiSpyware.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\Sitecom WL-022 Wireless LAN Utility\WLANUTL.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Appz\Adobe\Reader 7.0.7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] E:\Appz\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WinampAgent] "E:\Appz\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Appz\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PowerStrip] e:\appz\power strip\pstrip.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Appz\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: Sitecom WL-022 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\Appz\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Appz\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: SASWinLogon - E:\Appz\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - E:\Appz\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Appz\ewido anti-malware\ewidoguard.exe
O23 - Service: MSCoolServ - Unknown owner - C:\WINDOWS\system32\mscolsrv.exe" -service (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

Prøvede lige at slette de ovenstående filer i fejlsikret tilstand. Ved ikke om det har givet et andet resultat.

Logfile of HijackThis v1.99.1
Scan saved at 18:36:28, on 15-04-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
E:\Appz\ewido anti-malware\ewidoctrl.exe
E:\Appz\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\r_server.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\loadqm.exe
E:\Appz\Gmail Notifier\gnotify.exe
E:\Appz\Winamp\Winampa.exe
E:\Appz\DAEMON Tools\daemon.exe
C:\WINDOWS\system32\devldr32.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
E:\appz\power strip\pstrip.exe
E:\Appz\SUPERAntiSpyware.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\IDETOOL\IDETOOL.EXE
C:\Program Files\Sitecom WL-022 Wireless LAN Utility\WLANUTL.exe
E:\Appz\Mozilla Firefox\firefox.exe
C:\Program Files\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.co.uk/ie
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.co.uk
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Appz\Adobe\Reader 7.0.7\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [LoadQM] loadqm.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] E:\Appz\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [WinampAgent] "E:\Appz\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Appz\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [PowerStrip] e:\appz\power strip\pstrip.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Appz\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: IDETool.lnk = C:\Program Files\IDETOOL\IDETOOL.EXE
O4 - Global Startup: Sitecom WL-022 Wireless LAN Utility.lnk = ?
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://E:\Appz\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Opslag - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\Appz\MICROS~1\OFFICE11\REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O20 - Winlogon Notify: SASWinLogon - E:\Appz\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ewido security suite control - ewido networks - E:\Appz\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - E:\Appz\ewido anti-malware\ewidoguard.exe
O23 - Service: MSCoolServ - Unknown owner - C:\WINDOWS\system32\mscolsrv.exe" -service (file missing)
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - C:\WINDOWS\system32\r_server.exe" /service (file missing)

Hmm, de er sejlivede.
Hent og dobbeltklik på denne regfil:
http://danborg.org/spy/download/015.reg
Sig ja til at tilføje den, genstart.
Kør hijackthis igen, så skulle 013 linierne gerne være væk, fortæl om det er tilfældet.

De er ikke fjernet.

Det var s.tans.
Hvor kendt er du med registreringsdatabasen?
Værdierne skal være således:

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Windows/CurrentVersion/Internet Settings/ZoneMap/ProtocolDefaults]
@=""
"http"=dword:00000003
"https"=dword:00000003
"ftp"=dword:00000003
"file"=dword:00000003
"@ivt"=dword:00000001
"shell"=dword:00000000

Men da du kører med en Lite version, må jeg indrømme at jeg er lidt usikker på det.

Jeg er godt kendt i regedit. Men hvis det ovenstående er alt, så vil jeg gå i krig med det.

Det lyder fint, lad mig høre om det lykkes.
(Måske skal du tjekke i HKEY_CURRENT_USER også)

Når jeg kigger i den mappe, ser værdierne ud til at være ens med dem du har postet - skal det være sådan?

Og er det samme fremgangsmåde i HKEY_CURRENT_USER?

Ja, sådan står de i min.*S*

Så bunder det nok i at du har en skrællet windows, tror jeg.

Jeg har også en skrællet version af windåse. Den fylder kun 400mb og går under navnet TinyXP.

Men så er der ikke flere ting vi kan pille ved?

Nej, det er der ikke, maskinen er ren nu.

Tusind tak for hjælpen!

Velbekomme, tak for point. :-)