Hjælp med HijackThis log fil..

Du mangler noget :)

"Start superantispyware igen, klik på Preferences, skift til fanebladet Statistics/Logs, i vinduet dobbeltklikker du på SUPERAntiSpyware Scan Log, den åbner i notesblok, kopier resultatet herind.
Dobbeltklik på drweb.csv og kopier teksten fra den herind."

og loggen fra Drweb også...

Her den fra superantispyware:

SUPERAntiSpyware Scan Log
Generated 10/04/2006 at 11:49 PM

Core Rules Database Version : 3098
Trace Rules Database Version: 1125

Memory threats detected  : 0
Registry threats detected : 158
File threats detected    : 9

Adware.MyWay
    HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10}\InProcServer32
    C:\Programmer\MyWay\myBar\1.bin\MYBAR.DLL
    HKLM\Software\Classes\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKLM\Software\Classes\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0494D0D1-F8E0-41ad-92A3-14154ECE70AC}
    HKLM\Software\Microsoft\Internet Explorer\Toolbar#{0494D0D9-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\0
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\0\win32
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\FLAGS
    HKCR\TypeLib\{0494D0D0-F8E0-41ad-92A3-14154ECE70AC}\1.0\HELPDIR
    HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}
    HKCR\MyWayToolBar.NetscapeShutdown
    HKCR\MyWayToolBar.NetscapeShutdown\CLSID
    HKCR\MyWayToolBar.NetscapeShutdown\CurVer
    HKCR\MyWayToolBar.NetscapeShutdown.1
    HKCR\MyWayToolBar.NetscapeShutdown.1\CLSID
    HKCR\MyWayToolBar.NetscapeStartup
    HKCR\MyWayToolBar.NetscapeStartup\CLSID
    HKCR\MyWayToolBar.NetscapeStartup\CurVer
    HKCR\MyWayToolBar.NetscapeStartup.1
    HKCR\MyWayToolBar.NetscapeStartup.1\CLSID
    HKCR\MyWayToolBar.SettingsPlugin
    HKCR\MyWayToolBar.SettingsPlugin\CLSID
    HKCR\MyWayToolBar.SettingsPlugin\CurVer
    HKCR\MyWayToolBar.SettingsPlugin.1
    HKCR\MyWayToolBar.SettingsPlugin.1\CLSID
    HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}
    HKCR\CLSID\{014DA6CD-189F-421a-88CD-07CFE51CFF10}\InProcServer32
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Control
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKCR\CLSID\{0494D0D2-F8E0-41ad-92A3-14154ECE70AC}\Version
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Control
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKCR\CLSID\{0494D0D3-F8E0-41ad-92A3-14154ECE70AC}\Version
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\ProgID
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKCR\CLSID\{0494D0D5-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\ProgID
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKCR\CLSID\{0494D0D7-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Control
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\InprocServer32#ThreadingModel
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\MiscStatus\1
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\ProgID
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Programmable
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\TypeLib
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\Version
    HKCR\CLSID\{0494D0DB-F8E0-41ad-92A3-14154ECE70AC}\VersionIndependentProgID
    HKLM\Software\MyWay
    HKLM\Software\MyWay\myBar
    HKLM\Software\MyWay\myBar#Dir
    HKLM\Software\MyWay\myBar#ShzmCurInstall
    HKLM\Software\MyWay\myBar#pid
    HKLM\Software\MyWay\myBar#strings
    HKLM\Software\MyWay\myBar#CurInstall
    HKLM\Software\MyWay\myBar#sr
    HKLM\Software\MyWay\myBar#pl
    HKLM\Software\MyWay\myBar#Id
    HKLM\Software\MyWay\myBar#Build
    HKLM\Software\MyWay\myBar#CacheDir
    HKLM\Software\MyWay\myBar#HistoryDir
    HKLM\Software\MyWay\myBar#Visible
    HKLM\Software\MyWay\myBar#Maximized
    HKLM\Software\MyWay\myBar#SettingsDir
    HKLM\Software\MyWay\myBar#ConfigRevision
    HKLM\Software\MyWay\myBar#ConfigRevisionURL
    HKLM\Software\MyWay\myBar#ConfigDateStamp
    HKLM\Software\MyWay\myBar\partner
    HKLM\Software\MyWay\myBar\partner#bitmap
    HKLM\Software\MyWay\myBar\partner#name

Adware.Tracking Cookie
    C:\Documents and Settings\Ejer\Cookies\ejer@atdmt[2].txt
    C:\Documents and Settings\Ejer\Cookies\ejer@msnportal.112.2o7[1].txt

Trojan.NewDotNet
    C:\Programmer\NewDotNet\newdotnet7_22.#ll
    C:\Programmer\NewDotNet

Adware.GAIN/Gator
    HKLM\Software\Gator.com
    HKLM\Software\Gator.com\AppInfo
    HKLM\Software\Gator.com\CMEII
    HKLM\Software\Gator.com\Gator
    HKLM\Software\Gator.com\Gator\dyn
    HKLM\Software\Gator.com\Gator\dyn#PdpFirstStart
    HKLM\Software\Gator.com\Gator\dyn\GCH
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#StartTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#OldestTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#296-200
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#296-bytes
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#297-200
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gi#297-bytes
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gs
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#StartTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#OldestTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#102-200
    HKLM\Software\Gator.com\Gator\dyn\GCH\_gs#102-bytes
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle#StartTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle#OldestTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle#296-206
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle#296-bytes
    HKLM\Software\Gator.com\Gator\dyn\GCH\_trickle#296-1460
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#StartTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#OldestTime
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#296-200
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#296-bytes
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#297-200
    HKLM\Software\Gator.com\Gator\dyn\GCH\_ts#297-bytes
    HKLM\Software\Gator.com\Gator\dyn\GUS
    HKLM\Software\Gator.com\Gator\dyn\GUS#TC
    HKLM\Software\Gator.com\Gator\stat
    HKLM\Software\Gator.com\Gator\stat#Guid
    HKLM\Software\Gator.com\Gator\stat#MID
    HKLM\Software\Gator.com\GInternet
    HKLM\Software\Gator.com\GInternet\Proxy
    HKLM\Software\Gator.com\GInternet\Proxy#Enabled
    HKLM\Software\Gator.com\trickles
    HKLM\Software\Gator.com\trickles\TRICKLER_4104
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/5115.gsz
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/5115.gsz#UrlSize
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/5115.gsz#UrlTime
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/PdpSetup5105.ex_
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/PdpSetup5105.ex_#UrlSize
    HKLM\Software\Gator.com\trickles\TRICKLER_4104\Trickler\trickle.gator.com:80/download/PdpSetup5105.ex_#UrlTime
    HKLM\Software\GatorTest

Unclassified.Unknown Origin
    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373\A0077113.exe

Trojan.Instant Access
    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373\A0077118.dll

Adware.ClearSearch
    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373\A0077122.exe

Adware.MediaLoads
    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373\A0077123.DLL

Og her er den fra Drweb:

p2p networking.exe\data001    c:\windows\system32\p2p networking\p2p networking.exe    Adware.PeerNet   
p2p networking.exe    c:\windows\system32\p2p networking    Archive contains infected objects    Moved.
MYBAR.DLL    C:\Programmer\MyWay\myBar\1.bin    Adware.MyWay   
hot_xxxmpeg[1].exe    C:\Documents and Settings\Ejer\Lokale indstillinger\Temporary Internet Files\Content.IE5\RN1BFT8W    Dialer.HotXXX    Renamed.
hot_xxxmpeg[2].exe    C:\Documents and Settings\Ejer\Lokale indstillinger\Temporary Internet Files\Content.IE5\RN1BFT8W    Dialer.HotXXX    Renamed.
hot_xxxmpeg[3].exe    C:\Documents and Settings\Ejer\Lokale indstillinger\Temporary Internet Files\Content.IE5\RN1BFT8W    Dialer.HotXXX    Renamed.
hot_xxxmpeg[4].exe    C:\Documents and Settings\Ejer\Lokale indstillinger\Temporary Internet Files\Content.IE5\RN1BFT8W    Dialer.HotXXX    Renamed.
hot_xxxmpeg[5].exe    C:\Documents and Settings\Ejer\Lokale indstillinger\Temporary Internet Files\Content.IE5\RN1BFT8W    Dialer.HotXXX    Renamed.
AladdinPinballSetup-dm[1].exe    C:\Downloads    Adware.TryMedia    Renamed.
MY2NS.EXE    C:\Programmer\MyWay\myBar\1.bin    Adware.MyWay    Renamed.
MYBAR.DLL    C:\Programmer\MyWay\myBar\1.bin    Adware.MyWay    Renamed.
NPMYWAY.DLL    C:\Programmer\MyWay\myBar\1.bin    Adware.MyWay    Renamed.
newdotnet7_22.dll    C:\Programmer\NewDotNet    Adware.NewDotNet    Renamed.
A0077095.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077096.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077097.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077098.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077099.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077100.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077101.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077102.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077103.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077104.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077105.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077106.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077107.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077108.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077109.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077110.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077112.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
A0077115.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.SideFind    Renamed.
A0077116.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.Twaintech    Renamed.
A0077119.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.Ezula    Renamed.
A0077120.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.Ezula    Renamed.
A0077121.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.Ezula    Renamed.
A0077124.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.nCase    Renamed.
A0077125.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.nCase    Renamed.
A0077126.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Trojan.MulDrop.1997    Deleted.
A0077127.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.VirtualBouncer    Renamed.
A0077139.exe\data001    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373\A0077139.exe    Adware.PeerNet   
A0077139.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Archive contains infected objects    Moved.
A0077140.exe    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.TryMedia    Renamed.
A0077141.EXE    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.MyWay    Renamed.
A0077142.DLL    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.MyWay    Renamed.
A0077143.DLL    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.MyWay    Renamed.
A0077144.dll    C:\System Volume Information\_restore{6AD410EA-5EC5-4949-B0B9-E886CE5699BA}\RP373    Adware.NewDotNet    Renamed.
preInsTT.exe    C:\WINDOWS    Trojan.Bispy    Deleted.
remove.exe    C:\WINDOWS\browserxtras\pn    Trojan.MulDrop.2438    Incurable.Moved.
WebP2PInstaller.dll    C:\WINDOWS\Downloaded Program Files    Adware.PeerNet    Renamed.
bdeinsta25.dll    C:\WINDOWS\SYSTEM32    Adware.Altnet    Renamed.
cd_clint.dll    C:\WINDOWS\SYSTEM32    Adware.Cydoor    Renamed.
comload.dll    C:\WINDOWS\SYSTEM32    Trojan.DownLoader.1044    Deleted.
EGCOMLIB_1034.dll    C:\WINDOWS\SYSTEM32    Dialer.Egroup    Renamed.
EGCOMLIB_1035.dll    C:\WINDOWS\SYSTEM32    Dialer.Egroup    Renamed.
in4bdlA.dll    C:\WINDOWS\SYSTEM32    Trojan.MulDrop.2284    Deleted.
Instant_Access_667917.exe    C:\WINDOWS\SYSTEM32    Dialer.Blank    Renamed.
PopOops2.dll    C:\WINDOWS\SYSTEM32    Adware.PortalScan    Renamed.
sahagent1013.exe    C:\WINDOWS\SYSTEM32    Adware.SAHAgent    Renamed.
setup_incred_4.exe    C:\WINDOWS\SYSTEM32    Trojan.MulDrop.2285    Incurable.Moved.

Håber det er det du mener!!!

-- Kør Hijackthis, vælg "Do a system scan only", sæt flueben ved linierne listet her, luk alle vinduer undtaget Hijackthis, klik på fix checked.

R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://i-lookup.com/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://i-lookup.com/search.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: (no name) - SOFTWARE - (no file)
O2 - BHO: (no name) - {00000000-0000-0000-0000-000000000221} - (no file)
O2 - BHO: (no name) - {021BB032-80A8-4FB6-B3D5-CF27B1553B95} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Programmer\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Programmer\MyWay\myBar\1.bin\MYBAR.DLL (file missing)
O4 - HKLM\..\Run: [mmkb] "C:\WINDOWS\System32\mmkb.exe"
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O9 - Extra button: Sidesearch - {000007C6-17DF-4438-92A4-DE5537471BA3} - C:\WINDOWS\System32\shdocvw.dll
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -

-- Hent http://cexx.org/lspfix.zip
Pak lspfix ud, og kør det. Sæt flueben i "I know what I am doing". I venstre side (Keep) finder du newdotnet7_22.dll, markerer den, og klikker på pil til venstre, for at flytte dem over i "Remove". Klik på finish.

-- Genstart computeren og læg en frisk Hijackthis-log herind. Du må også gerne skrive hvordan computeren kører nu.

Den ser nu sådan her ud, og computeren kører fint igen...

Logfile of HijackThis v1.99.1
Scan saved at 14:10:57, on 06-10-2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\System32\svchost.exe
C:\Programmer\Wireless\mmkeymanager.exe
C:\WINDOWS\SOINTGR.EXE
C:\WINDOWS\System32\NILaunch.exe
C:\Programmer\QuickTime\qttask.exe
C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Programmer\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\Abmtsr.exe
C:\Programmer\ZyXEL\ZyAIR B-200 Wireless LAN USB Adapter\WLUSBCFG.exe
C:\lotus\smartctr\smartctr.exe
C:\lotus\smartctr\suitest.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
F:\Virus Stuff\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.dk/0SEDADK/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Hyperlinks
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programmer\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programmer\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programmer\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\da\msntb.dll
O4 - HKLM\..\Run: [AmitechKeyboard] C:\Programmer\Wireless\mmkeymanager.exe
O4 - HKLM\..\Run: [SO5 Integrator Pass Two] C:\WINDOWS\SOINTGR.EXE
O4 - HKLM\..\Run: [Net-It Launcher] C:\WINDOWS\System32\NILaunch.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programmer\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Omnipage] C:\Programmer\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Lotus QuickStart.lnk = C:\lotus\wordpro\ltsstart.exe
O4 - Startup: Lotus SmartCenter.lnk = C:\lotus\smartctr\smartctr.exe
O4 - Startup: Lotus SuiteStart.lnk = C:\lotus\smartctr\suitest.exe
O4 - Global Startup: Adobe Reader Hurtigstart.lnk = C:\Programmer\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Album Fast Start.lnk = C:\Programmer\Ulead Systems\Ulead PhotoImpact 5 Bundled Edition\Abmtsr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Programmer\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: ZyAIR B-200 Wireless LAN USB Adapter Utility.lnk = C:\Programmer\ZyXEL\ZyAIR B-200 Wireless LAN USB Adapter\WLUSBCFG.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programmer\Messenger\msmsgs.exe
O16 - DPF: {1EB17D1C-141D-4D9D-91CB-24D99215851D} - http://akamai.downloadv3.com/binaries/IA/netia32_EN_XP.cab
O16 - DPF: {CEFB7B49-9652-464F-8AFD-A577C0500F39} - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1012_EN_XP.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: SmartLinkService (SLService) -  - C:\WINDOWS\SYSTEM32\slserv.exe

Loggen er ren. :-)

For at gøre arbejdet helt færdig:
Det kan være en god ide og rydde op i systemgendannelses filerne. Deaktiver systemgendannelse (http://www.spywarefri.dk/virusscannere.htm#alle) - genstart din computer - aktiver systemgendannelse.
Og så kan det også være en god ide at skjule dine systemfiler og -mapper igen, så du ikke ved en fejl kommer til at slette en vigtig fil. Det gør du samme sted, hvor du satte det til at vise alle filer, denne gang vælger du bare: Vis ikke skjulte filer og mapper.

Det kan også være en god ide at få renset ud i dine midlertidige filer. Det kan gøres på en hurtig og nem måde med denne fil
www.spywareinfo.dk/download/cleantempxp2k.bat
---------------------------

For at forhindre gentagelser, vil jeg anbefale dig at lægge nogle små programmer ind, som forhindrer spyware i at komme ind i første omgang. Du finder links og gode råd her:
http://www.spywarefri.dk/manualer/sikkerhedspakke.htm

Jeg vil også foreslå, at du læser disse artikler om hvordan du kan undgå at blive inficeret i fremtiden:
http://www.spywarefri.dk/forum/topic.asp?TOPIC_ID=14414
http://www.ejvindh.net/viewtopic.php?t=37

Mange tak for hjælpen...

Du er velkommen :-)