Just nu i M3-nätverket
Gå till innehåll

hjälp

Medlem
  • Antal inlägg

    12
  • Gick med

  • Senaste besök

    Aldrig
  1. jag testade att starta om datorn och då fanns det inga titsjob.exe (mystiskt namn,hehe) kvar så det verkar funka nu. Tack!
  2. hej, ännu en gång är datorn mycket seg och cpu andvändningen ligger på 100% hela tiden. Men denna gång är det flera stycken Titjobs.exe filer som använder all CPU. Jag letade igenom datorn för att se var den låg och då låg den i min Panda antivirus titanium mapp samt i c\windows\prefetch. Är detta någon dum sak man kan ta bort eller? Här kommer en uppdaterad ad adware log samt hijackthis log om det kan vara till någon nytta. Ad-Aware: [log] Ad-Aware SE Build 1.05 Logfile Created on:den 18 oktober 2004 13:52:36 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R13 16.10.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):40 total references Tracking Cookie(TAC index:3):41 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R10 28.09.2004 Internal build : 15 File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 352256 Bytes Total size : 1115088 Bytes Signature data size : 1091215 Bytes Reference data size : 23361 Bytes Signatures total : 30729 Fingerprints total : 203 Fingerprints size : 9194 Bytes Target categories : 15 Target families : 573 2004-10-18 13:51:49 Performing WebUpdate... Installing Update... Definitions File Loaded: Reference Number : SE1R13 16.10.2004 Internal build : 18 File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 363648 Bytes Total size : 1150665 Bytes Signature data size : 1124607 Bytes Reference data size : 25546 Bytes Signatures total : 31779 Fingerprints total : 291 Fingerprints size : 12292 Bytes Target categories : 15 Target families : 589 2004-10-18 13:52:02 Success Update successfully downloaded and installed. Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium IV Memory available:43 % Total physical memory:523760 kb Available physical memory:224996 kb Total page file size:1274940 kb Available on page file:1008840 kb Total virtual memory:2097024 kb Available virtual memory:2045728 kb OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600) Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 2004-10-18 13:52:36 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nico mak computing\winzip\filemenu Description : winzip recently used archives MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nvidia corporation\global\nview\windowmanagement Description : nvidia nview cached application window positions MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\photoshop\7.0\visiteddirs Description : adobe photoshop 7 recent work folders MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\runmru Description : mru list for items opened in start | run MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\office\10.0\common\general Description : list of recently used symbols in microsoft office MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\creative tech\creative wavestudio\settings Description : list of recently used directories in creative wavestudio MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-19\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-20\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\Application Data\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\recent Description : list of recently opened documents Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32 ProcessID : 524 ThreadCreationTime : 2004-10-18 11:37:58 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32 ProcessID : 588 ThreadCreationTime : 2004-10-18 11:38:03 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\SYSTEM32 ProcessID : 616 ThreadCreationTime : 2004-10-18 11:38:04 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32 ProcessID : 664 ThreadCreationTime : 2004-10-18 11:38:04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Tjänst- och styrenhetsprogram InternalName : services.exe LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32 ProcessID : 676 ThreadCreationTime : 2004-10-18 11:38:04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 828 ThreadCreationTime : 2004-10-18 11:38:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 884 ThreadCreationTime : 2004-10-18 11:38:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 924 ThreadCreationTime : 2004-10-18 11:38:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1004 ThreadCreationTime : 2004-10-18 11:38:06 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1128 ThreadCreationTime : 2004-10-18 11:38:06 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [explorer.exe] FilePath : C:\WINDOWS ProcessID : 1304 ThreadCreationTime : 2004-10-18 11:38:07 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Utforskaren InternalName : explorer LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : EXPLORER.EXE #:12 [lexbces.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1404 ThreadCreationTime : 2004-10-18 11:38:07 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LexBce Service InternalName : LexBce Service LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LexBceS.exe #:13 [spoolsv.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1440 ThreadCreationTime : 2004-10-18 11:38:07 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:14 [lexpps.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1448 ThreadCreationTime : 2004-10-18 11:38:07 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LEXPPS.EXE InternalName : LEXPPS LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LEXPPS.EXE Comments : MarkVision for Windows '95 New P2P Server (32-bit) #:15 [gsicon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1636 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 3.1.0 ProductVersion : 3.1.0 ProductName : DSL Modem CompanyName : GlobeSpan, Inc. FileDescription : DSL Modem Monitor InternalName : GSICON.EXE LegalCopyright : Copyright © 2001 GlobeSpan, Inc. OriginalFilename : GSICON.EXE #:16 [dslagent.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1648 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal #:17 [qttask.exe] FilePath : C:\Program\QuickTime ProcessID : 1664 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 6.5.1 ProductVersion : QuickTime 6.5.1 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:18 [apvxdwin.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1676 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 3.06.03 ProductVersion : 2.05.05 ProductName : Panda Antivirus Titanium CompanyName : Panda Software International FileDescription : ApVxdWin InternalName : ApVxdWin.exe OriginalFilename : ApVxdWin.exe #:19 [lxbkbmgr.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1692 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Manager Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Manager InternalName : lxbkbmgr.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmgr.exe #:20 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1724 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:21 [winampa.exe] FilePath : D:\Program\Winamp ProcessID : 1732 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal #:22 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1740 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:23 [zlclient.exe] FilePath : C:\Program\Zone Labs\ZoneAlarm ProcessID : 1748 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : Zone Labs Client CompanyName : Zone Labs Inc. FileDescription : Zone Labs Client InternalName : zlclient LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : zlclient.exe #:24 [ctfmon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1756 ThreadCreationTime : 2004-10-18 11:38:09 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:25 [bttray.exe] FilePath : C:\Program\DLink\Bluetooth-programvara ProcessID : 1784 ThreadCreationTime : 2004-10-18 11:38:10 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTTray.exe #:26 [lxbkbmon.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1792 ThreadCreationTime : 2004-10-18 11:38:10 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Monitor Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Monitor InternalName : lxbkbmon.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmon.exe #:27 [getright.exe] FilePath : C:\Program\GetRight ProcessID : 1808 ThreadCreationTime : 2004-10-18 11:38:10 BasePriority : Normal FileVersion : 3.2 ProductVersion : 3.2 ProductName : GetRight CompanyName : HeadLight Software. FileDescription : GetRight. www.getright.com InternalName : GETRIGHT LegalCopyright : Copyright © 1997-98 HeadLight Software. OriginalFilename : GETRIGHT.EXE Comments : GetRight was designed and developed by Michael J Burford. #:28 [wzqkpick.exe] FilePath : C:\Program\WinZip ProcessID : 1828 ThreadCreationTime : 2004-10-18 11:38:10 BasePriority : Normal FileVersion : 1.0 (32-bit) ProductVersion : 8.1 (4319) ProductName : WinZip CompanyName : WinZip Computing, Inc. FileDescription : WinZip Executable InternalName : WZQKPICK.EXE LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc OriginalFilename : WZQKPICK.EXE Comments : StringFileInfo: U.S. English #:29 [btstac~1.exe] FilePath : C:\Program\DLink\BLUETO~1 ProcessID : 140 ThreadCreationTime : 2004-10-18 11:38:12 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Stack COM Server InternalName : BTStackServer LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTStackServer.exe #:30 [btwdins.exe] FilePath : C:\Program\DLink\Bluetooth-programvara\bin ProcessID : 372 ThreadCreationTime : 2004-10-18 11:38:14 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTWDIns.EXE #:31 [nvsvc32.exe] FilePath : C:\WINDOWS\System32 ProcessID : 420 ThreadCreationTime : 2004-10-18 11:38:14 BasePriority : Normal FileVersion : 6.14.10.6177 ProductVersion : 6.14.10.6177 ProductName : NVIDIA Driver Helper Service, Version 61.77 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 61.77 InternalName : NVSVC LegalCopyright : © NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:32 [pavsrv51.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 440 ThreadCreationTime : 2004-10-18 11:38:14 BasePriority : High FileVersion : 6, 3, 0, 531 ProductVersion : 6.3 ProductName : Panda Antivirus CompanyName : Panda Software FileDescription : Panda Antivirus Service for Windows NT/2000 InternalName : pavsrv LegalCopyright : Copyright © Panda Software 2003 OriginalFilename : pavsrv.exe #:33 [avengine.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 280 ThreadCreationTime : 2004-10-18 11:38:15 BasePriority : Normal FileVersion : 6, 3, 0, 492 ProductVersion : 6.3 ProductName : Panda Antivirus Windows NT/2000 CompanyName : Panda Software FileDescription : Proceso análisis independiente InternalName : avengine LegalCopyright : Copyright © Panda Software 1990-2002 OriginalFilename : avengine.exe #:34 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1604 ThreadCreationTime : 2004-10-18 11:38:20 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:35 [vsmon.exe] FilePath : C:\WINDOWS\system32\ZoneLabs ProcessID : 1712 ThreadCreationTime : 2004-10-18 11:38:21 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : TrueVector Service CompanyName : Zone Labs Inc. FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : vsmon.exe #:36 [pavproxy.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1840 ThreadCreationTime : 2004-10-18 11:38:21 BasePriority : Normal FileVersion : 3, 6, 10, 24 ProductVersion : 3, 6, 10, 24 ProductName : Mail Resident CompanyName : Panda Software FileDescription : PavProxy InternalName : PavProxy LegalCopyright : Copyright © 2002 OriginalFilename : PavProxy.exe #:37 [alg.exe] FilePath : C:\WINDOWS\System32 ProcessID : 2652 ThreadCreationTime : 2004-10-18 11:38:28 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:38 [titjobs.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 2780 ThreadCreationTime : 2004-10-18 11:48:31 BasePriority : Normal FileVersion : 3.06.01 ProductVersion : 2.05.05 ProductName : Panda Antivirus Titanium CompanyName : Panda Software International FileDescription : TitJobs InternalName : TitJobs.exe OriginalFilename : TitJobs.exe #:39 [ad-aware.exe] FilePath : C:\Program\Lavasoft\Ad-Aware SE Personal ProcessID : 1984 ThreadCreationTime : 2004-10-18 11:51:34 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 40 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 40 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 40 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@atdmt[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@atdmt.com/ Expires : 2009-10-07 02:00:00 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@2o7[1].txt Category : Data Miner Comment : Hits:12 Value : Cookie:johansson@2o7.net/ Expires : 2009-10-11 21:15:56 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@as1.falkag[2].txt Category : Data Miner Comment : Hits:19 Value : Cookie:johansson@as1.falkag.de/ Expires : 2004-11-14 12:25:38 LastSync : Hits:19 UseCount : 0 Hits : 19 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@bs.serving-sys[2].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@bs.serving-sys.com/ Expires : 2038-01-01 10:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[4].txt Category : Data Miner Comment : Hits:45 Value : Cookie:johansson@j.2004cms.com/HTM/561/0 Expires : 2005-10-14 20:46:10 LastSync : Hits:45 UseCount : 0 Hits : 45 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[2].txt Category : Data Miner Comment : Hits:12 Value : Cookie:johansson@jpirate.cjt1.net/HTM/561/0 Expires : 2005-10-14 20:46:10 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hg1.hitbox[2].txt Category : Data Miner Comment : Hits:7 Value : Cookie:johansson@hg1.hitbox.com/ Expires : 2005-10-18 13:46:18 LastSync : Hits:7 UseCount : 0 Hits : 7 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@server.iad.liveperson[2].txt Category : Data Miner Comment : Hits:6 Value : Cookie:johansson@server.iad.liveperson.net/ Expires : 2005-10-06 20:01:16 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@n3sport.adhostcenter[2].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@n3sport.adhostcenter.com/ Expires : 2007-04-01 02:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tradedoubler[2].txt Category : Data Miner Comment : Hits:1223 Value : Cookie:johansson@tradedoubler.com/ Expires : 2005-10-17 21:23:10 LastSync : Hits:1223 UseCount : 0 Hits : 1223 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@gator[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@gator.com/ Expires : 2004-12-12 18:08:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adtech[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@adtech.de/ Expires : 2014-10-06 12:00:06 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hc2.humanclick[1].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@hc2.humanclick.com/ Expires : 2005-10-14 16:34:22 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hotlog[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@hotlog.ru/ Expires : 2005-10-07 09:27:40 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-iwantoneofthose.hitbox[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@ehg-iwantoneofthose.hitbox.com/ Expires : 2005-10-14 19:30:18 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@statcounter[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@statcounter.com/ Expires : 2009-10-15 11:20:50 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[1].txt Category : Data Miner Comment : Hits:12 Value : Cookie:johansson@jnova.cjt1.net/HTM/511/0 Expires : 2005-10-17 17:16:52 LastSync : Hits:12 UseCount : 0 Hits : 12 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@targetnet[2].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@targetnet.com/ Expires : 2033-05-18 05:33:20 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@stat.onestat[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@stat.onestat.com/ Expires : 2014-10-13 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[5].txt Category : Data Miner Comment : Hits:25 Value : Cookie:johansson@j.2004cms.com/HTM/511/0 Expires : 2005-10-17 17:16:54 LastSync : Hits:25 UseCount : 0 Hits : 25 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adserver.olandsbladet[1].txt Category : Data Miner Comment : Hits:24 Value : Cookie:johansson@adserver.olandsbladet.se/ Expires : 2004-10-17 23:09:02 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@trafficmp[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@trafficmp.com/ Expires : 2004-11-14 20:57:46 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adviva[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@adviva.net/ Expires : 2009-09-22 13:46:22 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tribalfusion[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@tribalfusion.com/ Expires : 2038-01-01 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@advertising[1].txt Category : Data Miner Comment : Hits:72 Value : Cookie:johansson@advertising.com/ Expires : 2009-10-16 21:08:30 LastSync : Hits:72 UseCount : 0 Hits : 72 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@fortunecity[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@fortunecity.com/ Expires : 2011-01-01 02:00:00 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@serving-sys[1].txt Category : Data Miner Comment : Hits:15 Value : Cookie:johansson@serving-sys.com/ Expires : 2038-01-01 10:00:00 LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@maxserving[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@maxserving.com/ Expires : 2014-10-10 18:12:36 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@fastclick[1].txt Category : Data Miner Comment : Hits:6 Value : Cookie:johansson@fastclick.net/ Expires : 2006-10-06 11:22:34 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@mediaplex[1].txt Category : Data Miner Comment : Hits:20 Value : Cookie:johansson@mediaplex.com/ Expires : 2009-06-22 02:00:00 LastSync : Hits:20 UseCount : 0 Hits : 20 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adx.adhostcenter[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@adx.adhostcenter.com/ Expires : 2007-04-01 02:00:00 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hitbox[2].txt Category : Data Miner Comment : Hits:16 Value : Cookie:johansson@hitbox.com/ Expires : 2005-10-18 13:46:18 LastSync : Hits:16 UseCount : 0 Hits : 16 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@estat[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@estat.com/ Expires : 2014-10-15 13:33:10 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@questionmarket[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@questionmarket.com/ Expires : 2005-11-29 09:11:50 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@etype.adbureau[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@etype.adbureau.net/ Expires : 2007-03-01 02:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@cgi-bin[2].txt Category : Data Miner Comment : Hits:60 Value : Cookie:johansson@imrworldwide.com/cgi-bin Expires : 2014-10-13 18:50:58 LastSync : Hits:60 UseCount : 0 Hits : 60 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@doubleclick[1].txt Category : Data Miner Comment : Hits:29 Value : Cookie:johansson@doubleclick.net/ Expires : 2007-10-07 13:09:22 LastSync : Hits:29 UseCount : 0 Hits : 29 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@perf.overture[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@perf.overture.com/ Expires : 2008-10-15 11:22:50 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@qsrch[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@qsrch.com/ Expires : 2004-11-13 20:46:08 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@instadia[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@instadia.net/ Expires : 2029-07-04 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@servedby.advertising[2].txt Category : Data Miner Comment : Hits:87 Value : Cookie:johansson@servedby.advertising.com/ Expires : 2004-11-16 21:08:30 LastSync : Hits:87 UseCount : 0 Hits : 87 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 41 Objects found so far: 81 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 81 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 81 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 81 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 81 14:09:26 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:16:49.922 Objects scanned:181939 Objects identified:41 Objects ignored:0 New critical objects:41 [/log] och hijackthis: [log] Logfile of HijackThis v1.98.2 Scan saved at 14:14:41, on 2004-10-18 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program\QuickTime\qttask.exe C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE C:\Program\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE D:\Program\Winamp\winampa.exe C:\WINDOWS\system32\rundll32.exe C:\Program\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\DLink\Bluetooth-programvara\BTTray.exe C:\Program\Lexmark X1100 Series\lxbkbmon.exe C:\Program\GetRight\getright.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe C:\Program\Panda Software\Panda Antivirus Titanium\TitJobs.exe C:\Program\Panda Software\Panda Antivirus Titanium\TitJobs.exe C:\Program\Panda Software\Panda Antivirus Titanium\TitJobs.exe C:\HiJack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37 [/log] Snälla hjälp mig snarast!!!
  3. Jag tror den mår bra nu. Jättemycket tack för hjälpen!!!
  4. Dock så kunde jag inte ta bort en fil i windows/temp som heter ZLT0247e.TMP men det kanske går att ta bort den i felsäkertläge ska jag göra det? Förlåt föresten att jag glömde log tagen till ad aware logen i förra inlägget!
  5. Jag tror att jag har gjort allt som du skrev men innan körde jag house call trend microscan, den hittade en mask som togs bort. Här är Ad aware logen:[log] Ad-Aware SE Build 1.05 Logfile Created on:den 6 oktober 2004 18:41:11 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R10 28.09.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):38 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Definition File: ========================= Definitions File Loaded: Reference Number : SE1R10 28.09.2004 Internal build : 15 File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref File size : 352256 Bytes Total size : 1115088 Bytes Signature data size : 1091215 Bytes Reference data size : 23361 Bytes Signatures total : 30729 Fingerprints total : 203 Fingerprints size : 9194 Bytes Target categories : 15 Target families : 573 Memory + processor status: ========================== Number of processors : 1 Processor architecture : Intel Pentium IV Memory available:47 % Total physical memory:523760 kb Available physical memory:240976 kb Total page file size:1274940 kb Available on page file:1035492 kb Total virtual memory:2097024 kb Available virtual memory:2047740 kb OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600) Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan within archives Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 2004-10-06 18:41:11 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nico mak computing\winzip\filemenu Description : winzip recently used archives MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nvidia corporation\global\nview\windowmanagement Description : nvidia nview cached application window positions MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\photoshop\7.0\visiteddirs Description : adobe photoshop 7 recent work folders MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\office\10.0\common\general Description : list of recently used symbols in microsoft office MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\creative tech\creative wavestudio\settings Description : list of recently used directories in creative wavestudio MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-19\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-20\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\Application Data\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\recent Description : list of recently opened documents Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32 ProcessID : 528 ThreadCreationTime : 2004-10-06 16:19:18 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32 ProcessID : 596 ThreadCreationTime : 2004-10-06 16:19:21 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\SYSTEM32 ProcessID : 620 ThreadCreationTime : 2004-10-06 16:19:22 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32 ProcessID : 664 ThreadCreationTime : 2004-10-06 16:19:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Tjänst- och styrenhetsprogram InternalName : services.exe LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32 ProcessID : 676 ThreadCreationTime : 2004-10-06 16:19:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 828 ThreadCreationTime : 2004-10-06 16:19:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 892 ThreadCreationTime : 2004-10-06 16:19:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 936 ThreadCreationTime : 2004-10-06 16:19:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 980 ThreadCreationTime : 2004-10-06 16:19:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1152 ThreadCreationTime : 2004-10-06 16:19:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [lexbces.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1380 ThreadCreationTime : 2004-10-06 16:19:25 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LexBce Service InternalName : LexBce Service LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LexBceS.exe #:12 [spoolsv.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1408 ThreadCreationTime : 2004-10-06 16:19:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:13 [lexpps.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1420 ThreadCreationTime : 2004-10-06 16:19:25 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LEXPPS.EXE InternalName : LEXPPS LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LEXPPS.EXE Comments : MarkVision for Windows '95 New P2P Server (32-bit) #:14 [gsicon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1616 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 3.1.0 ProductVersion : 3.1.0 ProductName : DSL Modem CompanyName : GlobeSpan, Inc. FileDescription : DSL Modem Monitor InternalName : GSICON.EXE LegalCopyright : Copyright © 2001 GlobeSpan, Inc. OriginalFilename : GSICON.EXE #:15 [dslagent.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1624 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal #:16 [qttask.exe] FilePath : C:\Program\QuickTime ProcessID : 1632 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 6.5.1 ProductVersion : QuickTime 6.5.1 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:17 [apvxdwin.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1640 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 3.06.03 ProductVersion : 2.05.05 ProductName : Panda Antivirus Titanium CompanyName : Panda Software International FileDescription : ApVxdWin InternalName : ApVxdWin.exe OriginalFilename : ApVxdWin.exe #:18 [lxbkbmgr.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1648 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Manager Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Manager InternalName : lxbkbmgr.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmgr.exe #:19 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1664 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:20 [winampa.exe] FilePath : D:\Program\Winamp ProcessID : 1680 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal #:21 [zlclient.exe] FilePath : C:\Program\Zone Labs\ZoneAlarm ProcessID : 1688 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : Zone Labs Client CompanyName : Zone Labs Inc. FileDescription : Zone Labs Client InternalName : zlclient LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : zlclient.exe #:22 [ctfmon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1696 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:23 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1708 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:24 [bttray.exe] FilePath : C:\Program\DLink\Bluetooth-programvara ProcessID : 1736 ThreadCreationTime : 2004-10-06 16:19:26 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTTray.exe #:25 [lxbkbmon.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1752 ThreadCreationTime : 2004-10-06 16:19:27 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Monitor Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Monitor InternalName : lxbkbmon.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmon.exe #:26 [getright.exe] FilePath : C:\Program\GetRight ProcessID : 1760 ThreadCreationTime : 2004-10-06 16:19:27 BasePriority : Normal FileVersion : 3.2 ProductVersion : 3.2 ProductName : GetRight CompanyName : HeadLight Software. FileDescription : GetRight. www.getright.com InternalName : GETRIGHT LegalCopyright : Copyright © 1997-98 HeadLight Software. OriginalFilename : GETRIGHT.EXE Comments : GetRight was designed and developed by Michael J Burford. #:27 [wzqkpick.exe] FilePath : C:\Program\WinZip ProcessID : 1788 ThreadCreationTime : 2004-10-06 16:19:27 BasePriority : Normal FileVersion : 1.0 (32-bit) ProductVersion : 8.1 (4319) ProductName : WinZip CompanyName : WinZip Computing, Inc. FileDescription : WinZip Executable InternalName : WZQKPICK.EXE LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc OriginalFilename : WZQKPICK.EXE Comments : StringFileInfo: U.S. English #:28 [btstac~1.exe] FilePath : C:\Program\DLink\BLUETO~1 ProcessID : 156 ThreadCreationTime : 2004-10-06 16:19:30 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Stack COM Server InternalName : BTStackServer LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTStackServer.exe #:29 [btwdins.exe] FilePath : C:\Program\DLink\Bluetooth-programvara\bin ProcessID : 416 ThreadCreationTime : 2004-10-06 16:19:32 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTWDIns.EXE #:30 [nvsvc32.exe] FilePath : C:\WINDOWS\System32 ProcessID : 456 ThreadCreationTime : 2004-10-06 16:19:32 BasePriority : Normal FileVersion : 6.14.10.6177 ProductVersion : 6.14.10.6177 ProductName : NVIDIA Driver Helper Service, Version 61.77 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 61.77 InternalName : NVSVC LegalCopyright : © NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:31 [pavsrv51.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 476 ThreadCreationTime : 2004-10-06 16:19:32 BasePriority : High FileVersion : 6, 3, 0, 531 ProductVersion : 6.3 ProductName : Panda Antivirus CompanyName : Panda Software FileDescription : Panda Antivirus Service for Windows NT/2000 InternalName : pavsrv LegalCopyright : Copyright © Panda Software 2003 OriginalFilename : pavsrv.exe #:32 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 584 ThreadCreationTime : 2004-10-06 16:19:32 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:33 [avengine.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 784 ThreadCreationTime : 2004-10-06 16:19:33 BasePriority : Normal FileVersion : 6, 3, 0, 492 ProductVersion : 6.3 ProductName : Panda Antivirus Windows NT/2000 CompanyName : Panda Software FileDescription : Proceso análisis independiente InternalName : avengine LegalCopyright : Copyright © Panda Software 1990-2002 OriginalFilename : avengine.exe #:34 [vsmon.exe] FilePath : C:\WINDOWS\system32\ZoneLabs ProcessID : 1800 ThreadCreationTime : 2004-10-06 16:19:39 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : TrueVector Service CompanyName : Zone Labs Inc. FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : vsmon.exe #:35 [pavproxy.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1936 ThreadCreationTime : 2004-10-06 16:19:39 BasePriority : Normal FileVersion : 3, 6, 10, 24 ProductVersion : 3, 6, 10, 24 ProductName : Mail Resident CompanyName : Panda Software FileDescription : PavProxy InternalName : PavProxy LegalCopyright : Copyright © 2002 OriginalFilename : PavProxy.exe #:36 [alg.exe] FilePath : C:\WINDOWS\System32 ProcessID : 2636 ThreadCreationTime : 2004-10-06 16:19:47 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:37 [explorer.exe] FilePath : C:\WINDOWS ProcessID : 3896 ThreadCreationTime : 2004-10-06 16:27:18 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Utforskaren InternalName : explorer LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : EXPLORER.EXE #:38 [iexplore.exe] FilePath : C:\Program\Internet Explorer ProcessID : 2584 ThreadCreationTime : 2004-10-06 16:30:47 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : IEXPLORE.EXE #:39 [ad-aware.exe] FilePath : C:\Program\Lavasoft\Ad-Aware SE Personal ProcessID : 1212 ThreadCreationTime : 2004-10-06 16:39:07 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 38 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 38 18:53:37 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:12:26.23 Objects scanned:165521 Objects identified:0 Objects ignored:0 New critical objects:0 [/log] Och HJT logen: [log]Logfile of HijackThis v1.98.2 Scan saved at 19:02:59, on 2004-10-06 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program\QuickTime\qttask.exe C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE C:\Program\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE D:\Program\Winamp\winampa.exe C:\Program\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\rundll32.exe C:\Program\DLink\Bluetooth-programvara\BTTray.exe C:\Program\Lexmark X1100 Series\lxbkbmon.exe C:\Program\GetRight\getright.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe C:\WINDOWS\System32\svchost.exe C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe C:\WINDOWS\explorer.exe C:\Program\Internet Explorer\iexplore.exe C:\HiJack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37 [/log] Är det okej nu? Tack för all hjälp!!! --- Jag lade Ad-aware-loggen inom LOG-taggar. Anders, moderator för Antivirus & Säkerhet [inlägget ändrat 2004-10-07 11:12:29 av Anders N]
  6. Okej jag ska göra som du säger men länken till ad adware sidan stämmer inte.Det står att "This domain has expiried". hinner inte testa idag, ska göra det imorgon.
  7. Jag gjorde som du sa Malou. här är logen från ad aware: [log]Ad-Aware SE Build 1.05 Logfile Created on:den 5 oktober 2004 19:17:10 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R10 28.09.2004 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):39 total references Tracking Cookie(TAC index:3):77 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 2004-10-05 19:17:10 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nico mak computing\winzip\filemenu Description : winzip recently used archives MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nvidia corporation\global\nview\windowmanagement Description : nvidia nview cached application window positions MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\photoshop\7.0\visiteddirs Description : adobe photoshop 7 recent work folders MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\paint\recent file list Description : list of files recently opened using microsoft paint MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\player\recentfilelist Description : list of recently used files in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\main Description : last save directory used in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer Description : last download directory used in microsoft internet explorer MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\microsoft management console\recent file list Description : list of recent snap-ins used in the microsoft management console MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\office\10.0\common\general Description : list of recently used symbols in microsoft office MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last cd record path used in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\typedurls Description : list of recently entered addresses in microsoft internet explorer MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\creative tech\creative wavestudio\settings Description : list of recently used directories in creative wavestudio MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles Description : list of recently used files in adobe reader MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist index loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\regedit Description : last key accessed using the microsoft registry editor MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication Description : most recent application to use microsoft directinput MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-19\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-20\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences Description : last playlist loaded in microsoft windows media player MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history MRU List Object Recognized! Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\Application Data\microsoft\office\recent Description : list of recently opened documents using microsoft office MRU List Object Recognized! Location: : C:\Documents and Settings\Johansson\recent Description : list of recently opened documents Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32 ProcessID : 524 ThreadCreationTime : 2004-10-05 16:34:15 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32 ProcessID : 588 ThreadCreationTime : 2004-10-05 16:34:20 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\SYSTEM32 ProcessID : 616 ThreadCreationTime : 2004-10-05 16:34:21 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32 ProcessID : 660 ThreadCreationTime : 2004-10-05 16:34:21 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Tjänst- och styrenhetsprogram InternalName : services.exe LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32 ProcessID : 672 ThreadCreationTime : 2004-10-05 16:34:21 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 824 ThreadCreationTime : 2004-10-05 16:34:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:7 [svchost.exe] FilePath : C:\WINDOWS\system32 ProcessID : 880 ThreadCreationTime : 2004-10-05 16:34:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 920 ThreadCreationTime : 2004-10-05 16:34:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 992 ThreadCreationTime : 2004-10-05 16:34:22 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1108 ThreadCreationTime : 2004-10-05 16:34:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:11 [explorer.exe] FilePath : C:\WINDOWS ProcessID : 1316 ThreadCreationTime : 2004-10-05 16:34:24 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Utforskaren InternalName : explorer LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : EXPLORER.EXE #:12 [lexbces.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1380 ThreadCreationTime : 2004-10-05 16:34:24 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LexBce Service InternalName : LexBce Service LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LexBceS.exe #:13 [spoolsv.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1416 ThreadCreationTime : 2004-10-05 16:34:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:14 [lexpps.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1424 ThreadCreationTime : 2004-10-05 16:34:24 BasePriority : Normal FileVersion : 8.29 ProductVersion : 8.29 ProductName : MarkVision for Windows (32 bit) CompanyName : Lexmark International, Inc. FileDescription : LEXPPS.EXE InternalName : LEXPPS LegalCopyright : © 1993 - 2003 Lexmark International, Inc. OriginalFilename : LEXPPS.EXE Comments : MarkVision for Windows '95 New P2P Server (32-bit) #:15 [gsicon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1616 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 3.1.0 ProductVersion : 3.1.0 ProductName : DSL Modem CompanyName : GlobeSpan, Inc. FileDescription : DSL Modem Monitor InternalName : GSICON.EXE LegalCopyright : Copyright © 2001 GlobeSpan, Inc. OriginalFilename : GSICON.EXE #:16 [dslagent.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1624 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal #:17 [qttask.exe] FilePath : C:\Program\QuickTime ProcessID : 1632 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 6.5.1 ProductVersion : QuickTime 6.5.1 ProductName : QuickTime CompanyName : Apple Computer, Inc. InternalName : QuickTime Task LegalCopyright : © Apple Computer, Inc. 2001-2004 OriginalFilename : QTTask.exe #:18 [apvxdwin.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1640 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 3.06.03 ProductVersion : 2.05.05 ProductName : Panda Antivirus Titanium CompanyName : Panda Software International FileDescription : ApVxdWin InternalName : ApVxdWin.exe OriginalFilename : ApVxdWin.exe #:19 [lxbkbmgr.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1664 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Manager Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Manager InternalName : lxbkbmgr.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmgr.exe #:20 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1680 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:21 [winampa.exe] FilePath : D:\Program\Winamp ProcessID : 1696 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal #:22 [rundll32.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1704 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Kör en DLL-fil som ett program InternalName : rundll LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : RUNDLL.EXE #:23 [zlclient.exe] FilePath : C:\Program\Zone Labs\ZoneAlarm ProcessID : 1712 ThreadCreationTime : 2004-10-05 16:34:25 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : Zone Labs Client CompanyName : Zone Labs Inc. FileDescription : Zone Labs Client InternalName : zlclient LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : zlclient.exe #:24 [ctfmon.exe] FilePath : C:\WINDOWS\system32 ProcessID : 1720 ThreadCreationTime : 2004-10-05 16:34:26 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : CTF Loader InternalName : CTFMON LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : CTFMON.EXE #:25 [lxbkbmon.exe] FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1728 ThreadCreationTime : 2004-10-05 16:34:26 BasePriority : Normal FileVersion : 0.1.1.1 ProductVersion : 0.1.1.1 ProductName : Button Monitor Executable CompanyName : Lexmark International, Inc. FileDescription : Lexmark X1100 Series Button Monitor InternalName : lxbkbmon.exe LegalCopyright : © 2002 Lexmark International, Inc. OriginalFilename : lxbkbmon.exe #:26 [bttray.exe] FilePath : C:\Program\DLink\Bluetooth-programvara ProcessID : 1752 ThreadCreationTime : 2004-10-05 16:34:26 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTTray.exe #:27 [getright.exe] FilePath : C:\Program\GetRight ProcessID : 1764 ThreadCreationTime : 2004-10-05 16:34:26 BasePriority : Normal FileVersion : 3.2 ProductVersion : 3.2 ProductName : GetRight CompanyName : HeadLight Software. FileDescription : GetRight. www.getright.com InternalName : GETRIGHT LegalCopyright : Copyright © 1997-98 HeadLight Software. OriginalFilename : GETRIGHT.EXE Comments : GetRight was designed and developed by Michael J Burford. #:28 [wzqkpick.exe] FilePath : C:\Program\WinZip ProcessID : 1792 ThreadCreationTime : 2004-10-05 16:34:26 BasePriority : Normal FileVersion : 1.0 (32-bit) ProductVersion : 8.1 (4319) ProductName : WinZip CompanyName : WinZip Computing, Inc. FileDescription : WinZip Executable InternalName : WZQKPICK.EXE LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc OriginalFilename : WZQKPICK.EXE Comments : StringFileInfo: U.S. English #:29 [btstac~1.exe] FilePath : C:\Program\DLink\BLUETO~1 ProcessID : 148 ThreadCreationTime : 2004-10-05 16:34:30 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Stack COM Server InternalName : BTStackServer LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTStackServer.exe #:30 [btwdins.exe] FilePath : C:\Program\DLink\Bluetooth-programvara\bin ProcessID : 332 ThreadCreationTime : 2004-10-05 16:34:31 BasePriority : Normal FileVersion : 1.4.2 Build 10 ProductVersion : 1.4.2 Build 10 ProductName : Bluetooth Software 1.4.2 Build 10 CompanyName : WIDCOMM, Inc. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003. OriginalFilename : BTWDIns.EXE #:31 [nvsvc32.exe] FilePath : C:\WINDOWS\System32 ProcessID : 384 ThreadCreationTime : 2004-10-05 16:34:31 BasePriority : Normal FileVersion : 6.14.10.6177 ProductVersion : 6.14.10.6177 ProductName : NVIDIA Driver Helper Service, Version 61.77 CompanyName : NVIDIA Corporation FileDescription : NVIDIA Driver Helper Service, Version 61.77 InternalName : NVSVC LegalCopyright : © NVIDIA Corporation. All rights reserved. OriginalFilename : nvsvc32.exe #:32 [pavsrv51.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 420 ThreadCreationTime : 2004-10-05 16:34:32 BasePriority : High FileVersion : 6, 3, 0, 531 ProductVersion : 6.3 ProductName : Panda Antivirus CompanyName : Panda Software FileDescription : Panda Antivirus Service for Windows NT/2000 InternalName : pavsrv LegalCopyright : Copyright © Panda Software 2003 OriginalFilename : pavsrv.exe #:33 [avengine.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 508 ThreadCreationTime : 2004-10-05 16:34:32 BasePriority : Normal FileVersion : 6, 3, 0, 492 ProductVersion : 6.3 ProductName : Panda Antivirus Windows NT/2000 CompanyName : Panda Software FileDescription : Proceso análisis independiente InternalName : avengine LegalCopyright : Copyright © Panda Software 1990-2002 OriginalFilename : avengine.exe #:34 [svchost.exe] FilePath : C:\WINDOWS\System32 ProcessID : 1560 ThreadCreationTime : 2004-10-05 16:34:37 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:35 [vsmon.exe] FilePath : C:\WINDOWS\system32\ZoneLabs ProcessID : 1128 ThreadCreationTime : 2004-10-05 16:34:38 BasePriority : Normal FileVersion : 5.1.033.000 ProductVersion : 5.1.033.000 ProductName : TrueVector Service CompanyName : Zone Labs Inc. FileDescription : TrueVector Service InternalName : vsmon LegalCopyright : Copyright © 1998-2004, Zone Labs Inc. OriginalFilename : vsmon.exe #:36 [pavproxy.exe] FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1800 ThreadCreationTime : 2004-10-05 16:34:38 BasePriority : Normal FileVersion : 3, 6, 10, 24 ProductVersion : 3, 6, 10, 24 ProductName : Mail Resident CompanyName : Panda Software FileDescription : PavProxy InternalName : PavProxy LegalCopyright : Copyright © 2002 OriginalFilename : PavProxy.exe #:37 [alg.exe] FilePath : C:\WINDOWS\System32 ProcessID : 2628 ThreadCreationTime : 2004-10-05 16:34:45 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:38 [iexplore.exe] FilePath : C:\Program\Internet Explorer ProcessID : 3424 ThreadCreationTime : 2004-10-05 16:41:48 BasePriority : Normal FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 6.00.2900.2180 ProductName : Operativsystemet Microsoft® Windows® CompanyName : Microsoft Corporation FileDescription : Internet Explorer InternalName : iexplore LegalCopyright : © Microsoft Corporation. Med ensamrätt. OriginalFilename : IEXPLORE.EXE #:39 [ad-aware.exe] FilePath : C:\Program\Lavasoft\AD-AWA~1 ProcessID : 2192 ThreadCreationTime : 2004-10-05 17:15:44 BasePriority : Normal FileVersion : 6.2.0.206 ProductVersion : VI.Second Edition ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 39 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 39 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 39 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@atdmt[2].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@atdmt.com/ Expires : 2009-09-30 02:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@zedo[2].txt Category : Data Miner Comment : Hits:8 Value : Cookie:johansson@zedo.com/ Expires : 2014-10-02 17:52:28 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@2o7[2].txt Category : Data Miner Comment : Hits:6 Value : Cookie:johansson@2o7.net/ Expires : 2009-09-26 19:53:32 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@as1.falkag[1].txt Category : Data Miner Comment : Hits:58 Value : Cookie:johansson@as1.falkag.de/ Expires : 2004-11-02 18:52:54 LastSync : Hits:58 UseCount : 0 Hits : 58 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[1].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@jkazaa.cjt1.net/HTM/276/0 Expires : 2005-08-06 13:51:12 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-idg.hitbox[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@ehg-idg.hitbox.com/ Expires : 2005-08-01 19:31:42 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tickle[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@tickle.com/ Expires : 2006-08-17 08:51:04 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-ladbrokes.hitbox[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@ehg-ladbrokes.hitbox.com/ Expires : 2005-09-13 09:26:56 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hg1.hitbox[1].txt Category : Data Miner Comment : Hits:11 Value : Cookie:johansson@hg1.hitbox.com/ Expires : 2005-10-01 13:34:54 LastSync : Hits:11 UseCount : 0 Hits : 11 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@n3sport.adhostcenter[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@n3sport.adhostcenter.com/ Expires : 2007-04-01 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@server.iad.liveperson[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@server.iad.liveperson.net/ Expires : 2005-10-02 22:45:46 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@valueclick[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@valueclick.com/ Expires : 2029-09-22 16:37:12 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ads.multimania.lycos[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@ads.multimania.lycos.fr/ Expires : 2004-08-06 15:46:28 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tradedoubler[1].txt Category : Data Miner Comment : Hits:313 Value : Cookie:johansson@tradedoubler.com/ Expires : 2005-10-02 23:02:50 LastSync : Hits:313 UseCount : 0 Hits : 313 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@gator[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@gator.com/ Expires : 2004-12-03 16:31:56 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@276[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@jkazaa.cjt1.net/HTM/276 Expires : 2005-08-09 10:13:22 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@z1.adserver[1].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@z1.adserver.com/ Expires : 2005-09-21 09:06:58 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@internetfuel[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@internetfuel.com/ Expires : 2013-12-01 16:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hc2.humanclick[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@hc2.humanclick.com/ Expires : 2005-10-04 10:34:52 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adtech[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@adtech.de/ Expires : 2014-10-01 13:18:12 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@www3.paypopup[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@www3.paypopup.com/ Expires : 2004-08-21 18:09:28 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@statcounter[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@statcounter.com/ Expires : 2009-10-02 09:45:02 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@realmedia[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@realmedia.com/ Expires : 2011-01-01 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@targetnet[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@targetnet.com/ Expires : 2033-05-18 05:33:20 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@stat.onestat[1].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@stat.onestat.com/ Expires : 2014-10-02 02:00:00 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@revenue[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@revenue.net/ Expires : 2022-06-10 07:05:42 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@trafficmp[2].txt Category : Data Miner Comment : Hits:34 Value : Cookie:johansson@trafficmp.com/ Expires : 2004-09-21 15:12:00 LastSync : Hits:34 UseCount : 0 Hits : 34 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tripod[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@tripod.com/ Expires : 2005-09-20 09:43:36 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@tribalfusion[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@tribalfusion.com/ Expires : 2038-01-01 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@www.paypopup[2].txt Category : Data Miner Comment : Hits:6 Value : Cookie:johansson@www.paypopup.com/ Expires : 2004-09-07 17:34:50 LastSync : Hits:6 UseCount : 0 Hits : 6 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-newsinternational.hitbox[2].txt Category : Data Miner Comment : Hits:20 Value : Cookie:johansson@ehg-newsinternational.hitbox.com/ Expires : 2005-08-02 18:33:14 LastSync : Hits:20 UseCount : 0 Hits : 20 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@advertising[2].txt Category : Data Miner Comment : Hits:24 Value : Cookie:johansson@advertising.com/ Expires : 2009-10-03 20:36:00 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@serving-sys[1].txt Category : Data Miner Comment : Hits:24 Value : Cookie:johansson@serving-sys.com/ Expires : 2038-01-01 07:00:00 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@fortunecity[1].txt Category : Data Miner Comment : Hits:7 Value : Cookie:johansson@fortunecity.com/ Expires : 2011-01-01 02:00:00 LastSync : Hits:7 UseCount : 0 Hits : 7 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@maxserving[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@maxserving.com/ Expires : 2014-09-30 18:27:26 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@bfast[1].txt Category : Data Miner Comment : Hits:7 Value : Cookie:johansson@bfast.com/ Expires : 2024-09-25 18:17:18 LastSync : Hits:7 UseCount : 0 Hits : 7 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-sonypictures.hitbox[2].txt Category : Data Miner Comment : Hits:38 Value : Cookie:johansson@ehg-sonypictures.hitbox.com/ Expires : 2005-08-21 15:05:00 LastSync : Hits:38 UseCount : 0 Hits : 38 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@fastclick[2].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@fastclick.net/ Expires : 2006-09-24 16:31:56 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@mediaplex[1].txt Category : Data Miner Comment : Hits:4 Value : Cookie:johansson@mediaplex.com/ Expires : 2009-06-22 02:00:00 LastSync : Hits:4 UseCount : 0 Hits : 4 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@overture[2].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@overture.com/ Expires : 2014-09-07 17:06:30 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@clickagents[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@clickagents.com/ Expires : 2029-08-20 13:51:12 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@hitbox[1].txt Category : Data Miner Comment : Hits:28 Value : Cookie:johansson@hitbox.com/ Expires : 2005-10-01 13:34:54 LastSync : Hits:28 UseCount : 0 Hits : 28 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adx.adhostcenter[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@adx.adhostcenter.com/ Expires : 2007-04-01 02:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@questionmarket[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@questionmarket.com/ Expires : 2005-11-22 10:46:12 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@cgi-bin[3].txt Category : Data Miner Comment : Hits:11 Value : Cookie:johansson@imrworldwide.com/cgi-bin Expires : 2014-10-03 13:22:50 LastSync : Hits:11 UseCount : 0 Hits : 11 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@doubleclick[1].txt Category : Data Miner Comment : Hits:8 Value : Cookie:johansson@doubleclick.net/ Expires : 2007-10-03 12:57:00 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@bluestreak[1].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@bluestreak.com/ Expires : 2014-09-06 12:54:28 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@casalemedia[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@casalemedia.com/ Expires : 2005-09-22 12:34:28 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@instadia[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@instadia.net/ Expires : 2029-07-04 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@landing.domainsponsor[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@landing.domainsponsor.com/ Expires : 2004-09-25 22:14:40 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@servedby.advertising[2].txt Category : Data Miner Comment : Hits:56 Value : Cookie:johansson@servedby.advertising.com/ Expires : 2004-11-03 20:36:00 LastSync : Hits:56 UseCount : 0 Hits : 56 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@bs.serving-sys[1].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@bs.serving-sys.com/ Expires : 2038-01-01 07:00:00 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@www.adserver.jolt.co[1].txt Category : Data Miner Comment : Hits:11 Value : Cookie:johansson@www.adserver.jolt.co.uk/ Expires : 2004-09-15 07:57:58 LastSync : Hits:11 UseCount : 0 Hits : 11 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@xxxcounter[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@xxxcounter.com/ Expires : 2004-09-25 22:06:54 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[1].txt Category : Data Miner Comment : Hits:24 Value : Cookie:johansson@j.2004cms.com/HTM/561/0 Expires : 2005-10-03 12:48:46 LastSync : Hits:24 UseCount : 0 Hits : 24 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[2].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@jpirate.cjt1.net/HTM/561/0 Expires : 2005-10-03 12:48:46 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[4].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@jbeet.cjt1.net/HTM/598/0 Expires : 2005-09-24 17:02:42 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adserver.filefront[2].txt Category : Data Miner Comment : Hits:29 Value : Cookie:johansson@adserver.filefront.com/ Expires : 2005-08-31 20:08:36 LastSync : Hits:29 UseCount : 0 Hits : 29 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@partners.webmasterplan[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@partners.webmasterplan.com/ Expires : 2004-09-06 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@cgi-bin[2].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@www.3dstats.com/cgi-bin Expires : 2015-02-28 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[4].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@jnova.cjt1.net/HTM/511/0 Expires : 2005-10-03 12:58:38 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@phg.hitbox[1].txt Category : Data Miner Comment : Hits:15 Value : Cookie:johansson@phg.hitbox.com/ Expires : 2005-09-15 17:42:16 LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@web4.realtracker[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@web4.realtracker.com/ Expires : 2007-01-01 01:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@cgi-bin[2].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@www3.addfreestats.com/cgi-bin Expires : 2015-02-28 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@0[3].txt Category : Data Miner Comment : Hits:15 Value : Cookie:johansson@j.2004cms.com/HTM/511/0 Expires : 2005-10-03 12:58:40 LastSync : Hits:15 UseCount : 0 Hits : 15 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@spylog[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@spylog.com/ Expires : 2005-03-15 12:59:48 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@ehg-patheo.hitbox[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@ehg-patheo.hitbox.com/ Expires : 2005-09-16 20:51:04 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@apmebf[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@apmebf.com/ Expires : 2009-08-27 12:48:50 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@domainsponsor[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@domainsponsor.com/ Expires : 2004-09-24 22:44:40 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@msn.adhostcenter[1].txt Category : Data Miner Comment : Hits:9 Value : Cookie:johansson@msn.adhostcenter.com/ Expires : 2007-04-01 02:00:00 LastSync : Hits:9 UseCount : 0 Hits : 9 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@w108.hitbox[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@w108.hitbox.com/ Expires : 2005-09-26 15:32:30 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adnetintads.valuead[1].txt Category : Data Miner Comment : Hits:1 Value : Cookie:johansson@adnetintads.valuead.com/ Expires : 2021-01-01 02:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@servedby.netshelter[1].txt Category : Data Miner Comment : Hits:45 Value : Cookie:johansson@servedby.netshelter.net/ Expires : 2021-06-29 15:48:54 LastSync : Hits:45 UseCount : 0 Hits : 45 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@trafic[1].txt Category : Data Miner Comment : Hits:3 Value : Cookie:johansson@trafic.ro/ Expires : 2037-01-11 16:00:00 LastSync : Hits:3 UseCount : 0 Hits : 3 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@adserver.promokant[2].txt Category : Data Miner Comment : Hits:8 Value : Cookie:johansson@adserver.promokant.com/ Expires : 2034-08-30 11:10:24 LastSync : Hits:8 UseCount : 0 Hits : 8 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@bilbo.counted[2].txt Category : Data Miner Comment : Hits:2 Value : Cookie:johansson@bilbo.counted.com/ Expires : 2005-07-12 12:15:46 LastSync : Hits:2 UseCount : 0 Hits : 2 Tracking Cookie Object Recognized! Type : IECache Entry Data : johansson@redeye.willhill[1].txt Category : Data Miner Comment : Hits:5 Value : Cookie:johansson@redeye.willhill.com/ Expires : 2036-01-01 02:00:00 LastSync : Hits:5 UseCount : 0 Hits : 5 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 77 Objects found so far: 116 Deep scanning and examining files (C:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 116 Deep scanning and examining files (D:) »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 116 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 116 Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 116 19:31:21 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:14:10.282 Objects scanned:179225 Objects identified:77 Objects ignored:0 New critical objects:77 [/log] Jag tog bort alla tracking cookies. Här är den nya HiJack This logen: [log]Logfile of HijackThis v1.98.2 Scan saved at 19:43:26, on 2004-10-05 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program\QuickTime\qttask.exe C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE C:\Program\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE D:\Program\Winamp\winampa.exe C:\WINDOWS\system32\rundll32.exe C:\Program\Zone Labs\ZoneAlarm\zlclient.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\Lexmark X1100 Series\lxbkbmon.exe C:\Program\DLink\Bluetooth-programvara\BTTray.exe C:\Program\GetRight\getright.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe C:\Program\Internet Explorer\iexplore.exe C:\HiJack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [Microsoft Update Machine] wininimil.exe O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\xxcooxw.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunServices: [Microsoft Update Machine] wininimil.exe O4 - HKCU\..\Run: [Microsoft Update Machine] wininimil.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1538D4E0-B2C4-402D-B71A-BA6A04BC7A5D} (PictureChooser.picChooser) - http://direct.fotomenyn.com/direct/PictureChooser.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/013a040a572b5b8c7417/netzip/RdxIE601.cab O16 - DPF: {65F77758-B822-45FB-8F0C-08E85705EC4A} (Upload.ctlUpload) - http://direct.fotomenyn.com/direct/upload.cab O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) - http://www.mophun.com/codebase/mophun.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37 O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - C:\WINDOWS\System32\Qddghl32.dll (file missing)[/log]
  8. Snälla kan ingen berätta om jag har en mask eller inte!!
  9. nej ingen run32.exe fil bara en rundll32.exe. Jag har Panda Antivirus Titanium som uppdateras daglligen.
  10. Jag gick in på microsoftsidan och kollade men min rundll32.exe fil fanns inte med av dem som fanns där.
  11. Jag gjorde en log fil med hijackthis om det kan hjälpa. [log]Logfile of HijackThis v1.97.7 Scan saved at 23:09:35, on 2004-10-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program\QuickTime\qttask.exe C:\Program\iTunes\iTunesHelper.exe C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE C:\Program\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\system32\RUNDLL32.EXE D:\Program\Winamp\winampa.exe C:\Program\Zone Labs\ZoneAlarm\zlclient.exe C:\Program\Lexmark X1100 Series\lxbkbmon.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program\DLink\Bluetooth-programvara\BTTray.exe C:\Program\GetRight\getright.exe C:\Program\WinZip\WZQKPICK.EXE C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe C:\Program\iPod\bin\iPodService.exe C:\Documents and Settings\Johansson\Skrivbord\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe O4 - HKLM\..\Run: [Microsoft Update Machine] wininimil.exe O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\xxcooxw.exe O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe" O4 - HKLM\..\RunServices: [Microsoft Update Machine] wininimil.exe O4 - HKCU\..\Run: [Microsoft Update Machine] wininimil.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm O9 - Extra button: @btrez.dll,-4015 (HKLM) O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 (HKLM) O9 - Extra button: Messenger (HKLM) O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM) O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1538D4E0-B2C4-402D-B71A-BA6A04BC7A5D} (PictureChooser.picChooser) - http://direct.fotomenyn.com/direct/PictureChooser.cab O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/013a040a572b5b8c7417/netzip/RdxIE601.cab O16 - DPF: {65F77758-B822-45FB-8F0C-08E85705EC4A} (Upload.ctlUpload) - http://direct.fotomenyn.com/direct/upload.cab O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38196.5359837963 O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) - http://www.mophun.com/codebase/mophun.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37[/log]
  12. Min dator hade blivit väldigt seg helt plötsligt så jag gick in på aktivitetshanteraren och kollade vad det var för något som använde processorn. Det jag såg då var rundll32.exe som använde ungefär 99% av cpu hela tiden jag hade ingång datorn. Jag förstår att man måste ha den igång för att kunna starta saker men måste den ha 99% hela tiden? Och en annan sak jag upptäckte i aktivitetshanteraren var att jag hade en till rundll32.exe process, men den använde ingenting av cpu. jag har både kollat med panda och ad adware efter något skumt men de har ej hittat något. Sen har jag även 4 st svchost.exe processer ingång om det spelar någon roll. Snälla hjälp mig med mitt problem!!!
×
×
  • Skapa nytt...