Just nu i M3-nätverket
Gå till innehåll
hjälp

Rundll32.exe,segt

Rekommendera Poster

Min dator hade blivit väldigt seg helt plötsligt så jag gick in på aktivitetshanteraren och kollade vad det var för något som använde processorn.

Det jag såg då var rundll32.exe som använde ungefär 99% av cpu hela tiden jag hade ingång datorn.

Jag förstår att man måste ha den igång för att kunna starta saker men måste den ha 99% hela tiden?

Och en annan sak jag upptäckte i aktivitetshanteraren var att jag hade en till rundll32.exe process, men den använde ingenting av cpu.

jag har både kollat med panda och ad adware efter något skumt men de har ej hittat något.

Sen har jag även 4 st svchost.exe processer ingång om det spelar någon roll.

Snälla hjälp mig med mitt problem!!!

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag gjorde en log fil med hijackthis om det kan hjälpa.

 

 

[log]Logfile of HijackThis v1.97.7

Scan saved at 23:09:35, on 2004-10-02

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\GSICON.EXE

C:\WINDOWS\system32\dslagent.exe

C:\Program\QuickTime\qttask.exe

C:\Program\iTunes\iTunesHelper.exe

C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE

C:\Program\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\RUNDLL32.EXE

D:\Program\Winamp\winampa.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\Program\Lexmark X1100 Series\lxbkbmon.exe

C:\WINDOWS\system32\rundll32.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\DLink\Bluetooth-programvara\BTTray.exe

C:\Program\GetRight\getright.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE

C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe

C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe

C:\Program\iPod\bin\iPodService.exe

C:\Documents and Settings\Johansson\Skrivbord\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe

O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] wininimil.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\xxcooxw.exe

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\RunServices: [Microsoft Update Machine] wininimil.exe

O4 - HKCU\..\Run: [Microsoft Update Machine] wininimil.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm

O9 - Extra button: @btrez.dll,-4015 (HKLM)

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 (HKLM)

O9 - Extra button: Messenger (HKLM)

O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)

O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {1538D4E0-B2C4-402D-B71A-BA6A04BC7A5D} (PictureChooser.picChooser) - http://direct.fotomenyn.com/direct/PictureChooser.cab

O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} - http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/013a040a572b5b8c7417/netzip/RdxIE601.cab

O16 - DPF: {65F77758-B822-45FB-8F0C-08E85705EC4A} (Upload.ctlUpload) - http://direct.fotomenyn.com/direct/upload.cab

O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38196.5359837963

O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) - http://www.mophun.com/codebase/mophun.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag kan inte direkt se något som skulle orsaka ditt problem.

 

Lite konstigt är det att en process har versaler och en gemener, men jag vet inte om det är fel. Någon annan kanske vet?

 

 

Kontrollera här att du har en riktig rundll32.exe:

 

http://support.microsoft.com/default.aspx?scid=http%3a%2f%2fsupport.microsoft.com%2fservicedesks%2ffileversion%2fdllinfo.asp&fp=1

 

(Jag får inte riktigt till det med länken)

 

 

 

Du kan också prova med att ladda senaste drivrutiner för Nvidia.

 

 

 

 

 

[inlägget ändrat 2004-10-03 10:11:26 av frippe64]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

 

 

Tråden flyttad till Antivirus & Säkerhet

 

 

---

C:\Eforum\Stefan Eklinder> moderator WindowsXP|

 

Vem är General Failure och varför läser han min hårddisk? - Steven Wright

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Kanske har du fått in en mask.

 

Har du filen run32.exe i ditt system?

 

 

Du har väl ett uppdaterat antivirusprogram!

 

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Inga antivirus skyddar mot allt. Du kan köra en on-line skanning här:

http://housecall.trendmicro.com/housecall/start_corp.asp

 

Enligt den här sidan har du WORM_RBOT.MU

http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_RBOT.MU

Så följ instruktionerna där.

 

Sedan ladda hem den senaste HijackThis versionen 1.98.2, lägg den i en egen mapp under c:, t ex c:\hijackthis\hijackthis.exe, programmet funkar ej tillförlitligt när man rensar om den ligger på skrivbordet.

Skanna och lägg ut en ny loggfil.

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Hjälp :)

 

Ser att du har en gammal version av HiJack This. Ta bort den och hämta hem den nyare versionen.

Lägger länkar information här nedan.

 

 

För att kunna hjälpa dig på bästa sätt och för att komma igång.

Gör nedanstående:

 

Om du har Ad-Aware 6 Version 181, avinstallera den.

Innan den nya Ad-Aware SE installeras, gå till "Start>Kontrollpanelen>Lägg till/Ta bort Program" och avinstallera den äldre AdAware6.

 

Navigera sedan till "C:\Program\Lavasoft\AdAware6" och högerklicka på mappen "AdAware6" och välj "Ta bort". Den nya versionen av AdAware kommer sedan att installeras i "Lavasoft"-mappen.

 

 

 

1. Gå till "Lägg till/ta bort program" i "Kontrollpanelen"

2. Ta bort oönskade program (om du hittar några)

 

 

Gör så här:

 

Ladda ner Ad-Aware till datorn.

Läs/följ anvisningarna noga på sidan du får upp.

Uppdatera till senaste referensfilen innan du kör programmet på datorn:

Det mesta som hittas kan tas bort:

 

Här hämtar du programmet: Ad-Aware SE Personal 1.05 (Gratis):

http://www.majorgeeks.com/download506.html

Här läser du instruktionerna om hur du ställer in programmet:

Ställ in programmet på Full System Scan:

http://www.lavasoftsupport.com/index.php?showtopic=42066

 

 

Gör online-scanningar:

 

TrendMicro:

http://housecall.trendmicro.com/

Panda-Onlinescanning:

http://www.pandasoftware.com/activescan/com/activescan_principal.htm

 

 

OBS: Det finns en ny version av HiJack This Version 1.98.2

Den kommer zippad. Spara ner zippen till skrivbordet:

 

1: Skapa en mapp direkt under C:Enheten. Döp mappen till något lämpligt (EX: HiJack This).

2: Öppna zippen som du sparat på skrivbordet. Ta tag i HiJack This och flytta över den till den mapp du nyss skapade på C:Enheten.

OBS: Ej kopiera eller skapa genväg:

3: Sedan kasta zippen som du sparat på skrivbordet.

 

http://www.majorgeeks.com/download3155.html

 

Då du gjort ovanstående samt laddat ner HiJack This:

Gör så här:

Bara dubbelklicka så öppnas den. Klicka *scan* och knappen visar *save logfile*. Lägg den någonstans och en textfil kommer upp, kopiera den hit, så får du hjälp att tolka den. Det mesta i logfilen är nödvändiga komponenter, så fixa inget själv.

 

 

Då du gjort ovanstående:

Skulle du då vilja kopiera in loggorna från Ad-Aware samt från HJT (HiJack This) hit till tråden. Så skall vi ta en titt

 

MVH/Malou

 

 

 

 

****Ha en fortsatt underbar dag****

 

Team Lavasoft

Lavasupporten

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag gjorde som du sa Malou.

 

här är logen från ad aware:

 

 

[log]Ad-Aware SE Build 1.05

Logfile Created on:den 5 oktober 2004 19:17:10

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R10 28.09.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

MRU List(TAC index:0):39 total references

Tracking Cookie(TAC index:3):77 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

2004-10-05 19:17:10 - Scan started. (Full System Scan)

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nico mak computing\winzip\filemenu

Description : winzip recently used archives

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nvidia corporation\global\nview\windowmanagement

Description : nvidia nview cached application window positions

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\photoshop\7.0\visiteddirs

Description : adobe photoshop 7 recent work folders

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list

Description : list of recent files opened using wordpad

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\paint\recent file list

Description : list of files recently opened using microsoft paint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\search assistant\acmru

Description : list of recent search terms used with the search assistant

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\player\recentfilelist

Description : list of recently used files in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\main

Description : last save directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer

Description : last download directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : software\microsoft\directdraw\mostrecentapplication

Description : most recent application to use microsoft directdraw

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\microsoft management console\recent file list

Description : list of recent snap-ins used in the microsoft management console

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\office\10.0\common\general

Description : list of recently used symbols in microsoft office

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last cd record path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\typedurls

Description : list of recently entered addresses in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\creative tech\creative wavestudio\settings

Description : list of recently used directories in creative wavestudio

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last playlist index loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\regedit

Description : last key accessed using the microsoft registry editor

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-19\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-20\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\winrar\dialogedithistory\extrpath

Description : winrar "extract-to" history

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\Johansson\Application Data\microsoft\office\recent

Description : list of recently opened documents using microsoft office

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\Johansson\recent

Description : list of recently opened documents

 

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ProcessID : 524

ThreadCreationTime : 2004-10-05 16:34:15

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32 ProcessID : 588

ThreadCreationTime : 2004-10-05 16:34:20

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\SYSTEM32 ProcessID : 616

ThreadCreationTime : 2004-10-05 16:34:21

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 660

ThreadCreationTime : 2004-10-05 16:34:21

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Tjänst- och styrenhetsprogram

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 672

ThreadCreationTime : 2004-10-05 16:34:21

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 824

ThreadCreationTime : 2004-10-05 16:34:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 880

ThreadCreationTime : 2004-10-05 16:34:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 920

ThreadCreationTime : 2004-10-05 16:34:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 992

ThreadCreationTime : 2004-10-05 16:34:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1108

ThreadCreationTime : 2004-10-05 16:34:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [explorer.exe]

FilePath : C:\WINDOWS ProcessID : 1316

ThreadCreationTime : 2004-10-05 16:34:24

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : EXPLORER.EXE

 

#:12 [lexbces.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1380

ThreadCreationTime : 2004-10-05 16:34:24

BasePriority : Normal

FileVersion : 8.29

ProductVersion : 8.29

ProductName : MarkVision for Windows (32 bit)

CompanyName : Lexmark International, Inc.

FileDescription : LexBce Service

InternalName : LexBce Service

LegalCopyright : © 1993 - 2003 Lexmark International, Inc.

OriginalFilename : LexBceS.exe

 

#:13 [spoolsv.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1416

ThreadCreationTime : 2004-10-05 16:34:24

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:14 [lexpps.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1424

ThreadCreationTime : 2004-10-05 16:34:24

BasePriority : Normal

FileVersion : 8.29

ProductVersion : 8.29

ProductName : MarkVision for Windows (32 bit)

CompanyName : Lexmark International, Inc.

FileDescription : LEXPPS.EXE

InternalName : LEXPPS

LegalCopyright : © 1993 - 2003 Lexmark International, Inc.

OriginalFilename : LEXPPS.EXE

Comments : MarkVision for Windows '95 New P2P Server (32-bit)

 

#:15 [gsicon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1616

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 3.1.0

ProductVersion : 3.1.0

ProductName : DSL Modem

CompanyName : GlobeSpan, Inc.

FileDescription : DSL Modem Monitor

InternalName : GSICON.EXE

LegalCopyright : Copyright © 2001 GlobeSpan, Inc.

OriginalFilename : GSICON.EXE

 

#:16 [dslagent.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1624

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

 

 

#:17 [qttask.exe]

FilePath : C:\Program\QuickTime ProcessID : 1632

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 6.5.1

ProductVersion : QuickTime 6.5.1

ProductName : QuickTime

CompanyName : Apple Computer, Inc.

InternalName : QuickTime Task

LegalCopyright : © Apple Computer, Inc. 2001-2004

OriginalFilename : QTTask.exe

 

#:18 [apvxdwin.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1640

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 3.06.03

ProductVersion : 2.05.05

ProductName : Panda Antivirus Titanium

CompanyName : Panda Software International

FileDescription : ApVxdWin

InternalName : ApVxdWin.exe

OriginalFilename : ApVxdWin.exe

 

#:19 [lxbkbmgr.exe]

FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1664

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 0.1.1.1

ProductVersion : 0.1.1.1

ProductName : Button Manager Executable

CompanyName : Lexmark International, Inc.

FileDescription : Lexmark X1100 Series Button Manager

InternalName : lxbkbmgr.exe

LegalCopyright : © 2002 Lexmark International, Inc.

OriginalFilename : lxbkbmgr.exe

 

#:20 [rundll32.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1680

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:21 [winampa.exe]

FilePath : D:\Program\Winamp ProcessID : 1696

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

 

 

#:22 [rundll32.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1704

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:23 [zlclient.exe]

FilePath : C:\Program\Zone Labs\ZoneAlarm ProcessID : 1712

ThreadCreationTime : 2004-10-05 16:34:25

BasePriority : Normal

FileVersion : 5.1.033.000

ProductVersion : 5.1.033.000

ProductName : Zone Labs Client

CompanyName : Zone Labs Inc.

FileDescription : Zone Labs Client

InternalName : zlclient

LegalCopyright : Copyright © 1998-2004, Zone Labs Inc.

OriginalFilename : zlclient.exe

 

#:24 [ctfmon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1720

ThreadCreationTime : 2004-10-05 16:34:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : CTF Loader

InternalName : CTFMON

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : CTFMON.EXE

 

#:25 [lxbkbmon.exe]

FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1728

ThreadCreationTime : 2004-10-05 16:34:26

BasePriority : Normal

FileVersion : 0.1.1.1

ProductVersion : 0.1.1.1

ProductName : Button Monitor Executable

CompanyName : Lexmark International, Inc.

FileDescription : Lexmark X1100 Series Button Monitor

InternalName : lxbkbmon.exe

LegalCopyright : © 2002 Lexmark International, Inc.

OriginalFilename : lxbkbmon.exe

 

#:26 [bttray.exe]

FilePath : C:\Program\DLink\Bluetooth-programvara ProcessID : 1752

ThreadCreationTime : 2004-10-05 16:34:26

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Tray Application

InternalName : BTTray

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTTray.exe

 

#:27 [getright.exe]

FilePath : C:\Program\GetRight ProcessID : 1764

ThreadCreationTime : 2004-10-05 16:34:26

BasePriority : Normal

FileVersion : 3.2

ProductVersion : 3.2

ProductName : GetRight

CompanyName : HeadLight Software.

FileDescription : GetRight. www.getright.com

InternalName : GETRIGHT

LegalCopyright : Copyright © 1997-98 HeadLight Software.

OriginalFilename : GETRIGHT.EXE

Comments : GetRight was designed and developed by Michael J Burford.

 

#:28 [wzqkpick.exe]

FilePath : C:\Program\WinZip ProcessID : 1792

ThreadCreationTime : 2004-10-05 16:34:26

BasePriority : Normal

FileVersion : 1.0 (32-bit)

ProductVersion : 8.1 (4319)

ProductName : WinZip

CompanyName : WinZip Computing, Inc.

FileDescription : WinZip Executable

InternalName : WZQKPICK.EXE

LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved

LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc

OriginalFilename : WZQKPICK.EXE

Comments : StringFileInfo: U.S. English

 

#:29 [btstac~1.exe]

FilePath : C:\Program\DLink\BLUETO~1 ProcessID : 148

ThreadCreationTime : 2004-10-05 16:34:30

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Stack COM Server

InternalName : BTStackServer

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTStackServer.exe

 

#:30 [btwdins.exe]

FilePath : C:\Program\DLink\Bluetooth-programvara\bin ProcessID : 332

ThreadCreationTime : 2004-10-05 16:34:31

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Support Server

InternalName : BTWDIns

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTWDIns.EXE

 

#:31 [nvsvc32.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 384

ThreadCreationTime : 2004-10-05 16:34:31

BasePriority : Normal

FileVersion : 6.14.10.6177

ProductVersion : 6.14.10.6177

ProductName : NVIDIA Driver Helper Service, Version 61.77

CompanyName : NVIDIA Corporation

FileDescription : NVIDIA Driver Helper Service, Version 61.77

InternalName : NVSVC

LegalCopyright : © NVIDIA Corporation. All rights reserved.

OriginalFilename : nvsvc32.exe

 

#:32 [pavsrv51.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 420

ThreadCreationTime : 2004-10-05 16:34:32

BasePriority : High

FileVersion : 6, 3, 0, 531

ProductVersion : 6.3

ProductName : Panda Antivirus

CompanyName : Panda Software

FileDescription : Panda Antivirus Service for Windows NT/2000

InternalName : pavsrv

LegalCopyright : Copyright © Panda Software 2003

OriginalFilename : pavsrv.exe

 

#:33 [avengine.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 508

ThreadCreationTime : 2004-10-05 16:34:32

BasePriority : Normal

FileVersion : 6, 3, 0, 492

ProductVersion : 6.3

ProductName : Panda Antivirus Windows NT/2000

CompanyName : Panda Software

FileDescription : Proceso análisis independiente

InternalName : avengine

LegalCopyright : Copyright © Panda Software 1990-2002

OriginalFilename : avengine.exe

 

#:34 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1560

ThreadCreationTime : 2004-10-05 16:34:37

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:35 [vsmon.exe]

FilePath : C:\WINDOWS\system32\ZoneLabs ProcessID : 1128

ThreadCreationTime : 2004-10-05 16:34:38

BasePriority : Normal

FileVersion : 5.1.033.000

ProductVersion : 5.1.033.000

ProductName : TrueVector Service

CompanyName : Zone Labs Inc.

FileDescription : TrueVector Service

InternalName : vsmon

LegalCopyright : Copyright © 1998-2004, Zone Labs Inc.

OriginalFilename : vsmon.exe

 

#:36 [pavproxy.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1800

ThreadCreationTime : 2004-10-05 16:34:38

BasePriority : Normal

FileVersion : 3, 6, 10, 24

ProductVersion : 3, 6, 10, 24

ProductName : Mail Resident

CompanyName : Panda Software

FileDescription : PavProxy

InternalName : PavProxy

LegalCopyright : Copyright © 2002

OriginalFilename : PavProxy.exe

 

#:37 [alg.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 2628

ThreadCreationTime : 2004-10-05 16:34:45

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:38 [iexplore.exe]

FilePath : C:\Program\Internet Explorer ProcessID : 3424

ThreadCreationTime : 2004-10-05 16:41:48

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : IEXPLORE.EXE

 

#:39 [ad-aware.exe]

FilePath : C:\Program\Lavasoft\AD-AWA~1 ProcessID : 2192

ThreadCreationTime : 2004-10-05 17:15:44

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 39

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 39

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 39

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@atdmt[2].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@atdmt.com/

Expires : 2009-09-30 02:00:00

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@zedo[2].txt

Category : Data Miner

Comment : Hits:8

Value : Cookie:johansson@zedo.com/

Expires : 2014-10-02 17:52:28

LastSync : Hits:8

UseCount : 0

Hits : 8

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@2o7[2].txt

Category : Data Miner

Comment : Hits:6

Value : Cookie:johansson@2o7.net/

Expires : 2009-09-26 19:53:32

LastSync : Hits:6

UseCount : 0

Hits : 6

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@as1.falkag[1].txt

Category : Data Miner

Comment : Hits:58

Value : Cookie:johansson@as1.falkag.de/

Expires : 2004-11-02 18:52:54

LastSync : Hits:58

UseCount : 0

Hits : 58

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[1].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@jkazaa.cjt1.net/HTM/276/0

Expires : 2005-08-06 13:51:12

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ehg-idg.hitbox[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@ehg-idg.hitbox.com/

Expires : 2005-08-01 19:31:42

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@tickle[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@tickle.com/

Expires : 2006-08-17 08:51:04

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ehg-ladbrokes.hitbox[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@ehg-ladbrokes.hitbox.com/

Expires : 2005-09-13 09:26:56

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@hg1.hitbox[1].txt

Category : Data Miner

Comment : Hits:11

Value : Cookie:johansson@hg1.hitbox.com/

Expires : 2005-10-01 13:34:54

LastSync : Hits:11

UseCount : 0

Hits : 11

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@n3sport.adhostcenter[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@n3sport.adhostcenter.com/

Expires : 2007-04-01 02:00:00

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@server.iad.liveperson[2].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@server.iad.liveperson.net/

Expires : 2005-10-02 22:45:46

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@valueclick[2].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@valueclick.com/

Expires : 2029-09-22 16:37:12

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ads.multimania.lycos[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@ads.multimania.lycos.fr/

Expires : 2004-08-06 15:46:28

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@tradedoubler[1].txt

Category : Data Miner

Comment : Hits:313

Value : Cookie:johansson@tradedoubler.com/

Expires : 2005-10-02 23:02:50

LastSync : Hits:313

UseCount : 0

Hits : 313

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@gator[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@gator.com/

Expires : 2004-12-03 16:31:56

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@276[1].txt

Category : Data Miner

Comment : Hits:9

Value : Cookie:johansson@jkazaa.cjt1.net/HTM/276

Expires : 2005-08-09 10:13:22

LastSync : Hits:9

UseCount : 0

Hits : 9

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@z1.adserver[1].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@z1.adserver.com/

Expires : 2005-09-21 09:06:58

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@internetfuel[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@internetfuel.com/

Expires : 2013-12-01 16:00:00

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@hc2.humanclick[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@hc2.humanclick.com/

Expires : 2005-10-04 10:34:52

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@adtech[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@adtech.de/

Expires : 2014-10-01 13:18:12

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@www3.paypopup[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@www3.paypopup.com/

Expires : 2004-08-21 18:09:28

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@statcounter[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@statcounter.com/

Expires : 2009-10-02 09:45:02

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@realmedia[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@realmedia.com/

Expires : 2011-01-01 02:00:00

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@targetnet[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@targetnet.com/

Expires : 2033-05-18 05:33:20

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@stat.onestat[1].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@stat.onestat.com/

Expires : 2014-10-02 02:00:00

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@revenue[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@revenue.net/

Expires : 2022-06-10 07:05:42

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@trafficmp[2].txt

Category : Data Miner

Comment : Hits:34

Value : Cookie:johansson@trafficmp.com/

Expires : 2004-09-21 15:12:00

LastSync : Hits:34

UseCount : 0

Hits : 34

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@tripod[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@tripod.com/

Expires : 2005-09-20 09:43:36

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@tribalfusion[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@tribalfusion.com/

Expires : 2038-01-01 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@www.paypopup[2].txt

Category : Data Miner

Comment : Hits:6

Value : Cookie:johansson@www.paypopup.com/

Expires : 2004-09-07 17:34:50

LastSync : Hits:6

UseCount : 0

Hits : 6

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ehg-newsinternational.hitbox[2].txt

Category : Data Miner

Comment : Hits:20

Value : Cookie:johansson@ehg-newsinternational.hitbox.com/

Expires : 2005-08-02 18:33:14

LastSync : Hits:20

UseCount : 0

Hits : 20

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@advertising[2].txt

Category : Data Miner

Comment : Hits:24

Value : Cookie:johansson@advertising.com/

Expires : 2009-10-03 20:36:00

LastSync : Hits:24

UseCount : 0

Hits : 24

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@serving-sys[1].txt

Category : Data Miner

Comment : Hits:24

Value : Cookie:johansson@serving-sys.com/

Expires : 2038-01-01 07:00:00

LastSync : Hits:24

UseCount : 0

Hits : 24

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@fortunecity[1].txt

Category : Data Miner

Comment : Hits:7

Value : Cookie:johansson@fortunecity.com/

Expires : 2011-01-01 02:00:00

LastSync : Hits:7

UseCount : 0

Hits : 7

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@maxserving[2].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@maxserving.com/

Expires : 2014-09-30 18:27:26

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@bfast[1].txt

Category : Data Miner

Comment : Hits:7

Value : Cookie:johansson@bfast.com/

Expires : 2024-09-25 18:17:18

LastSync : Hits:7

UseCount : 0

Hits : 7

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ehg-sonypictures.hitbox[2].txt

Category : Data Miner

Comment : Hits:38

Value : Cookie:johansson@ehg-sonypictures.hitbox.com/

Expires : 2005-08-21 15:05:00

LastSync : Hits:38

UseCount : 0

Hits : 38

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@fastclick[2].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@fastclick.net/

Expires : 2006-09-24 16:31:56

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@mediaplex[1].txt

Category : Data Miner

Comment : Hits:4

Value : Cookie:johansson@mediaplex.com/

Expires : 2009-06-22 02:00:00

LastSync : Hits:4

UseCount : 0

Hits : 4

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@overture[2].txt

Category : Data Miner

Comment : Hits:5

Value : Cookie:johansson@overture.com/

Expires : 2014-09-07 17:06:30

LastSync : Hits:5

UseCount : 0

Hits : 5

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@clickagents[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@clickagents.com/

Expires : 2029-08-20 13:51:12

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@hitbox[1].txt

Category : Data Miner

Comment : Hits:28

Value : Cookie:johansson@hitbox.com/

Expires : 2005-10-01 13:34:54

LastSync : Hits:28

UseCount : 0

Hits : 28

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@adx.adhostcenter[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@adx.adhostcenter.com/

Expires : 2007-04-01 02:00:00

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@questionmarket[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@questionmarket.com/

Expires : 2005-11-22 10:46:12

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@cgi-bin[3].txt

Category : Data Miner

Comment : Hits:11

Value : Cookie:johansson@imrworldwide.com/cgi-bin

Expires : 2014-10-03 13:22:50

LastSync : Hits:11

UseCount : 0

Hits : 11

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@doubleclick[1].txt

Category : Data Miner

Comment : Hits:8

Value : Cookie:johansson@doubleclick.net/

Expires : 2007-10-03 12:57:00

LastSync : Hits:8

UseCount : 0

Hits : 8

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@bluestreak[1].txt

Category : Data Miner

Comment : Hits:5

Value : Cookie:johansson@bluestreak.com/

Expires : 2014-09-06 12:54:28

LastSync : Hits:5

UseCount : 0

Hits : 5

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@casalemedia[1].txt

Category : Data Miner

Comment : Hits:9

Value : Cookie:johansson@casalemedia.com/

Expires : 2005-09-22 12:34:28

LastSync : Hits:9

UseCount : 0

Hits : 9

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@instadia[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@instadia.net/

Expires : 2029-07-04 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@landing.domainsponsor[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@landing.domainsponsor.com/

Expires : 2004-09-25 22:14:40

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@servedby.advertising[2].txt

Category : Data Miner

Comment : Hits:56

Value : Cookie:johansson@servedby.advertising.com/

Expires : 2004-11-03 20:36:00

LastSync : Hits:56

UseCount : 0

Hits : 56

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@bs.serving-sys[1].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@bs.serving-sys.com/

Expires : 2038-01-01 07:00:00

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@www.adserver.jolt.co[1].txt

Category : Data Miner

Comment : Hits:11

Value : Cookie:johansson@www.adserver.jolt.co.uk/

Expires : 2004-09-15 07:57:58

LastSync : Hits:11

UseCount : 0

Hits : 11

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@xxxcounter[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@xxxcounter.com/

Expires : 2004-09-25 22:06:54

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[1].txt

Category : Data Miner

Comment : Hits:24

Value : Cookie:johansson@j.2004cms.com/HTM/561/0

Expires : 2005-10-03 12:48:46

LastSync : Hits:24

UseCount : 0

Hits : 24

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[2].txt

Category : Data Miner

Comment : Hits:5

Value : Cookie:johansson@jpirate.cjt1.net/HTM/561/0

Expires : 2005-10-03 12:48:46

LastSync : Hits:5

UseCount : 0

Hits : 5

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[4].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@jbeet.cjt1.net/HTM/598/0

Expires : 2005-09-24 17:02:42

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@adserver.filefront[2].txt

Category : Data Miner

Comment : Hits:29

Value : Cookie:johansson@adserver.filefront.com/

Expires : 2005-08-31 20:08:36

LastSync : Hits:29

UseCount : 0

Hits : 29

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@partners.webmasterplan[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@partners.webmasterplan.com/

Expires : 2004-09-06

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@cgi-bin[2].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@www.3dstats.com/cgi-bin

Expires : 2015-02-28 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[4].txt

Category : Data Miner

Comment : Hits:5

Value : Cookie:johansson@jnova.cjt1.net/HTM/511/0

Expires : 2005-10-03 12:58:38

LastSync : Hits:5

UseCount : 0

Hits : 5

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@phg.hitbox[1].txt

Category : Data Miner

Comment : Hits:15

Value : Cookie:johansson@phg.hitbox.com/

Expires : 2005-09-15 17:42:16

LastSync : Hits:15

UseCount : 0

Hits : 15

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@web4.realtracker[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@web4.realtracker.com/

Expires : 2007-01-01 01:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@cgi-bin[2].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@www3.addfreestats.com/cgi-bin

Expires : 2015-02-28 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@0[3].txt

Category : Data Miner

Comment : Hits:15

Value : Cookie:johansson@j.2004cms.com/HTM/511/0

Expires : 2005-10-03 12:58:40

LastSync : Hits:15

UseCount : 0

Hits : 15

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@spylog[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@spylog.com/

Expires : 2005-03-15 12:59:48

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@ehg-patheo.hitbox[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@ehg-patheo.hitbox.com/

Expires : 2005-09-16 20:51:04

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@apmebf[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@apmebf.com/

Expires : 2009-08-27 12:48:50

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@domainsponsor[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@domainsponsor.com/

Expires : 2004-09-24 22:44:40

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@msn.adhostcenter[1].txt

Category : Data Miner

Comment : Hits:9

Value : Cookie:johansson@msn.adhostcenter.com/

Expires : 2007-04-01 02:00:00

LastSync : Hits:9

UseCount : 0

Hits : 9

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@w108.hitbox[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@w108.hitbox.com/

Expires : 2005-09-26 15:32:30

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@adnetintads.valuead[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:johansson@adnetintads.valuead.com/

Expires : 2021-01-01 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@servedby.netshelter[1].txt

Category : Data Miner

Comment : Hits:45

Value : Cookie:johansson@servedby.netshelter.net/

Expires : 2021-06-29 15:48:54

LastSync : Hits:45

UseCount : 0

Hits : 45

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@trafic[1].txt

Category : Data Miner

Comment : Hits:3

Value : Cookie:johansson@trafic.ro/

Expires : 2037-01-11 16:00:00

LastSync : Hits:3

UseCount : 0

Hits : 3

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@adserver.promokant[2].txt

Category : Data Miner

Comment : Hits:8

Value : Cookie:johansson@adserver.promokant.com/

Expires : 2034-08-30 11:10:24

LastSync : Hits:8

UseCount : 0

Hits : 8

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@bilbo.counted[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:johansson@bilbo.counted.com/

Expires : 2005-07-12 12:15:46

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : johansson@redeye.willhill[1].txt

Category : Data Miner

Comment : Hits:5

Value : Cookie:johansson@redeye.willhill.com/

Expires : 2036-01-01 02:00:00

LastSync : Hits:5

UseCount : 0

Hits : 5

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 77

Objects found so far: 116

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 116

 

 

Deep scanning and examining files (D:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 116

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 116

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 116

 

19:31:21 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:14:10.282

Objects scanned:179225

Objects identified:77

Objects ignored:0

New critical objects:77

[/log]

 

Jag tog bort alla tracking cookies.

 

Här är den nya HiJack This logen:

 

[log]Logfile of HijackThis v1.98.2

Scan saved at 19:43:26, on 2004-10-05

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\GSICON.EXE

C:\WINDOWS\system32\dslagent.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE

C:\Program\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\RUNDLL32.EXE

D:\Program\Winamp\winampa.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program\Lexmark X1100 Series\lxbkbmon.exe

C:\Program\DLink\Bluetooth-programvara\BTTray.exe

C:\Program\GetRight\getright.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE

C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe

C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe

C:\Program\Internet Explorer\iexplore.exe

C:\HiJack This\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe

O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [Microsoft Update Machine] wininimil.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\xxcooxw.exe

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\RunServices: [Microsoft Update Machine] wininimil.exe

O4 - HKCU\..\Run: [Microsoft Update Machine] wininimil.exe

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {1538D4E0-B2C4-402D-B71A-BA6A04BC7A5D} (PictureChooser.picChooser) - http://direct.fotomenyn.com/direct/PictureChooser.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/013a040a572b5b8c7417/netzip/RdxIE601.cab

O16 - DPF: {65F77758-B822-45FB-8F0C-08E85705EC4A} (Upload.ctlUpload) - http://direct.fotomenyn.com/direct/upload.cab

O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) - http://www.mophun.com/codebase/mophun.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37

O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - C:\WINDOWS\System32\Qddghl32.dll (file missing)[/log]

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Hjälp :)

 

Ad-Awaren verkar inte vara korrekt inställt, den visar inte alla processer.

Du har missat någon inställning då det gäller minnesprocesser. Samt att du inte har avmarkerat MRU List.

Här läser du instruktionerna om hur du ställer in programmet:

Ställ in programmet på Full System Scan:

http://www.lavasoftsupport.com/index.php?showtopic=42066

 

Ang HiJack This:

 

Stäng ner Internet (logga ut):

Öppna HJT. Klicka på Scan-knappen. Bocka för nedanstående detaljer. Klicka på Fix Checked-knappen. Starta om datorn i felsäkert läge /tryck F8 upprepade gånger):

 

[log]O4 - HKLM\..\Run: [Microsoft Update Machine] wininimil.exe

O4 - HKLM\..\Run: [Cryptographic Service] C:\WINDOWS\System32\xxcooxw.exe

O4 - HKLM\..\RunServices: [Microsoft Update Machine] wininimil.exe

O4 - HKCU\..\Run: [Microsoft Update Machine] wininimil.exe

 

O16 - DPF: {1538D4E0-B2C4-402D-B71A-BA6A04BC7A5D} (PictureChooser.picChooser) - http://direct.fotomenyn.com/direct/PictureChooser.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/013a040a572b5b8c7417/netzip/RdxIE601.

cab

O16 - DPF: {65F77758-B822-45FB-8F0C-08E85705EC4A} (Upload.ctlUpload) - http://direct.fotomenyn.com/direct/upload.cab

O16 - DPF: {AE609930-A6EB-4A78-B7DA-B3200705FEBD} (Mophun Control) - http://www.mophun.com/codebase/mophun.cab

 

O21 - SSODL: Web Event Logger - {79FEACFF-FFCE-815E-A900-316290B5B738} - C:\WINDOWS\System32\Qddghl32.dll (file missing)[/log]

Då du gjort ovanstående och startat om datorn i felsäkert läge:

För att hitta de filer du nu skall leta upp, måste du klicka (windowstangent+E) och i verktygsfältet klicka på "Verktyg>mappalternativ" och under "Visa" klicka på "Visa dolda filer och mappar" samt avbocka "dölj filnamstillägg för kända filtyper" och "Dölj skyddade operativsystemfiler"

 

Sök/leta reda på:

C:\WINDOWS\System32\xxcooxw.exe

(xxcooxw.exe)<-Delita:

 

Den här nedanstående får du göra en manuell sökning på. Ser tyvärr inte var den har lagt sig:

wininimil.exe <-Delita:

Töm papperskorgen. Starta om datorn.

 

Vidare tömmer du tempmapparna:

C:\Windows\temp <-Töm tempmappen på innehåll: OBS: Ta ej bort tempmappen:

 

Töm även den här tempmappen:

C:\Documents and settings\Ditt användarnamn\Lokala Inställningar\Temp <-Töm tempmappen på innehåll: OBS: Ta ej bort tempmappen:

Dessutom är den gömd, så att för att hitta den klicka på (Windowstangent+E) och i verktygsfältet klicka "Verktyg>Mappalternativ" och under "Visa" bocka för "Visa dolda filer och mappar"

 

Töm papperskorgen. Starta om datorn.

Kan hända att du får göra om proceduren några gånger beroende på hur mycket som finns i den:

 

Töm även de temporära Internetfilerna, Offlineinnehållet och Cookies.

 

Gör en ny scanning med ett uppdaterat Ad-Aware i Full System Scan, ta inte bort det som hittas. Lägg in loggen här.

Gör en ny HJT-log (HiJack This) och lägg in även den .

 

MVH/Malou

 

****Ha en fortsatt underbar dag****

 

Team Lavasoft

Lavasupporten

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Okej jag ska göra som du säger men länken till ad adware sidan stämmer inte.Det står att "This domain has expiried".

 

hinner inte testa idag, ska göra det imorgon.

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Hjälp :)

 

Okej jag ska göra som du säger men länken till ad adware sidan stämmer inte.Det står att "This domain has expiried".

Jo, jag märkte det precis efter jag postade inlägget här och ville in på mitt forum.

De håller på att uppdaterar forumet, så det kommer väl igång snart hoppas jag.

Vi får vänta till imorgon :)

 

 

Ad-Aware Inställningar. Gör så här:

Öppna Ad-Awaren -> Klicka på Kugghjulet.

 

General-knappen -> Här skall alla prickar vara gröna:

 

Scanning-knappen -> Drivers & Folders -> Scan within archives (grön prick).

I samma fönster -> Memory & Registry -> Alla skall vara gröna:

 

Advanced-knappen -> Logfile Detail Level -> Alla tre skall vara grön:

Klicka på Proced-knappen då du gjort ovanstående inställningar:

Nu är du på startsidan i Ad-Awareprogrammet:

Till vänster Klicka på Scan Now-knappen -> Klicka i Perform Full System Scan. Rödmarkera pricken Search for negligible risk entries (dessa är ofarliga).

Nu starta scanningen.

Då den scannat klart ta inte bort något, lägg in loggen här:Gör en ny HJT-log och lägg in så går vi vidare.

 

 

MVH/Malou

****Ha en fortsatt underbar dag****

 

Team Lavasoft

Lavasupporten

 

 

[inlägget ändrat 2004-10-05 21:44:36 av malou jansson]

[inlägget ändrat 2004-10-05 22:18:40 av malou jansson]

[inlägget ändrat 2004-10-05 22:20:53 av malou jansson]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Jag tror att jag har gjort allt som du skrev men innan körde jag house call trend microscan, den hittade en mask som togs bort.

 

Här är Ad aware logen:[log]

Ad-Aware SE Build 1.05

Logfile Created on:den 6 oktober 2004 18:41:11

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R10 28.09.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

MRU List(TAC index:0):38 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Definition File:

=========================

Definitions File Loaded:

Reference Number : SE1R10 28.09.2004

Internal build : 15

File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref

File size : 352256 Bytes

Total size : 1115088 Bytes

Signature data size : 1091215 Bytes

Reference data size : 23361 Bytes

Signatures total : 30729

Fingerprints total : 203

Fingerprints size : 9194 Bytes

Target categories : 15

Target families : 573

 

 

Memory + processor status:

==========================

Number of processors : 1

Processor architecture : Intel Pentium IV

Memory available:47 %

Total physical memory:523760 kb

Available physical memory:240976 kb

Total page file size:1274940 kb

Available on page file:1035492 kb

Total virtual memory:2097024 kb

Available virtual memory:2047740 kb

OS:Microsoft Windows XP Home Edition Service Pack 2 (Build 2600)

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan within archives

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

2004-10-06 18:41:11 - Scan started. (Full System Scan)

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nico mak computing\winzip\filemenu

Description : winzip recently used archives

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\nvidia corporation\global\nview\windowmanagement

Description : nvidia nview cached application window positions

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\photoshop\7.0\visiteddirs

Description : adobe photoshop 7 recent work folders

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list

Description : list of recent files opened using wordpad

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\paint\recent file list

Description : list of files recently opened using microsoft paint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\search assistant\acmru

Description : list of recent search terms used with the search assistant

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\player\recentfilelist

Description : list of recently used files in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer\main

Description : last save directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\internet explorer

Description : last download directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : software\microsoft\directdraw\mostrecentapplication

Description : most recent application to use microsoft directdraw

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\microsoft management console\recent file list

Description : list of recent snap-ins used in the microsoft management console

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\office\10.0\common\general

Description : list of recently used symbols in microsoft office

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last cd record path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\creative tech\creative wavestudio\settings

Description : list of recently used directories in creative wavestudio

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\adobe\acrobat reader\5.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last playlist index loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows\currentversion\applets\regedit

Description : last key accessed using the microsoft registry editor

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-19\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-20\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\winrar\dialogedithistory\extrpath

Description : winrar "extract-to" history

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1726409691-645757453-568730901-1004\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\Johansson\Application Data\microsoft\office\recent

Description : list of recently opened documents using microsoft office

 

 

MRU List Object Recognized!

Location: : C:\Documents and Settings\Johansson\recent

Description : list of recently opened documents

 

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ProcessID : 528

ThreadCreationTime : 2004-10-06 16:19:18

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\C:\WINDOWS\system32 ProcessID : 596

ThreadCreationTime : 2004-10-06 16:19:21

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\C:\WINDOWS\SYSTEM32 ProcessID : 620

ThreadCreationTime : 2004-10-06 16:19:22

BasePriority : High

 

 

#:4 [services.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 664

ThreadCreationTime : 2004-10-06 16:19:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Tjänst- och styrenhetsprogram

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 676

ThreadCreationTime : 2004-10-06 16:19:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 828

ThreadCreationTime : 2004-10-06 16:19:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 892

ThreadCreationTime : 2004-10-06 16:19:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 936

ThreadCreationTime : 2004-10-06 16:19:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 980

ThreadCreationTime : 2004-10-06 16:19:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 1152

ThreadCreationTime : 2004-10-06 16:19:24

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [lexbces.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1380

ThreadCreationTime : 2004-10-06 16:19:25

BasePriority : Normal

FileVersion : 8.29

ProductVersion : 8.29

ProductName : MarkVision for Windows (32 bit)

CompanyName : Lexmark International, Inc.

FileDescription : LexBce Service

InternalName : LexBce Service

LegalCopyright : © 1993 - 2003 Lexmark International, Inc.

OriginalFilename : LexBceS.exe

 

#:12 [spoolsv.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1408

ThreadCreationTime : 2004-10-06 16:19:25

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:13 [lexpps.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1420

ThreadCreationTime : 2004-10-06 16:19:25

BasePriority : Normal

FileVersion : 8.29

ProductVersion : 8.29

ProductName : MarkVision for Windows (32 bit)

CompanyName : Lexmark International, Inc.

FileDescription : LEXPPS.EXE

InternalName : LEXPPS

LegalCopyright : © 1993 - 2003 Lexmark International, Inc.

OriginalFilename : LEXPPS.EXE

Comments : MarkVision for Windows '95 New P2P Server (32-bit)

 

#:14 [gsicon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1616

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 3.1.0

ProductVersion : 3.1.0

ProductName : DSL Modem

CompanyName : GlobeSpan, Inc.

FileDescription : DSL Modem Monitor

InternalName : GSICON.EXE

LegalCopyright : Copyright © 2001 GlobeSpan, Inc.

OriginalFilename : GSICON.EXE

 

#:15 [dslagent.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1624

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

 

 

#:16 [qttask.exe]

FilePath : C:\Program\QuickTime ProcessID : 1632

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 6.5.1

ProductVersion : QuickTime 6.5.1

ProductName : QuickTime

CompanyName : Apple Computer, Inc.

InternalName : QuickTime Task

LegalCopyright : © Apple Computer, Inc. 2001-2004

OriginalFilename : QTTask.exe

 

#:17 [apvxdwin.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1640

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 3.06.03

ProductVersion : 2.05.05

ProductName : Panda Antivirus Titanium

CompanyName : Panda Software International

FileDescription : ApVxdWin

InternalName : ApVxdWin.exe

OriginalFilename : ApVxdWin.exe

 

#:18 [lxbkbmgr.exe]

FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1648

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 0.1.1.1

ProductVersion : 0.1.1.1

ProductName : Button Manager Executable

CompanyName : Lexmark International, Inc.

FileDescription : Lexmark X1100 Series Button Manager

InternalName : lxbkbmgr.exe

LegalCopyright : © 2002 Lexmark International, Inc.

OriginalFilename : lxbkbmgr.exe

 

#:19 [rundll32.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1664

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:20 [winampa.exe]

FilePath : D:\Program\Winamp ProcessID : 1680

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

 

 

#:21 [zlclient.exe]

FilePath : C:\Program\Zone Labs\ZoneAlarm ProcessID : 1688

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 5.1.033.000

ProductVersion : 5.1.033.000

ProductName : Zone Labs Client

CompanyName : Zone Labs Inc.

FileDescription : Zone Labs Client

InternalName : zlclient

LegalCopyright : Copyright © 1998-2004, Zone Labs Inc.

OriginalFilename : zlclient.exe

 

#:22 [ctfmon.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1696

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : CTF Loader

InternalName : CTFMON

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : CTFMON.EXE

 

#:23 [rundll32.exe]

FilePath : C:\WINDOWS\system32 ProcessID : 1708

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:24 [bttray.exe]

FilePath : C:\Program\DLink\Bluetooth-programvara ProcessID : 1736

ThreadCreationTime : 2004-10-06 16:19:26

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Tray Application

InternalName : BTTray

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTTray.exe

 

#:25 [lxbkbmon.exe]

FilePath : C:\Program\Lexmark X1100 Series ProcessID : 1752

ThreadCreationTime : 2004-10-06 16:19:27

BasePriority : Normal

FileVersion : 0.1.1.1

ProductVersion : 0.1.1.1

ProductName : Button Monitor Executable

CompanyName : Lexmark International, Inc.

FileDescription : Lexmark X1100 Series Button Monitor

InternalName : lxbkbmon.exe

LegalCopyright : © 2002 Lexmark International, Inc.

OriginalFilename : lxbkbmon.exe

 

#:26 [getright.exe]

FilePath : C:\Program\GetRight ProcessID : 1760

ThreadCreationTime : 2004-10-06 16:19:27

BasePriority : Normal

FileVersion : 3.2

ProductVersion : 3.2

ProductName : GetRight

CompanyName : HeadLight Software.

FileDescription : GetRight. www.getright.com

InternalName : GETRIGHT

LegalCopyright : Copyright © 1997-98 HeadLight Software.

OriginalFilename : GETRIGHT.EXE

Comments : GetRight was designed and developed by Michael J Burford.

 

#:27 [wzqkpick.exe]

FilePath : C:\Program\WinZip ProcessID : 1788

ThreadCreationTime : 2004-10-06 16:19:27

BasePriority : Normal

FileVersion : 1.0 (32-bit)

ProductVersion : 8.1 (4319)

ProductName : WinZip

CompanyName : WinZip Computing, Inc.

FileDescription : WinZip Executable

InternalName : WZQKPICK.EXE

LegalCopyright : Copyright © WinZip Computing, Inc. 1991-2001 - All Rights Reserved

LegalTrademarks : WinZip is a registered trademark of WinZip Computing, Inc

OriginalFilename : WZQKPICK.EXE

Comments : StringFileInfo: U.S. English

 

#:28 [btstac~1.exe]

FilePath : C:\Program\DLink\BLUETO~1 ProcessID : 156

ThreadCreationTime : 2004-10-06 16:19:30

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Stack COM Server

InternalName : BTStackServer

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTStackServer.exe

 

#:29 [btwdins.exe]

FilePath : C:\Program\DLink\Bluetooth-programvara\bin ProcessID : 416

ThreadCreationTime : 2004-10-06 16:19:32

BasePriority : Normal

FileVersion : 1.4.2 Build 10

ProductVersion : 1.4.2 Build 10

ProductName : Bluetooth Software 1.4.2 Build 10

CompanyName : WIDCOMM, Inc.

FileDescription : Bluetooth Support Server

InternalName : BTWDIns

LegalCopyright : Copyright WIDCOMM, Inc. 2000-2003.

OriginalFilename : BTWDIns.EXE

 

#:30 [nvsvc32.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 456

ThreadCreationTime : 2004-10-06 16:19:32

BasePriority : Normal

FileVersion : 6.14.10.6177

ProductVersion : 6.14.10.6177

ProductName : NVIDIA Driver Helper Service, Version 61.77

CompanyName : NVIDIA Corporation

FileDescription : NVIDIA Driver Helper Service, Version 61.77

InternalName : NVSVC

LegalCopyright : © NVIDIA Corporation. All rights reserved.

OriginalFilename : nvsvc32.exe

 

#:31 [pavsrv51.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 476

ThreadCreationTime : 2004-10-06 16:19:32

BasePriority : High

FileVersion : 6, 3, 0, 531

ProductVersion : 6.3

ProductName : Panda Antivirus

CompanyName : Panda Software

FileDescription : Panda Antivirus Service for Windows NT/2000

InternalName : pavsrv

LegalCopyright : Copyright © Panda Software 2003

OriginalFilename : pavsrv.exe

 

#:32 [svchost.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 584

ThreadCreationTime : 2004-10-06 16:19:32

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:33 [avengine.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 784

ThreadCreationTime : 2004-10-06 16:19:33

BasePriority : Normal

FileVersion : 6, 3, 0, 492

ProductVersion : 6.3

ProductName : Panda Antivirus Windows NT/2000

CompanyName : Panda Software

FileDescription : Proceso análisis independiente

InternalName : avengine

LegalCopyright : Copyright © Panda Software 1990-2002

OriginalFilename : avengine.exe

 

#:34 [vsmon.exe]

FilePath : C:\WINDOWS\system32\ZoneLabs ProcessID : 1800

ThreadCreationTime : 2004-10-06 16:19:39

BasePriority : Normal

FileVersion : 5.1.033.000

ProductVersion : 5.1.033.000

ProductName : TrueVector Service

CompanyName : Zone Labs Inc.

FileDescription : TrueVector Service

InternalName : vsmon

LegalCopyright : Copyright © 1998-2004, Zone Labs Inc.

OriginalFilename : vsmon.exe

 

#:35 [pavproxy.exe]

FilePath : C:\Program\Panda Software\Panda Antivirus Titanium ProcessID : 1936

ThreadCreationTime : 2004-10-06 16:19:39

BasePriority : Normal

FileVersion : 3, 6, 10, 24

ProductVersion : 3, 6, 10, 24

ProductName : Mail Resident

CompanyName : Panda Software

FileDescription : PavProxy

InternalName : PavProxy

LegalCopyright : Copyright © 2002

OriginalFilename : PavProxy.exe

 

#:36 [alg.exe]

FilePath : C:\WINDOWS\System32 ProcessID : 2636

ThreadCreationTime : 2004-10-06 16:19:47

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:37 [explorer.exe]

FilePath : C:\WINDOWS ProcessID : 3896

ThreadCreationTime : 2004-10-06 16:27:18

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : EXPLORER.EXE

 

#:38 [iexplore.exe]

FilePath : C:\Program\Internet Explorer ProcessID : 2584

ThreadCreationTime : 2004-10-06 16:30:47

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : IEXPLORE.EXE

 

#:39 [ad-aware.exe]

FilePath : C:\Program\Lavasoft\Ad-Aware SE Personal ProcessID : 1212

ThreadCreationTime : 2004-10-06 16:39:07

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

Deep scanning and examining files (D:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

 

Scanning Hosts file......

Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 38

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 38

 

18:53:37 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:12:26.23

Objects scanned:165521

Objects identified:0

Objects ignored:0

New critical objects:0

[/log]

 

Och HJT logen:

 

[log]Logfile of HijackThis v1.98.2

Scan saved at 19:02:59, on 2004-10-06

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\system32\GSICON.EXE

C:\WINDOWS\system32\dslagent.exe

C:\Program\QuickTime\qttask.exe

C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE

C:\Program\Lexmark X1100 Series\lxbkbmgr.exe

C:\WINDOWS\system32\RUNDLL32.EXE

D:\Program\Winamp\winampa.exe

C:\Program\Zone Labs\ZoneAlarm\zlclient.exe

C:\WINDOWS\system32\ctfmon.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program\DLink\Bluetooth-programvara\BTTray.exe

C:\Program\Lexmark X1100 Series\lxbkbmon.exe

C:\Program\GetRight\getright.exe

C:\Program\WinZip\WZQKPICK.EXE

C:\Program\DLink\BLUETO~1\BTSTAC~1.EXE

C:\Program\DLink\Bluetooth-programvara\bin\btwdins.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe

C:\WINDOWS\System32\svchost.exe

C:\Program\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

C:\Program\Panda Software\Panda Antivirus Titanium\pavProxy.exe

C:\WINDOWS\explorer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\HiJack This\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.catweb.nu/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Tele2

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\Updreg.exe

O4 - HKLM\..\Run: [CTStartup] C:\Program\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [Jet Detection] C:\Program\Creative\SBAudigy\PROGRAM\ADGJDet.exe

O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE

O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program\Lexmark X1100 Series\lxbkbmgr.exe"

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [WinampAgent] D:\Program\Winamp\winampa.exe

O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: BTTray.lnk = ?

O4 - Global Startup: GetRight Monitor.lnk = C:\Program\GetRight\getright.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program\WinZip\WZQKPICK.EXE

O8 - Extra context menu item: &Google Search - res://C:\Program\Google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\Program\Google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program\Google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Si&milar Pages - res://C:\Program\Google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Skicka till &Bluetooth - C:\Program\DLink\Bluetooth-programvara\btsendto_ie_ctx.htm

O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program\DLink\Bluetooth-programvara\btsendto_ie.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe

O10 - Broken Internet access because of LSP provider 'xfire_lsp_8742.dll' missing

O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{15D5DB49-FB99-49C4-9DD7-EBFF2EA5E832}: NameServer = 195.67.199.36 195.67.199.37

[/log]

 

Är det okej nu?

Tack för all hjälp!!!

 

---

Jag lade Ad-aware-loggen inom LOG-taggar.

Anders, moderator för Antivirus & Säkerhet

 

[inlägget ändrat 2004-10-07 11:12:29 av Anders N]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Dock så kunde jag inte ta bort en fil i windows/temp som heter ZLT0247e.TMP men det kanske går att ta bort den i felsäkertläge ska jag göra det?

 

Förlåt föresten att jag glömde log tagen till ad aware logen i förra inlägget!

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Om du inte svarat ditt eget inlägg hade du kunnat lägga till den efteråt. Det går att redigera sina egna inlägg så länge ingen har svarat.

 

Nu får vi vänta på att en behörig moderator loggar in på Eforum.

 

/T

Icke behörig moderator

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Hjälp :)

Jag tror att jag har gjort allt som du skrev men innan körde jag house call trend microscan, den hittade en mask som togs bort.

Alldeles utmärkt :thumbsup:

 

 

Dock så kunde jag inte ta bort en fil i windows/temp som heter ZLT0247e.TMP men det kanske går att ta bort den i felsäkertläge ska jag göra det?

Den här ser ut att tillhöra Zone Alarme Brandvägg. Så den är ok.

 

Jag kan inte hitta några otrevligheter eller andra konstigheter i dina loggor mer. Ser rent och snyggt ut numera.

 

Hur mår datorn numera?

Kvarstår problemen?

 

MVH/Malou

****Ha en fortsatt underbar dag****

 

Team Lavasoft

Lavasupporten

 

 

[inlägget ändrat 2004-10-06 20:55:12 av malou jansson]

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Hej Hjälp :)

 

Tackar för poängen och tack för att vi fick hjälpa.

 

Låter toppen att den mår bra :thumbsup:

 

Du har gjort ett bra jobb.

Ha det så bra och var rädd om datorn.

 

MVH/Malou

****Ha en fortsatt underbar dag****

 

Team Lavasoft

Lavasupporten

 

 

Dela detta inlägg


Länk till inlägg
Dela på andra webbplatser

Skapa ett konto eller logga in för att kommentera

Du måste vara medlem för att kunna kommentera

Skapa ett konto

Skapa ett nytt konto på vårt forum. Det är lätt!

Registrera ett nytt konto

Logga in

Redan medlem? Logga in här.

Logga in nu



×
×
  • Skapa nytt...