Just nu i M3-nätverket
Gå till innehåll

Virus??


Gss

Rekommendera Poster

Har troligen fått ett virus vid namn:funny eller iou (har bara sett dessa namn) Följde råden på lavasofts suport forum för att få bort det men ett problem är kvar ! Alla som är begränsade användare kan inte logga in !? Händer inget bara står och väntar trycker på ctrl alt delet och ett felmeddelande kommer fram Står nått om att den inte hittar rätt värde i registret för den användaren! Kollade iregistret men utan att hitta nått fel ! vad kan detta bero på?

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

 

Har troligen fått ett virus vid namn:funny eller iou (har bara sett dessa namn)Följde råden på lavasofts suport forum för att få bort det men ett problem är kvar !

I vilken del av forumet har du postat och fått hjälp,i den engelska eller svenska delen???

 

Om du vill och har möjlighet så får du återkomma och posta ett inlägg i den svenska delen så skall vi försöka hjälpa dig.

 

MVH/Malou

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

Länk till kommentar
Dela på andra webbplatser

Har inte postat nått där bara läst andras inlägg!

 

tror jag fått bort viruset nu men det andra problemet kvarstår!

 

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

Har inte postat nått där bara läst andras inlägg!

Ok.

Då förstår jag lite bättre.

 

Men varför har du inte postat ett inlägg och bett om att få hjälp?

Inte alltid det hjälper att följa andras inlägg, det är inte säkert att ditt datorproblem är exakt likadant som för den användaren.

 

tror jag fått bort viruset nu men det andra problemet kvarstår!

Lite svårt att svara på då jag inte har någonting att gå på.

Som exempelvis Ad-Awarelog och HJT-log.

Och lite andra olika scanningar.

 

Frågan är bara om hur du vill göra. Posta här på forumet eller posta på lavaforumet?

 

Tala gärna om hur du vill, så skall vi hjälpa dig så långt det är möjligt.

 

MVH/Malou

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

 

Ok.

 

Gör så här så får vi se om vi kan hitta vad det är för något som eventuellt ställer till det.

 

1. Gå till "Lägg till/ta bort program" i "Kontrollpanelen"

2. Ta bort oönskade program (om du hittar några)

 

Gör så här:

Kontrollera att du har rätt version av Ad-Awaren.

Ad-Aware SE Personal 1.05 (Den här är gratis):

 

Ladda ner Ad-Aware till datorn.

Läs/följ anvisningarna noga på sidan du får upp.

Uppdatera till senaste referensfilen innan du kör programmet på datorn:

 

Här hämtar du programmet: Ad-Aware SE Personal 1.05 (Gratis):

http://www.majorgeeks.com/download506.html

Här läser du instruktionerna om hur du ställer in programmet:

Ställ in programmet på Full System Scan:

http://www.lavasoftsupport.com/index.php?showtopic=42066

Avaktivera även den här nedanstående:

Inaktivera "Search for negligible risk entries", eftersom dessa objekt (MRU's) inte ses som ett hot.

 

 

 

Gör online-scanningar:

TrendMicro:

http://housecall.trendmicro.com/

Panda-Onlinescanning:

http://www.pandasoftware.com/activescan/com/activescan_principal.htm

 

 

OBS: Det finns en ny version av HiJack This Version 1.98.2

Den kommer zippad. Spara ner zippen till skrivbordet:

 

1: Skapa en mapp direkt under C:Enheten. Döp mappen till något lämpligt (EX: HiJack This).

2: Öppna zippen som du sparat på skrivbordet. Ta tag i HiJack This och dra/flytta över den till den mapp du nyss skapade på C:Enheten.

OBS: Ej kopiera eller skapa genväg:

3: Sedan kasta zippen som du sparat på skrivbordet.

 

http://www.majorgeeks.com/download3155.html

 

Då du gjort ovanstående samt laddat ner HiJack This:

Gör så här:

Bara dubbelklicka så öppnas den. Klicka *scan* och knappen visar *save logfile*. Lägg den någonstans och en textfil kommer upp, kopiera den hit, så får du hjälp att tolka den. Det mesta i logfilen är nödvändiga komponenter, så fixa inget själv.

 

Gör nu en scanning med Ad-Awaren i Full System Scan (ta inte bort något), lägg in loggen här.

Gör en HJT-log (HiJack This) och lägg in loggen, så skall vi ta en titt.

 

MVH/Malou

 

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

[inlägget ändrat 2004-11-11 18:56:39 av malou jansson]

[inlägget ändrat 2004-11-11 19:17:31 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

Här hijack this loggen: Logfile of HijackThis v1.98.2

Scan saved at 20:54:45, on 2004-11-11

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\SYSTEM32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

d:\windows\system32\explorer.exe

d:\windows\explorer.exe

d:\windows\rundll32.exe

d:\windows\system32\IEXPLORE.EXE

D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe

D:\Program\Messenger\msmsgs.exe

D:\Program\Delade filer\Real\Update_OB\realsched.exe

D:\Program\QuickTime\qttask.exe

D:\WINDOWS\system32\rundll32.exe

D:\WINDOWS\system32\crypserv.exe

D:\Program\Internet Explorer\iexplore.exe

D:\WINDOWS\System32\nvsvc32.exe

D:\WINDOWS\system32\pctspk.exe

D:\WINDOWS\system32\wscntfy.exe

D:\Program\Lavasoft\Ad-aware 6\Ad-aware.exe

D:\HiJack This\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit32.exe,

O1 - Hosts: 222.89.98.219 www.wo365.com

O1 - Hosts: 222.89.98.219 cmfu.com

O1 - Hosts: 222.89.98.219 www.cmfu.com

O1 - Hosts: 222.89.98.219 9i0.com

O1 - Hosts: 222.89.98.219 www.9flash.com

O1 - Hosts: 222.89.98.219 9flash.com

O1 - Hosts: 222.89.98.219 www.nowok.net

O1 - Hosts: 222.89.98.219 nowok.net

O1 - Hosts: 222.89.98.219 wisa.com.cn

O1 - Hosts: 222.89.98.219 www.sia.com.cn

O1 - Hosts: 222.89.98.219 www.wisa.cn

O1 - Hosts: 222.89.98.219 wisa.cn

O1 - Hosts: 222.89.98.219 www.zhao99.com

O1 - Hosts: 222.89.98.219 zhao99.com

O1 - Hosts: 222.89.98.219 www.wo123.com

O1 - Hosts: 222.89.98.219 wo123.com

O1 - Hosts: 222.89.98.219 wo99.com

O1 - Hosts: 222.89.98.219 www.wo99.com

O1 - Hosts: 222.89.98.219 www.page.com.cn

O1 - Hosts: 222.89.98.219 page.com.cn

O1 - Hosts: 222.89.98.219 www.432.cn

O1 - Hosts: 222.89.98.219 432.cn

O1 - Hosts: 222.89.98.219 wysw.com

O1 - Hosts: 222.89.98.219 14.com.cn

O1 - Hosts: 222.89.98.219 www.14.com.cn

O1 - Hosts: 222.89.98.219 cnww.net

O1 - Hosts: 222.89.98.219 www.mv99.com

O1 - Hosts: 222.89.98.219 mv99.com

O1 - Hosts: 222.89.98.219 www.youav.com

O1 - Hosts: 222.89.98.219 www.mtvav.com

O1 - Hosts: 222.89.98.219 www.98983.com

O1 - Hosts: 222.89.98.219 98983.com

O1 - Hosts: 222.89.98.219 www.114.com.cn

O1 - Hosts: 222.89.98.219 114.com.cn

O1 - Hosts: 222.89.98.219 www.net114.com

O1 - Hosts: 222.89.98.219 www.skywz.com

O1 - Hosts: 222.89.98.219 skywz.com

O1 - Hosts: 222.89.98.219 www.hao6.com

O1 - Hosts: 222.89.98.219 hao6.com

O1 - Hosts: 222.89.98.219 www.678a.com

O1 - Hosts: 222.89.98.219 678a.com

O1 - Hosts: 222.89.98.219 www.7510.com

O1 - Hosts: 222.89.98.219 7510.com

O1 - Hosts: 222.89.98.219 www.zzkan.com

O1 - Hosts: 222.89.98.219 zzkan.com

O1 - Hosts: 222.89.98.219 www.ca183.com

O1 - Hosts: 222.89.98.219 ca183.com

O1 - Hosts: 222.89.98.219 3tom.com

O1 - Hosts: 222.89.98.219 www.yhjm.com

O1 - Hosts: 222.89.98.219 yhjm.com

O1 - Hosts: 222.89.98.219 www.k369.com

O1 - Hosts: 222.89.98.219 www.xxwww.com

O1 - Hosts: 222.89.98.219 xxwww.com

O1 - Hosts: 222.89.98.219 www.fm1000.net

O1 - Hosts: 222.89.98.219 fm1000.net

O1 - Hosts: 222.89.98.219 www.ok135.com

O1 - Hosts: 222.89.98.219 ok135.com

O1 - Hosts: 222.89.98.219 www.link999.com

O1 - Hosts: 222.89.98.219 link999.com

O1 - Hosts: 222.89.98.219 www.001wz.com

O1 - Hosts: 222.89.98.219 001wz.com

O1 - Hosts: 222.89.98.219 www.7t7t.com

O1 - Hosts: 222.89.98.219 7t7t.com

O1 - Hosts: 222.89.98.219 www.7k7k.com

O1 - Hosts: 222.89.98.219 7k7k.com

O1 - Hosts: 222.89.98.219 www.webcool.net

O1 - Hosts: 222.89.98.219 webcool.net

O1 - Hosts: 222.89.98.219 www.51sobu.com

O1 - Hosts: 222.89.98.219 51sobu.com

O1 - Hosts: 222.89.98.219 cy.51sobu.com

O1 - Hosts: 222.89.98.219 www.fj3721.com

O1 - Hosts: 222.89.98.219 fj3721.com

O1 - Hosts: 222.89.98.219 www.msncn.com

O1 - Hosts: 222.89.98.219 msncn.com

O1 - Hosts: 222.89.98.219 www.6235.com

O1 - Hosts: 222.89.98.219 6235.com

O1 - Hosts: 222.89.98.219 www.8goo.com

O1 - Hosts: 222.89.98.219 8goo.com

O1 - Hosts: 222.89.98.219 www.baimin.com

O1 - Hosts: 222.89.98.219 baimin.com

O1 - Hosts: 222.89.98.219 www.bwwz.com

O1 - Hosts: 222.89.98.219 bwwz.com

O1 - Hosts: 222.89.98.219 www.howow.net

O1 - Hosts: 222.89.98.219 howow.net

O1 - Hosts: 222.89.98.219 www.tongchi.com

O1 - Hosts: 222.89.98.219 tongchi.com

O1 - Hosts: 222.89.98.219 www.65658.com

O1 - Hosts: 222.89.98.219 65658.com

O1 - Hosts: 222.89.98.219 www.7o7o.com

O1 - Hosts: 222.89.98.219 7o7o.com

O1 - Hosts: 222.89.98.219 5126.net

O1 - Hosts: 222.89.98.219 www.5126.net

O1 - Hosts: 222.89.98.219 www.wangzhiku.com

O1 - Hosts: 222.89.98.219 wangzhiku.com

O1 - Hosts: 222.89.98.219 www.soyeah.com

O1 - Hosts: 222.89.98.219 soyeah.com

O1 - Hosts: 222.89.98.219 www.sowang.cn

O1 - Hosts: 222.89.98.219 sowang.cn

O1 - Hosts: 222.89.98.219 www.77177.com

O1 - Hosts: 222.89.98.219 77177.com

O1 - Hosts: 222.89.98.219 www.look8.net

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - D:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [Windows Automation] mslaugh.exe

O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [iPWDKRYFM] D:\WINDOWS\IPWDKRYFM.exe

O4 - HKLM\..\Run: [kpedyb] D:\WINDOWS\kpedyb.exe

O4 - HKLM\..\Run: [kdwncnot] D:\WINDOWS\kdwncnot.exe

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [ladwpkn] D:\WINDOWS\ladwpkn.exe

O4 - HKLM\..\Run: [ihur] D:\WINDOWS\ihur.exe

O4 - HKLM\..\Run: [qlex] D:\WINDOWS\qlex.exe

O4 - HKLM\..\Run: [TkBellExe] "D:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "D:\Program\QuickTime\qttask.exe" -atboottime

O4 - HKLM\..\Run: [MMSystem] d:\windows\rundll32.exe "d:\windows\system32\mmsystem.dll"", RunDll32

O4 - HKCU\..\Run: [MMSystem] d:\windows\rundll32.exe "d:\windows\system32\mmsystem.dll"", RunDll32

O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZSzeb012

O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRAM\ICQ\ICQ.exe (file missing)

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRAM\ICQ\ICQ.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O12 - Plugin for .dll: D:\Program\Internet Explorer\PLUGINS\npq3plug.dll

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralInitialSetup1.0.0.8.cab

 

Adaware hittade inget!

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS

Adaware hittade inget!

Inte????

Märkligt, har du ställt in den på rätt scanning???

 

Återkommer om en stund då jag är klar med din HJT-log.

Här finns det en hel del att ta i tu med.

 

MVH/Malou

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS

Vi börjar med nedanstående till att börja med, för att få bort så mycket som möjligt.

 

Stäng ner Internet (Logga ut):

Öppna HJT. Klicka på Scan-knappen. Bocka för nedanstående detaljer. Klicka på Fix Checked-knappen.

[FET]

R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - (no file)

 

F2 - REG:system.ini: UserInit=D:\WINDOWS\system32\userinit32.exe,

 

O1 - Hosts: 222.89.98.219 www.wo365.com

O1 - Hosts: 222.89.98.219 cmfu.com

O1 - Hosts: 222.89.98.219 www.cmfu.com

O1 - Hosts: 222.89.98.219 9i0.com

O1 - Hosts: 222.89.98.219 www.9flash.com

O1 - Hosts: 222.89.98.219 9flash.com

O1 - Hosts: 222.89.98.219 www.nowok.net

O1 - Hosts: 222.89.98.219 nowok.net

O1 - Hosts: 222.89.98.219 wisa.com.cn

O1 - Hosts: 222.89.98.219 www.sia.com.cn

O1 - Hosts: 222.89.98.219 www.wisa.cn

O1 - Hosts: 222.89.98.219 wisa.cn

O1 - Hosts: 222.89.98.219 www.zhao99.com

O1 - Hosts: 222.89.98.219 zhao99.com

O1 - Hosts: 222.89.98.219 www.wo123.com

O1 - Hosts: 222.89.98.219 wo123.com

O1 - Hosts: 222.89.98.219 wo99.com

O1 - Hosts: 222.89.98.219 www.wo99.com

O1 - Hosts: 222.89.98.219 www.page.com.cn

O1 - Hosts: 222.89.98.219 page.com.cn

O1 - Hosts: 222.89.98.219 www.432.cn

O1 - Hosts: 222.89.98.219 432.cn

O1 - Hosts: 222.89.98.219 wysw.com

O1 - Hosts: 222.89.98.219 14.com.cn

O1 - Hosts: 222.89.98.219 www.14.com.cn

O1 - Hosts: 222.89.98.219 cnww.net

O1 - Hosts: 222.89.98.219 www.mv99.com

O1 - Hosts: 222.89.98.219 mv99.com

O1 - Hosts: 222.89.98.219 www.youav.com

O1 - Hosts: 222.89.98.219 www.mtvav.com

O1 - Hosts: 222.89.98.219 www.98983.com

O1 - Hosts: 222.89.98.219 98983.com

O1 - Hosts: 222.89.98.219 www.114.com.cn

O1 - Hosts: 222.89.98.219 114.com.cn

O1 - Hosts: 222.89.98.219 www.net114.com

O1 - Hosts: 222.89.98.219 www.skywz.com

O1 - Hosts: 222.89.98.219 skywz.com

O1 - Hosts: 222.89.98.219 www.hao6.com

O1 - Hosts: 222.89.98.219 hao6.com

O1 - Hosts: 222.89.98.219 www.678a.com

O1 - Hosts: 222.89.98.219 678a.com

O1 - Hosts: 222.89.98.219 www.7510.com

O1 - Hosts: 222.89.98.219 7510.com

O1 - Hosts: 222.89.98.219 www.zzkan.com

O1 - Hosts: 222.89.98.219 zzkan.com

O1 - Hosts: 222.89.98.219 www.ca183.com

O1 - Hosts: 222.89.98.219 ca183.com

O1 - Hosts: 222.89.98.219 3tom.com

O1 - Hosts: 222.89.98.219 www.yhjm.com

O1 - Hosts: 222.89.98.219 yhjm.com

O1 - Hosts: 222.89.98.219 www.k369.com

O1 - Hosts: 222.89.98.219 www.xxwww.com

O1 - Hosts: 222.89.98.219 xxwww.com

O1 - Hosts: 222.89.98.219 www.fm1000.net

O1 - Hosts: 222.89.98.219 fm1000.net

O1 - Hosts: 222.89.98.219 www.ok135.com

O1 - Hosts: 222.89.98.219 ok135.com

O1 - Hosts: 222.89.98.219 www.link999.com

O1 - Hosts: 222.89.98.219 link999.com

O1 - Hosts: 222.89.98.219 www.001wz.com

O1 - Hosts: 222.89.98.219 001wz.com

O1 - Hosts: 222.89.98.219 www.7t7t.com

O1 - Hosts: 222.89.98.219 7t7t.com

O1 - Hosts: 222.89.98.219 www.7k7k.com

O1 - Hosts: 222.89.98.219 7k7k.com

O1 - Hosts: 222.89.98.219 www.webcool.net

O1 - Hosts: 222.89.98.219 webcool.net

O1 - Hosts: 222.89.98.219 www.51sobu.com

O1 - Hosts: 222.89.98.219 51sobu.com

O1 - Hosts: 222.89.98.219 cy.51sobu.com

O1 - Hosts: 222.89.98.219 www.fj3721.com

O1 - Hosts: 222.89.98.219 fj3721.com

O1 - Hosts: 222.89.98.219 www.msncn.com

O1 - Hosts: 222.89.98.219 msncn.com

O1 - Hosts: 222.89.98.219 www.6235.com

O1 - Hosts: 222.89.98.219 6235.com

O1 - Hosts: 222.89.98.219 www.8goo.com

O1 - Hosts: 222.89.98.219 8goo.com

O1 - Hosts: 222.89.98.219 www.baimin.com

O1 - Hosts: 222.89.98.219 baimin.com

O1 - Hosts: 222.89.98.219 www.bwwz.com

O1 - Hosts: 222.89.98.219 bwwz.com

O1 - Hosts: 222.89.98.219 www.howow.net

O1 - Hosts: 222.89.98.219 howow.net

O1 - Hosts: 222.89.98.219 www.tongchi.com

O1 - Hosts: 222.89.98.219 tongchi.com

O1 - Hosts: 222.89.98.219 www.65658.com

O1 - Hosts: 222.89.98.219 65658.com

O1 - Hosts: 222.89.98.219 www.7o7o.com

O1 - Hosts: 222.89.98.219 7o7o.com

O1 - Hosts: 222.89.98.219 5126.net

O1 - Hosts: 222.89.98.219 www.5126.net

O1 - Hosts: 222.89.98.219 www.wangzhiku.com

O1 - Hosts: 222.89.98.219 wangzhiku.com

O1 - Hosts: 222.89.98.219 www.soyeah.com

O1 - Hosts: 222.89.98.219 soyeah.com

O1 - Hosts: 222.89.98.219 www.sowang.cn

O1 - Hosts: 222.89.98.219 sowang.cn

O1 - Hosts: 222.89.98.219 www.77177.com

O1 - Hosts: 222.89.98.219 77177.com

O1 - Hosts: 222.89.98.219 www.look8.net

 

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - D:\Program\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)

O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - D:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

 

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -D:\Program\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)

 

O4 - HKLM\..\Run: [Windows Automation] mslaugh.exe

O4 - HKLM\..\Run: [iPWDKRYFM] D:\WINDOWS\IPWDKRYFM.exe

O4 - HKLM\..\Run: [kpedyb] D:\WINDOWS\kpedyb.exe

O4 - HKLM\..\Run: [kdwncnot] D:\WINDOWS\kdwncnot.exe

 

O4 - HKLM\..\Run: [ladwpkn] D:\WINDOWS\ladwpkn.exe

O4 - HKLM\..\Run: [ihur] D:\WINDOWS\ihur.exe

O4 - HKLM\..\Run: [qlex] D:\WINDOWS\qlex.exe

 

O4 - HKLM\..\Run: [MMSystem] d:\windows\rundll32.exe "d:\windows\system32\mmsystem.dll"", RunDll32

O4 - HKCU\..\Run: [MMSystem] d:\windows\rundll32.exe "d:\windows\system32\mmsystem.dll"", RunDll32

 

O8 - Extra context menu item: &Search -

 

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -

[/FET]

Då du gjort ovanstående skall du nu starta om datorn i felsäkert läge (tryck F8 upprepade gånger):

För att hitta de filer du nu skall leta upp, måste du klicka (windowstangent+E) och i verktygsfältet klicka på "Verktyg>mappalternativ" och under "Visa" klicka på "Visa dolda filer och mappar" samt avbocka "dölj filnamstillägg för kända filtyper" och "Dölj skyddade operativsystemfiler"

Sök/leta reda på:

Delita rödmarkerade filer:

Den här ser jag inte var den har lagt sig:

mslaugh.exe<-Delita:

 

D:\WINDOWS\IPWDKRYFM.exe

(IPWDKRYFM.exe)<-Delita:

 

D:\WINDOWS\kpedyb.exe

(kpedyb.exe)<-Delita:

 

D:\WINDOWS\kdwncnot.exe

(kdwncnot.exe)<-Delita:

 

D:\WINDOWS\ladwpkn.exe

(ladwpkn.exe)<-Delita:

 

D:\WINDOWS\ihur.exe

(ihur.exe)<-Delita:

 

D:\WINDOWS\qlex.exe

(qlex.exe)<-Delita

 

OBS: Nedanstående på var den ligger:

d:\windows\rundll32.exe<-Delita

 

[FET]OBS: Den här nedanstående får inte röras:

D:\WINDOWS\system32\rundll32.exe[/FET]

"Töm papperskorgen""Starta om datorn"

 

Gör onlinescanningar: Viktigt:

TrendMicro:

http://housecall.trendmicro.com/

Panda-Onlinescanning:

http://www.pandasoftware.com/activescan/com/activescan_principal.

htm

 

Gör en ny scanning med Ad-Awaren i Full System Scan och lägg in den loggen här.

Gör en ny HJT-log och lägg in

 

MVH/Malou

 

 

 

 

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

[inlägget ändrat 2004-11-11 21:15:32 av malou jansson]

[inlägget ändrat 2004-11-11 21:34:15 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

Hijack this loggen (nya)

 

Logfile of HijackThis v1.98.2

Scan saved at 17:04:15, on 2004-11-12

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

D:\WINDOWS\System32\smss.exe

D:\WINDOWS\SYSTEM32\winlogon.exe

D:\WINDOWS\system32\services.exe

D:\WINDOWS\system32\lsass.exe

D:\WINDOWS\system32\svchost.exe

D:\WINDOWS\System32\svchost.exe

D:\WINDOWS\system32\spoolsv.exe

D:\WINDOWS\Explorer.EXE

D:\WINDOWS\system32\crypserv.exe

D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe

D:\WINDOWS\System32\nvsvc32.exe

D:\WINDOWS\system32\pctspk.exe

D:\Program\Delade filer\Real\Update_OB\realsched.exe

D:\Program\QuickTime\qttask.exe

D:\WINDOWS\system32\rundll32.exe

D:\Program\Internet Explorer\iexplore.exe

D:\Program\Messenger\msmsgs.exe

D:\WINDOWS\system32\wscntfy.exe

D:\HiJack This\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll

O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe

O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [TkBellExe] "D:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [QuickTime Task] "D:\Program\QuickTime\qttask.exe" -atboottime

O9 - Extra button: ICQ Pro - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRAM\ICQ\ICQ.exe (file missing)

O9 - Extra 'Tools' menuitem: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - D:\PROGRAM\ICQ\ICQ.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program\Messenger\msmsgs.exe

O12 - Plugin for .dll: D:\Program\Internet Explorer\PLUGINS\npq3plug.dll

O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab

 

Jag hittade ingetn av filerna du skrev att jag skulle ta bort!

 

Ad aware loggen kommer strax!

 

 

 

 

Länk till kommentar
Dela på andra webbplatser

Adaware loggen!

Här:

Ad-aware Settings

=========================

Set : Activate in-depth scan (Recommended)

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep scan registry

 

 

2004-11-12 17:06:51 - Scan started. (Smart mode)

 

Listing running processes

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ThreadCreationTime : 2004-11-12 14:55:05

BasePriority : Normal

 

 

#:2 [winlogon.exe]

FilePath : \??\D:\WINDOWS\SYSTEM32 ThreadCreationTime : 2004-11-12 14:55:08

BasePriority : High

 

 

#:3 [services.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:08

BasePriority : Normal

FileSize : 105 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : Tj

InternalName : services.exe

OriginalFilename : services.exe

ProductName : Operativsystemet Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:42

 

#:4 [lsass.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:08

BasePriority : Normal

FileSize : 13 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

OriginalFilename : lsass.exe

ProductName : Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:28

 

#:5 [svchost.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:09

BasePriority : Normal

FileSize : 14 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:46

 

#:6 [svchost.exe]

FilePath : D:\WINDOWS\System32 ThreadCreationTime : 2004-11-12 14:55:09

BasePriority : Normal

FileSize : 14 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

OriginalFilename : svchost.exe

ProductName : Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:46

 

#:7 [spoolsv.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:11

BasePriority : Normal

FileSize : 56 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

OriginalFilename : spoolsv.exe

ProductName : Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:46

 

#:8 [explorer.exe]

FilePath : D:\WINDOWS ThreadCreationTime : 2004-11-12 14:55:17

BasePriority : Normal

FileSize : 1008 KB

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

OriginalFilename : EXPLORER.EXE

ProductName : Operativsystemet Microsoft

Created on : 2004-01-20 18:07:50

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:20

 

#:9 [crypserv.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : High

FileSize : 49 KB

Created on : 2004-09-17 14:15:30

Last accessed : 2004-11-11 22:00:00

Last modified : 1997-04-09 15:04:50

 

#:10 [hpztsb07.exe]

FilePath : D:\WINDOWS\System32\spool\drivers\w32x86\3 ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 184 KB

FileVersion : 2,140,0,0

ProductVersion : 2,140,0,0

Copyright : Copyright © Hewlett-Packard Company 1999-2002

CompanyName : HP

ProductName : HP DeskJet

Created on : 2004-01-19 17:28:57

Last accessed : 2004-11-11 22:00:00

Last modified : 2002-11-03 21:02:38

 

#:11 [nvsvc32.exe]

FilePath : D:\WINDOWS\System32 ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 108 KB

FileVersion : 6.14.10.5672

ProductVersion : 6.14.10.5672

Copyright : © NVIDIA Corporation. All rights reserved.

CompanyName : NVIDIA Corporation

FileDescription : NVIDIA Driver Helper Service, Version 56.72

InternalName : NVSVC

OriginalFilename : nvsvc32.exe

ProductName : NVIDIA Driver Helper Service, Version 56.72

Created on : 2004-03-24 08:04:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-03-24 08:04:00

 

#:12 [pctspk.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 84 KB

FileVersion : 4.00

ProductVersion : 4.00

Copyright : Copyright ©PCtel,Inc. 1999-2000

CompanyName : PCtel, Inc.

FileDescription : PCTSPK.EXE

InternalName : PCTSPK.EXE

OriginalFilename : PCTSPK.EXE

ProductName : PCTSPK.EXE

Created on : 2004-01-19 15:10:17

Last accessed : 2004-11-11 22:00:00

Last modified : 2001-09-06 18:33:42

 

#:13 [realsched.exe]

FilePath : D:\Program\Delade filer\Real\Update_OB ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 176 KB

FileVersion : 0.1.0.3034

ProductVersion : 0.1.0.3034

Copyright : Copyright

CompanyName : RealNetworks, Inc.

FileDescription : RealNetworks Scheduler

InternalName : schedapp

OriginalFilename : realsched.exe

ProductName : RealPlayer (32-bit)

Created on : 2004-04-08 15:27:36

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-06-09 21:13:06

 

#:14 [qttask.exe]

FilePath : D:\Program\QuickTime ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 76 KB

FileVersion : 6.4

ProductVersion : QuickTime 6.4

CompanyName : Apple Computer, Inc.

InternalName : QuickTime Task

OriginalFilename : QTTask.exe

ProductName : QuickTime

Created on : 2004-06-24 10:06:31

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-06-24 10:06:32

 

#:15 [rundll32.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:19

BasePriority : Normal

FileSize : 32 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : K

InternalName : rundll

OriginalFilename : RUNDLL.EXE

ProductName : Operativsystemet Microsoft

Created on : 2001-09-28 10:00:00

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:40

 

#:16 [iexplore.exe]

FilePath : D:\Program\Internet Explorer ThreadCreationTime : 2004-11-12 14:55:20

BasePriority : Normal

FileSize : 91 KB

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

OriginalFilename : IEXPLORE.EXE

ProductName : Operativsystemet Microsoft

Created on : 2004-01-20 18:08:10

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:24

 

#:17 [msmsgs.exe]

FilePath : D:\Program\Messenger ThreadCreationTime : 2004-11-12 14:55:21

BasePriority : Normal

FileSize : 1628 KB

FileVersion : 4.7.3000

ProductVersion : Version 4.7.3000

Copyright : Copyright © Microsoft Corporation 2004

CompanyName : Microsoft Corporation

FileDescription : Windows Messenger

InternalName : msmsgs

OriginalFilename : msmsgs.exe

ProductName : Messenger

Created on : 2003-04-14 17:30:14

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:34

 

#:18 [wscntfy.exe]

FilePath : D:\WINDOWS\system32 ThreadCreationTime : 2004-11-12 14:55:25

BasePriority : Normal

FileSize : 13 KB

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

CompanyName : Microsoft Corporation

FileDescription : Windows Security Center Notification App

InternalName : wscntfy.exe

OriginalFilename : wscntfy.exe

ProductName : Microsoft

Created on : 2004-08-04 09:34:51

Last accessed : 2004-11-11 22:00:00

Last modified : 2004-08-04 09:34:52

 

#:19 [ad-aware.exe]

FilePath : D:\Program\Lavasoft\Ad-aware 6 ThreadCreationTime : 2004-11-12 15:06:24

BasePriority : Normal

FileSize : 668 KB

FileVersion : 6.0.1.181

ProductVersion : 6.0.0.0

Copyright : Copyright

CompanyName : Lavasoft Sweden

FileDescription : Ad-aware 6 core application

InternalName : Ad-aware.exe

OriginalFilename : Ad-aware.exe

ProductName : Lavasoft Ad-aware Plus

Created on : 2004-07-01 19:00:18

Last accessed : 2004-11-11 22:00:00

Last modified : 2003-07-12 19:00:20

 

Memory scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 0

 

 

Started registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm4.adm4.1

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm4.adm4

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : CLSID\{def37997-d9c9-4a4b-bf3c-88f99eaceec2}

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm25.adm25.1

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm25.adm25

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : CLSID\{1d3bce37-7834-4579-8169-e67681420a98}

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm.adm.1

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : adm.adm

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : CLSID\{c15b7ea2-a360-43e8-a591-5faedc7c4e1d}

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : TYPELIB\{5830698f-7fc0-40cd-a453-9a0cafdf3a64}

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : signingmodule.signingmodule.1

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : signingmodule.signingmodule

 

 

AltnetBDE Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : CLSID\{9bbcf06c-dcd7-495d-80df-cdd5399d0ff8}

 

 

MyWay.Speedbar Object recognized!

Type : RegKey

Data :

Rootkey : HKEY_CLASSES_ROOT

Object : TYPELIB\{0494d0d0-f8e0-41ad-92a3-14154ece70ac}

 

 

Registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 14

Objects found so far: 14

 

 

Started deep registry scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Deep registry scan result :

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 14

 

 

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Deep scanning and examining files (D:)

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

 

Performing conditional scans..

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

 

Conditional scan result:

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

New objects : 0

Objects found so far: 39

 

 

17:08:20 Scan complete

 

Summary of this scan

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯

Total scanning time :00:01:28:527

Objects scanned :44841

Objects identified :39

Objects ignored :0

New objects :39

 

 

 

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

 

Jag hittade ingetn av filerna du skrev att jag skulle ta bort!

Ok.

Bara bra. HJT-loggen ser otroligt mycket bättre ut. Men lite till går att fixa.

 

Men Ad-Awareloggen ser inte bra ut, så det måste vi åtgärda.

Först så har du inte fått med hela Ad-Awareloggen (första delen av den saknas), samt att du scannat i (Smart mode)

2004-11-12 17:06:51 - Scan started. (Smart mode)

 

Läs/följ instruktionerna på hur du ställer in Ad-Awaren i Full System Scan.

http://www.lavasoftsupport.com/index.php?showtopic=42066

Avaktivera även nedanstående (ofarliga):

Inaktivera "Search for negligible risk entries", eftersom dessa objekt (MRU's) inte ses som ett hot.

Uppdatera till senaste referensfilen innan du scannar:

Gör nu en ny scanning med Ad-Awaren i Full System Scan "Ta inte bort någonting" och lägg in loggen här, så går vi vidare med att rensa så det blir rent och snyggt i Ad-Awaren.

 

MVH/Malou

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

[inlägget ändrat 2004-11-12 17:03:15 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

Nyaste ad aware loggen!

Ad-Aware SE Build 1.05

Logfile Created on:den 12 november 2004 21:07:00

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R18 08.11.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

180Solutions(TAC index:8):10 total references

AltnetBDE(TAC index:4):48 total references

BrilliantDigital(TAC index:6):6 total references

Cydoor(TAC index:7):16 total references

iWon(TAC index:5):100 total references

MyWay.Speedbar(TAC index:0):11 total references

Tracking Cookie(TAC index:3):33 total references

Web3000(TAC index:8):1 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

2004-11-12 21:07:00 - Scan started. (Full System Scan)

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ProcessID : 568

ThreadCreationTime : 2004-11-12 16:54:23

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\D:\WINDOWS\system32 ProcessID : 632

ThreadCreationTime : 2004-11-12 16:54:25

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\D:\WINDOWS\SYSTEM32 ProcessID : 656

ThreadCreationTime : 2004-11-12 16:54:26

BasePriority : High

 

 

#:4 [services.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 708

ThreadCreationTime : 2004-11-12 16:54:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Tjänst- och styrenhetsprogram

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 720

ThreadCreationTime : 2004-11-12 16:54:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 872

ThreadCreationTime : 2004-11-12 16:54:27

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 936

ThreadCreationTime : 2004-11-12 16:54:27

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1028

ThreadCreationTime : 2004-11-12 16:54:27

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1080

ThreadCreationTime : 2004-11-12 16:54:27

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1144

ThreadCreationTime : 2004-11-12 16:54:27

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [spoolsv.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1424

ThreadCreationTime : 2004-11-12 16:54:29

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:12 [crypserv.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1552

ThreadCreationTime : 2004-11-12 16:54:37

BasePriority : High

 

 

#:13 [nvsvc32.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1608

ThreadCreationTime : 2004-11-12 16:54:37

BasePriority : Normal

FileVersion : 6.14.10.5672

ProductVersion : 6.14.10.5672

ProductName : NVIDIA Driver Helper Service, Version 56.72

CompanyName : NVIDIA Corporation

FileDescription : NVIDIA Driver Helper Service, Version 56.72

InternalName : NVSVC

LegalCopyright : © NVIDIA Corporation. All rights reserved.

OriginalFilename : nvsvc32.exe

 

#:14 [pctspk.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1628

ThreadCreationTime : 2004-11-12 16:54:37

BasePriority : Normal

FileVersion : 4.00

ProductVersion : 4.00

ProductName : PCTSPK.EXE

CompanyName : PCtel, Inc.

FileDescription : PCTSPK.EXE

InternalName : PCTSPK.EXE

LegalCopyright : Copyright ©PCtel,Inc. 1999-2000

OriginalFilename : PCTSPK.EXE

 

#:15 [wdfmgr.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1744

ThreadCreationTime : 2004-11-12 16:54:40

BasePriority : Normal

FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)

ProductVersion : 5.2.3790.1230

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows User Mode Driver Manager

InternalName : WdfMgr

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : WdfMgr.exe

 

#:16 [alg.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 2036

ThreadCreationTime : 2004-11-12 16:54:40

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:17 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 3088

ThreadCreationTime : 2004-11-12 17:22:49

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:18 [wscntfy.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 2736

ThreadCreationTime : 2004-11-12 18:46:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows Security Center Notification App

InternalName : wscntfy.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : wscntfy.exe

 

#:19 [explorer.exe]

FilePath : D:\WINDOWS ProcessID : 2484

ThreadCreationTime : 2004-11-12 18:46:23

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : EXPLORER.EXE

 

#:20 [hpztsb07.exe]

FilePath : D:\WINDOWS\System32\spool\drivers\w32x86\3 ProcessID : 376

ThreadCreationTime : 2004-11-12 18:46:24

BasePriority : Normal

FileVersion : 2,140,0,0

ProductVersion : 2,140,0,0

ProductName : HP DeskJet

CompanyName : HP

LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

 

#:21 [realsched.exe]

FilePath : D:\Program\Delade filer\Real\Update_OB ProcessID : 2408

ThreadCreationTime : 2004-11-12 18:46:25

BasePriority : Normal

FileVersion : 0.1.0.3034

ProductVersion : 0.1.0.3034

ProductName : RealPlayer (32-bit)

CompanyName : RealNetworks, Inc.

FileDescription : RealNetworks Scheduler

InternalName : schedapp

LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004

LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.

OriginalFilename : realsched.exe

 

#:22 [rundll32.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 2376

ThreadCreationTime : 2004-11-12 18:46:25

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:23 [qttask.exe]

FilePath : D:\Program\QuickTime ProcessID : 2940

ThreadCreationTime : 2004-11-12 18:46:25

BasePriority : Normal

FileVersion : 6.4

ProductVersion : QuickTime 6.4

ProductName : QuickTime

CompanyName : Apple Computer, Inc.

InternalName : QuickTime Task

LegalCopyright : © Apple Computer, Inc. 2001-2003

OriginalFilename : QTTask.exe

 

#:24 [daemon.exe]

FilePath : C:\Pro\D-Tools ProcessID : 2652

ThreadCreationTime : 2004-11-12 18:46:25

BasePriority : Normal

 

 

#:25 [iexplore.exe]

FilePath : D:\Program\Internet Explorer ProcessID : 140

ThreadCreationTime : 2004-11-12 18:46:29

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : IEXPLORE.EXE

 

#:26 [ad-aware.exe]

FilePath : D:\PROGRAM\LAVASOFT\AD-AWA~2 ProcessID : 3812

ThreadCreationTime : 2004-11-12 19:06:52

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

180Solutions Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : last_conn_h

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : last_conn_l

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : we

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : TimeOffset

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : key_file

 

180Solutions Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions\msbb

Value : boom_ver

 

180Solutions Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_USERS

Object : S-1-5-21-1292428093-507921405-1343024091-1003\software\180solutions

 

AltnetBDE Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}

 

AltnetBDE Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\classes\interface\{e813099d-5529-47f4-9b37-4afafcb00a43}

Value :

 

AltnetBDE Object Recognized!

Type : Regkey

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}

 

AltnetBDE Object Recognized!

Type : RegValue

Data :

Category : Data Miner

Comment :

Rootkey : HKEY_LOCAL_MACHINE

Object : software\classes\interface\{ad5bc1f0-72d8-44b3-8e3d-8e8fecce43fb}

Value :

 

AltnetBDE

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

Såja, den visar en hel del Ad-Awareloggen.

Och för att den skall visa ytterligare saker (kanske), så måste du ställa in den här nedanstående (som saknas)

[RÖD]Memory + processor status:

==========================[/RÖD]

http://www.lavasoftsupport.com/index.php?showtopic=42066

 

Då du gjort ovanstående, så skall vi nu börja rensningen med Ad-Awaren om du så önskar.

 

För att rensa din dator. Öppna/Starta Ad-Aware SE och klicka på Check for updates now.

Vidare, följ nedanstående steg:

En del mappar kan vara gömda, så för att hitta den klicka på (Windowstangent+E) och i verktygsfältet klicka "Verktyg>Mappalternativ" och under "Visa" bocka för "Visa dolda filer och mappar"

 

 

A. Det är viktigt att du "rensar/tömmer" följande mappar (Men ta inte bort själva mappen/mapparna)

Logga ut från Internet (För Bredband/Cabel Användare, det rekommenderas att dra ur nätverkskabeln) och Stäng alla öppna fönster/program.

1. C:\Windows\Temp

2. C:\Documents and Settings\<Ditt Användarnamn>\Local Settings\Temporary Internet Files\ <=Det här tömmer Cachen, Temporära Internetfiler och Cookies.

3. C:\Documents and Settings\<Ditt Användarnamn>\Local Settings\Temp

4. C:\Documents and Settings\<Övrigas användares Användarnamn>\Local Settings\Temporary Internet Files

5. C:\Documents and Settings\<Övriga användares Användarnamn>\Local Settings\Temp

6. Töm "Papperskorgen"

 

B. Starta om datorn. Starta "Öppna/Starta inga program" eller "Starta inte Internet".

1. Öppna/Starta Ad-Aware SE scanna i Full System Scan.

2. När scanningen är klar, välj "Next" (Nästa).

3. Klicka på "Scan Summary" fliken i resultatfönstret.

4. Klicka på + tecknet i boxen "target family" och välj det du vill ta bort/delita.

5. Klicka på Next. Klicka OK.

 

C. Starta om datorn. "Öppna/Starta inga program"

1. Öppna/Starta Ad-Aware SE scanna i Full System Scan.

2. När Scanningen är klar, välj "Next" (Nästa).

3. Klicka på "Scan Summary" fliken i resultatfönstret.

4. Kontrollera alla hittade objekt "Critical Objects" fliken och välj det du vill ta bort/delita.

5. Klicka på Next. Klicka på OK.

6. Starta om datorn och gör en ny scanning med Ad-Awaren i Full System Scan.

Lägg in Ad-Awareloggen här:

 

Lycka till

 

MVH/Malou

 

 

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

 

 

[inlägget ändrat 2004-11-12 21:57:15 av malou jansson]

[inlägget ändrat 2004-11-12 21:57:53 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

 

jag måste ju fråga vad det har för betydelse att ad-adware visar tex hur mycke ledigt minne som finns kvar och vilken cpu som används?

det har ju inget med spyware att göra...

 

????????????

 

[inlägget ändrat 2004-11-12 22:24:42 av 927]

Länk till kommentar
Dela på andra webbplatser

927

[CITAT]jag måste ju fråga vad det har för betydelse att ad-adware visar tex hur mycke ledigt minne som finns kvar och vilken cpu som används?

det har ju inget med spyware att göra...

????????????[/CITAT]

 

Då jag arbetar med en Ad-Awarelog så vill jag ha helheten, så att ingenting missas och eventuellt inte blir synligt i en logg.

 

Det här är mitt sätt att arbeta på när det gäller rensningar med Ad-Adaweren och kommer alltid att så förbli *ler*

 

MVH/Malou

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

[inlägget ändrat 2004-11-12 23:04:29 av malou jansson]

[inlägget ändrat 2004-11-12 23:05:35 av malou jansson]

[inlägget ändrat 2004-11-12 23:06:42 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

 

OM frågeställaren beskriver ett VISST problem, DÅ KAN man ha ha nytta av denna info.

 

om det däremot handlar om tex trojaner och kapad startsida då är denna info totalt ointressant.

eftersom du inte håller med mej så börjar jag ju undra om du verkligen vet vad det är för info som står där och hur man tolkar den.

 

men visst, du gör ju precis som du vill

 

Länk till kommentar
Dela på andra webbplatser

927

 

Det är en sak jag inte förstår:

Varför skall det alltid ifrågasättas och diskuteras i de trådar jag håller på med?

Varför inte hjälpa användaren som har bett om hjälp istället?

 

OM frågeställaren beskriver ett VISST problem, DÅ KAN man ha ha nytta av denna info.

Kan jag hålla med dig om.

 

[CITAT]om det däremot handlar om tex trojaner och kapad startsida då är denna info totalt ointressant.

eftersom du inte håller med mej så börjar jag ju undra om du verkligen vet vad det är för info som står där och hur man tolkar den.[/CITAT]

Jag har inte påstått att jag inte håller med dig (eller har jag)?

Jag vet vad för information som står där och hur den tolkas.

Som jag skrev i mitt inlägg så vill jag ha helheten av en Ad-Awarelog som jag hjälper till med och att det är mitt sätt att jobba på med en Ad-Awarelogg.

Och så kommer det alltid att förbli.

 

men visst, du gör ju precis som du vill

Precis som du har ditt sätt att arbeta på, så har jag mitt sätt att arbeta på. Om du inte kan acceptera det, så är det någonting som jag inte kan göra någonting åt.

 

Jag tycker synd om användaren som har skapat den här tråden och bett om hjälp och skall behöva få sådana här ovidkommande diskutioner i sin tråd istället för att få problemen avhjälpta.

 

MVH/Malou

 

 

 

 

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

 

 

Länk till kommentar
Dela på andra webbplatser

Precis som i alla forum nån som sitter och "förstör" allt *hatar såna*

 

Håller på och fixar nu!

 

 

[inlägget ändrat 2004-11-13 16:19:25 av #GSS]

Länk till kommentar
Dela på andra webbplatser

Senast Ad Aware loggen:

 

Ad-Aware SE Build 1.05

Logfile Created on:den 13 november 2004 17:07:17

Created with Ad-Aware SE Personal, free for private use.

Using definitions file:SE1R18 08.11.2004

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

References detected during the scan:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

MRU List(TAC index:0):68 total references

Tracking Cookie(TAC index:3):10 total references

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Ad-Aware SE Settings

===========================

Set : Search for negligible risk entries

Set : Safe mode (always request confirmation)

Set : Scan active processes

Set : Scan registry

Set : Deep-scan registry

Set : Scan my IE Favorites for banned URLs

Set : Scan my Hosts file

 

Extended Ad-Aware SE Settings

===========================

Set : Unload recognized processes & modules during scan

Set : Scan registry for all users instead of current user only

Set : Always try to unload modules before deletion

Set : During removal, unload Explorer and IE if necessary

Set : Let Windows remove files in use at next reboot

Set : Delete quarantined objects after restoring

Set : Include basic Ad-Aware settings in log file

Set : Include additional Ad-Aware settings in log file

Set : Include reference summary in log file

Set : Include alternate data stream details in log file

Set : Play sound at scan completion if scan locates critical objects

 

 

2004-11-13 17:07:17 - Scan started. (Custom mode)

 

Listing running processes

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

#:1 [smss.exe]

FilePath : \SystemRoot\System32 ProcessID : 568

ThreadCreationTime : 2004-11-13 13:42:18

BasePriority : Normal

 

 

#:2 [csrss.exe]

FilePath : \??\D:\WINDOWS\system32 ProcessID : 632

ThreadCreationTime : 2004-11-13 13:42:20

BasePriority : Normal

 

 

#:3 [winlogon.exe]

FilePath : \??\D:\WINDOWS\SYSTEM32 ProcessID : 656

ThreadCreationTime : 2004-11-13 13:42:21

BasePriority : High

 

 

#:4 [services.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 708

ThreadCreationTime : 2004-11-13 13:42:21

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Tjänst- och styrenhetsprogram

InternalName : services.exe

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : services.exe

 

#:5 [lsass.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 720

ThreadCreationTime : 2004-11-13 13:42:21

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : LSA Shell (Export Version)

InternalName : lsass.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : lsass.exe

 

#:6 [svchost.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 872

ThreadCreationTime : 2004-11-13 13:42:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:7 [svchost.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 936

ThreadCreationTime : 2004-11-13 13:42:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:8 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1028

ThreadCreationTime : 2004-11-13 13:42:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:9 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1076

ThreadCreationTime : 2004-11-13 13:42:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:10 [svchost.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1136

ThreadCreationTime : 2004-11-13 13:42:22

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Generic Host Process for Win32 Services

InternalName : svchost.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : svchost.exe

 

#:11 [spoolsv.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1428

ThreadCreationTime : 2004-11-13 13:42:24

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Spooler SubSystem App

InternalName : spoolsv.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : spoolsv.exe

 

#:12 [crypserv.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1556

ThreadCreationTime : 2004-11-13 13:42:32

BasePriority : High

 

 

#:13 [nvsvc32.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1608

ThreadCreationTime : 2004-11-13 13:42:32

BasePriority : Normal

FileVersion : 6.14.10.5672

ProductVersion : 6.14.10.5672

ProductName : NVIDIA Driver Helper Service, Version 56.72

CompanyName : NVIDIA Corporation

FileDescription : NVIDIA Driver Helper Service, Version 56.72

InternalName : NVSVC

LegalCopyright : © NVIDIA Corporation. All rights reserved.

OriginalFilename : nvsvc32.exe

 

#:14 [pctspk.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 1628

ThreadCreationTime : 2004-11-13 13:42:32

BasePriority : Normal

FileVersion : 4.00

ProductVersion : 4.00

ProductName : PCTSPK.EXE

CompanyName : PCtel, Inc.

FileDescription : PCTSPK.EXE

InternalName : PCTSPK.EXE

LegalCopyright : Copyright ©PCtel,Inc. 1999-2000

OriginalFilename : PCTSPK.EXE

 

#:15 [wdfmgr.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 2040

ThreadCreationTime : 2004-11-13 13:42:36

BasePriority : Normal

FileVersion : 5.2.3790.1230 built by: DNSRV(bld4act)

ProductVersion : 5.2.3790.1230

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows User Mode Driver Manager

InternalName : WdfMgr

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : WdfMgr.exe

 

#:16 [alg.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 1360

ThreadCreationTime : 2004-11-13 13:42:38

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Application Layer Gateway Service

InternalName : ALG.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : ALG.exe

 

#:17 [imapi.exe]

FilePath : D:\WINDOWS\System32 ProcessID : 904

ThreadCreationTime : 2004-11-13 13:42:41

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : API för bildhantering (Image Mastering API)

InternalName : imapi

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : imapi.exe

 

#:18 [explorer.exe]

FilePath : D:\WINDOWS ProcessID : 3224

ThreadCreationTime : 2004-11-13 15:03:22

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Utforskaren

InternalName : explorer

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : EXPLORER.EXE

 

#:19 [wscntfy.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 2328

ThreadCreationTime : 2004-11-13 15:03:23

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Microsoft® Windows® Operating System

CompanyName : Microsoft Corporation

FileDescription : Windows Security Center Notification App

InternalName : wscntfy.exe

LegalCopyright : © Microsoft Corporation. All rights reserved.

OriginalFilename : wscntfy.exe

 

#:20 [hpztsb07.exe]

FilePath : D:\WINDOWS\System32\spool\drivers\w32x86\3 ProcessID : 1224

ThreadCreationTime : 2004-11-13 15:03:25

BasePriority : Normal

FileVersion : 2,140,0,0

ProductVersion : 2,140,0,0

ProductName : HP DeskJet

CompanyName : HP

LegalCopyright : Copyright © Hewlett-Packard Company 1999-2002

 

#:21 [realsched.exe]

FilePath : D:\Program\Delade filer\Real\Update_OB ProcessID : 3380

ThreadCreationTime : 2004-11-13 15:03:25

BasePriority : Normal

FileVersion : 0.1.0.3034

ProductVersion : 0.1.0.3034

ProductName : RealPlayer (32-bit)

CompanyName : RealNetworks, Inc.

FileDescription : RealNetworks Scheduler

InternalName : schedapp

LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004

LegalTrademarks : RealAudio is a trademark of RealNetworks, Inc.

OriginalFilename : realsched.exe

 

#:22 [qttask.exe]

FilePath : D:\Program\QuickTime ProcessID : 3392

ThreadCreationTime : 2004-11-13 15:03:25

BasePriority : Normal

FileVersion : 6.4

ProductVersion : QuickTime 6.4

ProductName : QuickTime

CompanyName : Apple Computer, Inc.

InternalName : QuickTime Task

LegalCopyright : © Apple Computer, Inc. 2001-2003

OriginalFilename : QTTask.exe

 

#:23 [daemon.exe]

FilePath : C:\Pro\D-Tools ProcessID : 3400

ThreadCreationTime : 2004-11-13 15:03:25

BasePriority : Normal

 

 

#:24 [rundll32.exe]

FilePath : D:\WINDOWS\system32 ProcessID : 3124

ThreadCreationTime : 2004-11-13 15:03:26

BasePriority : Normal

FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 5.1.2600.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Kör en DLL-fil som ett program

InternalName : rundll

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : RUNDLL.EXE

 

#:25 [iexplore.exe]

FilePath : D:\Program\Internet Explorer ProcessID : 3504

ThreadCreationTime : 2004-11-13 15:03:27

BasePriority : Normal

FileVersion : 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)

ProductVersion : 6.00.2900.2180

ProductName : Operativsystemet Microsoft® Windows®

CompanyName : Microsoft Corporation

FileDescription : Internet Explorer

InternalName : iexplore

LegalCopyright : © Microsoft Corporation. Med ensamrätt.

OriginalFilename : IEXPLORE.EXE

 

#:26 [ad-aware.exe]

FilePath : D:\Program\Lavasoft\Ad-Aware SE Personal ProcessID : 3780

ThreadCreationTime : 2004-11-13 15:05:54

BasePriority : Normal

FileVersion : 6.2.0.206

ProductVersion : VI.Second Edition

ProductName : Lavasoft Ad-Aware SE

CompanyName : Lavasoft Sweden

FileDescription : Ad-Aware SE Core application

InternalName : Ad-Aware.exe

LegalCopyright : Copyright © Lavasoft Sweden

OriginalFilename : Ad-Aware.exe

Comments : All Rights Reserved

 

Memory scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Registry Scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

 

Started deep registry scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Deep registry scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 0

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\nico mak computing\winzip\filemenu

Description : winzip recently used archives

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\nvidia corporation\global\nview\windowmanagement

Description : nvidia nview cached application window positions

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\applets\wordpad\recent file list

Description : list of recent files opened using wordpad

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list

Description : list of recent files opened using wordpad

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\applets\paint\recent file list

Description : list of files recently opened using microsoft paint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\applets\paint\recent file list

Description : list of files recently opened using microsoft paint

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\explorer\runmru

Description : mru list for items opened in start | run

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\explorer\runmru

Description : mru list for items opened in start | run

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\search assistant\acmru

Description : list of recent search terms used with the search assistant

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\search assistant\acmru

Description : list of recent search terms used with the search assistant

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru

Description : list of recently saved files, stored according to file extension

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru

Description : list of recent programs opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\explorer\recentdocs

Description : list of recent documents opened

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\player\recentfilelist

Description : list of recently used files in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\player\recentfilelist

Description : list of recently used files in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\internet explorer\main

Description : last save directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\realnetworks\realplayer\6.0\preferences

Description : list of recent skins in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\realnetworks\realplayer\6.0\preferences

Description : list of recent skins in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\internet explorer

Description : last download directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\internet explorer

Description : last download directory used in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : software\microsoft\directdraw\mostrecentapplication

Description : most recent application to use microsoft directdraw

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\microsoft management console\recent file list

Description : list of recent snap-ins used in the microsoft management console

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\player\settings

Description : last save as directory used in jasc paint shop pro

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\preferences

Description : last cd record path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\preferences

Description : last cd record path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\internet explorer\typedurls

Description : list of recently entered addresses in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\internet explorer\typedurls

Description : list of recently entered addresses in microsoft internet explorer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\adobe\acrobat reader\6.0\avgeneral\crecentfiles

Description : list of recently used files in adobe reader

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\player\settings

Description : last open directory used in jasc paint shop pro

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct3d

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\preferences

Description : last playlist index loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\preferences

Description : last playlist index loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\realnetworks\realplayer\6.0\preferences

Description : list of recent clips in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\realnetworks\realplayer\6.0\preferences

Description : list of recent clips in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows\currentversion\applets\regedit

Description : last key accessed using the microsoft registry editor

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows\currentversion\applets\regedit

Description : last key accessed using the microsoft registry editor

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\directinput\mostrecentapplication

Description : most recent application to use microsoft directinput

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-19\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-20\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\preferences

Description : last playlist loaded in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\ahead\cover designer\recent file list

Description : list of recently used files in ahead cover designer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\realnetworks\realplayer\6.0\preferences

Description : last login time in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\realnetworks\realplayer\6.0\preferences

Description : last login time in realplayer

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\preferences

Description : last search path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\preferences

Description : last search path used in microsoft windows media player

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\mediaplayer\medialibraryui

Description : last selected node in the microsoft windows media player media library

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\mediaplayer\medialibraryui

Description : last selected node in the microsoft windows media player media library

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : software\microsoft\direct3d\mostrecentapplication

Description : most recent application to use microsoft direct X

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\winrar\dialogedithistory\extrpath

Description : winrar "extract-to" history

 

 

MRU List Object Recognized!

Location: : .DEFAULT\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-18\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1004\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : S-1-5-21-1292428093-507921405-1343024091-1005\software\microsoft\windows media\wmsdk\general

Description : windows media sdk

 

 

MRU List Object Recognized!

Location: : D:\Documents and Settings\Henrik\recent

Description : list of recently opened documents

 

 

 

Started Tracking Cookie scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : henrik@cgi-bin[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:henrik@imrworldwide.com/cgi-bin

Expires : 2009-01-19 01:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : henrik@servedby.advertising[2].txt

Category : Data Miner

Comment : Hits:2

Value : Cookie:henrik@servedby.advertising.com/

Expires : 2004-12-13 14:50:46

LastSync : Hits:2

UseCount : 0

Hits : 2

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : henrik@mediaplex[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:henrik@mediaplex.com/

Expires : 2009-06-22 02:00:00

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : henrik@tradedoubler[1].txt

Category : Data Miner

Comment : Hits:6

Value : Cookie:henrik@tradedoubler.com/

Expires : 2024-11-07 22:03:56

LastSync : Hits:6

UseCount : 0

Hits : 6

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : henrik@advertising[1].txt

Category : Data Miner

Comment : Hits:1

Value : Cookie:henrik@advertising.com/

Expires : 2009-11-12 14:50:44

LastSync : Hits:1

UseCount : 0

Hits : 1

 

Tracking cookie scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 5

Objects found so far: 73

 

 

 

Deep scanning and examining files (C:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Disk Scan Result for C:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 73

 

 

Deep scanning and examining files (D:)

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : nina@cgi-bin[1].txt

Category : Data Miner

Comment :

Value : D:\Documents and Settings\Nina\Cookies\nina@cgi-bin[1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : nina@gator[1].txt

Category : Data Miner

Comment :

Value : D:\Documents and Settings\Nina\Cookies\nina@gator[1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : nina@trafficmp[1].txt

Category : Data Miner

Comment :

Value : D:\Documents and Settings\Nina\Cookies\nina@trafficmp[1].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : nina@revenue[2].txt

Category : Data Miner

Comment :

Value : D:\Documents and Settings\Nina\Cookies\nina@revenue[2].txt

 

Tracking Cookie Object Recognized!

Type : IECache Entry

Data : nina@z1.adserver[1].txt

Category : Data Miner

Comment :

Value : D:\Documents and Settings\Nina\Cookies\nina@z1.adserver[1].txt

 

Disk Scan Result for D:»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 78

 

 

Scanning Hosts file......

Hosts file location:"D:\WINDOWS\system32\drivers\etc\hosts".

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Hosts file scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

1 entries scanned.

New critical objects:0

Objects found so far: 78

 

 

 

 

Performing conditional scans...

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

 

Conditional scan result:

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

New critical objects: 0

Objects found so far: 78

 

17:12:17 Scan Complete

 

Summary Of This Scan

»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Total scanning time:00:04:59.852

Objects scanned:120006

Objects identified:10

Objects ignored:0

New critical objects:10

 

[inlägget ändrat 2004-11-13 16:49:43 av #GSS]

Länk till kommentar
Dela på andra webbplatser

Hej #GSS :)

 

Nu skall jag vara lite jobbig mot dig *ler*

 

Den här nedanstående kan du avaktivera (ofarlig). Tar dessutom en massa onödig plats.

MRU List(TAC index:0):68 total references

Det gör du genom att öppna Ad-Awaren -> klicka på Start-knappen -> här skall du se en prick som är grön(Search for negligible risk entries)-> klicka på den så att den blir röd.

 

Ser även att du har scannat i Custome mod

2004-11-13 17:07:17 - Scan started. (Custom mode). I det här läget så visas inte alla eventuella otrevligheter.

För att ställa in Ad-Awaren på Full System Scan. Öppna Ad-Awaren -> klicka på Start-knappen -> här väljer du att bocka i rutan Performe Full System Scan.

Ad-AwareInställningar:

http://www.lavasoftsupport.com/index.php?showtopic=42066

 

 

Skulle du nu vilja göra om scanningen med Ad-Awaren i Full System Scan och kopiera in den loggen här, så får vi se om den är ren från skräp.

 

MVH/Malou

 

 

***** Ha En Fortsatt Underbar Dag *****

 

Team Lavasoft

Lavasupporten

 

 

 

[inlägget ändrat 2004-11-13 17:17:20 av malou jansson]

[inlägget ändrat 2004-11-13 17:18:10 av malou jansson]

[inlägget ändrat 2004-11-13 17:22:43 av malou jansson]

Länk till kommentar
Dela på andra webbplatser

Ja nog ser loggen bra mycket bättre ut nu än den gjorde från början även om den är körd i custom mode. Dne här loggen ser väl ganska ren ut så när som på några tracking-cockies tycker jag.

 

Om jag får lägga mig i tråden skulle jag nog först gå till kontrollpanelen och internet-alternativ och radera cockies och temporära internet-filer innan jag gjorde en ny full system scan med AdAware.

 

 

[inlägget ändrat 2004-11-13 17:24:18 av Metalmaid]

Länk till kommentar
Dela på andra webbplatser

Arkiverat

Det här ämnet är nu arkiverat och är stängt för ytterligare svar.

×
×
  • Skapa nytt...