Hem | Forum | Chatt | Om webbplatsen | Kontakta oss

Behöver hjälp med kapad startsida.

Här läggs de trådar gällande systemrensningar m.m., som är lösta eller som inte har besökts av trådskaparen. Även äldre instruktionsinlägg läggs här. OBS! I den här forumdelen går det inte att posta inlägg. Det går enbart att läsa trådarna.

Behöver hjälp med kapad startsida.

Inläggav Alice66 » lör 03 sep 2005, 13.05

Jag hamnar på : windowx/systemmsblank.html istället för min vanliga startsida. När jag ändrar tillbaka till den det ska vara så ändras den automatiskt till den jag inte vill ha.

Hoppas någon kan hjälpa mig!

Jag har kört ad-ware och HiJack exakt enligt intruktionerna på denna sida och fått följande loggfiler:

Ad-Aware SE Build 1.06r1
Logfile Created on:den 3 september 2005 12:58:08
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Tracking Cookie(TAC index:3):2 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R64 31.08.2005
Internal build : 75
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 515324 Bytes
Total size : 1551493 Bytes
Signature data size : 1518382 Bytes
Reference data size : 32599 Bytes
Signatures total : 43181
CSI Fingerprints total : 1032
CSI data size : 36709 Bytes
Target categories : 15
Target families : 740


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:8 %
Total physical memory:458224 kb
Available physical memory:33600 kb
Total page file size:1084064 kb
Available on page file:738760 kb
Total virtual memory:2097024 kb
Available virtual memory:2045260 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


2005-09-03 12:58:08 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 604
ThreadCreationTime : 2005-09-03 09:56:08
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 680
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 704
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 748
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Tjänst- och styrenhetsprogram
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 956
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1048
ThreadCreationTime : 2005-09-03 09:56:12
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1176
ThreadCreationTime : 2005-09-03 09:56:13
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1232
ThreadCreationTime : 2005-09-03 09:56:13
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1492
ThreadCreationTime : 2005-09-03 09:56:14
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utforskaren
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : EXPLORER.EXE

#:11 [brsvc01a.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1528
ThreadCreationTime : 2005-09-03 09:56:14
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : brother Industries Ltd brsvc01a
CompanyName : brother Industries Ltd
FileDescription : brsvc01a
InternalName : brsvc01a
LegalCopyright : Copyright © Brother Industries, Ltd 2001
OriginalFilename : brsvc01a.exe

#:12 [brss01a.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1560
ThreadCreationTime : 2005-09-03 09:56:14
BasePriority : Normal
FileVersion : 1.004
ProductVersion : 1, 0, 0, 4
ProductName : brother Industries Ltd brss01a.exe
CompanyName : brother Industries Ltd
FileDescription : brss01a.exe
InternalName : brss01a.exe
LegalCopyright : Copyright ? 2001
OriginalFilename : brss01a.exe
Comments : Brsplproc XP wrapper

#:13 [anydvd.exe]
FilePath : C:\Program\SlySoft\AnyDVD\
ProcessID : 1832
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : High


#:14 [daemon.exe]
FilePath : C:\Program\D-Tools\
ProcessID : 1852
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal


#:15 [adeck.exe]
FilePath : C:\Program\VIAudioi\SBADeck\
ProcessID : 1868
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 1.0.0.0
ProductVersion : 5.30c(Jetway)
ProductName : Vinyl Deck
CompanyName : VIA Technologies, Inc.
FileDescription : VIA Codec Control Panel
InternalName : Vinyl Deck

#:16 [qttask.exe]
FilePath : C:\Program\QuickTime\
ProcessID : 1888
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:17 [pccguide.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1912
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCCGuide
InternalName : PCCGuide
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCCGuide

#:18 [pcclient.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1924
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCClient
InternalName : PCClient
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCClient

#:19 [tmoagent.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1936
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : TrendMicro Outbreak agent
InternalName : TMOAgent
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : TMOAgent.EXE

#:20 [jusched.exe]
FilePath : C:\Program\Java\j2re1.4.2_06\bin\
ProcessID : 1952
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal


#:21 [itouch.exe]
FilePath : C:\Program\Logitech\iTouch\
ProcessID : 1964
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 2.20.243
ProductVersion : 2.20.243
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : (C) 1998-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team

#:22 [ituneshelper.exe]
FilePath : C:\Program\iTunes\
ProcessID : 1972
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:23 [regdoctor.exe]
FilePath : C:\Program\RegDoctor\
ProcessID : 1984
ThreadCreationTime : 2005-09-03 09:56:16
BasePriority : Normal
FileVersion : 1.25
ProductVersion : 1.25
ProductName : RegDoctor
CompanyName : RegDoctor
InternalName : RegDoctor
LegalCopyright : Copyright 2005. RegDoctor. All rights reserved.
LegalTrademarks : RegDoctor
OriginalFilename : RegDoctor.exe

#:24 [popcorn72.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2044
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal


#:25 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 220
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:26 [msnmsgr.exe]
FilePath : C:\Program\MSN Messenger\
ProcessID : 232
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal
FileVersion : 6.2.0205
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:27 [logitechdesktopmessenger.exe]
FilePath : C:\Program\Logitech\Desktop Messenger\8876480\Program\
ProcessID : 264
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal
FileVersion : 2.1.2.0
ProductVersion : 2.1.2.0
ProductName : Logitech Desktop Messenger
CompanyName : Logitech
FileDescription : Logitech Desktop Messenger
InternalName : Logitech BackWeb Runner
LegalCopyright : Copyright (C) Logitech 2000-2004. All rights reserved
OriginalFilename : backweb-8876480.exe
Comments : http://www.logitech.com/ldm

#:28 [iconmgr.exe]
FilePath : C:\Program\LightSurf\Common\
ProcessID : 284
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : IconMgr
CompanyName : LightSurf Technologies, Inc.
FileDescription : IconMgr
InternalName : IconMgr
LegalCopyright : Copyright ©2002, LightSurf Technologies, Inc.
OriginalFilename : IconMgr.exe

#:29 [ticicon.exe]
FilePath : C:\Program\LightSurf\Color Indicator\
ProcessID : 292
ThreadCreationTime : 2005-09-03 09:56:17
BasePriority : Normal
FileVersion : 2, 2, 0, 3
ProductVersion : 2, 2, 0, 0
ProductName : Color Indicator system tray application
CompanyName : LightSurf Technologies, Inc.
FileDescription : TICIcon.exe
InternalName : TICIcon.exe
LegalCopyright : Copyright© 1999-2002 LightSurf Technologies, Inc.
LegalTrademarks : All rights reserved

OriginalFilename : TICIcon.exe
Comments : Color Indicator system tray application

#:30 [acrotray.exe]
FilePath : C:\Program\Adobe\Acrobat 6.0\Distillr\
ProcessID : 320
ThreadCreationTime : 2005-09-03 09:56:18
BasePriority : Normal
FileVersion : 6.0.1.2003102300
ProductVersion : 6.0.1.2003102300
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:31 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 412
ThreadCreationTime : 2005-09-03 09:56:20
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:32 [tmntsrv.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 652
ThreadCreationTime : 2005-09-03 09:56:20
BasePriority : Normal
FileVersion : 11.41.0.5021
ProductVersion : 11.41.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : Tmntsrv
InternalName : Tmntsrv
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : Tmntsrv.exe

#:33 [tmproxy.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1124
ThreadCreationTime : 2005-09-03 09:56:23
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : TmProxy.exe
InternalName : TmProxy.exe
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : TmProxy.exe

#:34 [pccpfw.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 2052
ThreadCreationTime : 2005-09-03 09:56:28
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCCPFW
InternalName : PCCPFW
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCCPFW.exe

#:35 [ipodservice.exe]
FilePath : C:\Program\iPod\bin\
ProcessID : 2260
ThreadCreationTime : 2005-09-03 09:56:37
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:36 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 3592
ThreadCreationTime : 2005-09-03 09:57:36
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatiska uppdateringar
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : wuauclt.exe

#:37 [ad-aware.exe]
FilePath : C:\Program\Lavasoft\Ad-Aware SE Personal\
ProcessID : 1788
ThreadCreationTime : 2005-09-03 10:50:52
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:38 [iexplore.exe]
FilePath : C:\Program\Internet Explorer\
ProcessID : 1880
ThreadCreationTime : 2005-09-03 10:51:31
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Internet Explorer
InternalName : iexplore
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : IEXPLORE.EXE

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking Cookie Object Recognized!
Type : IECache Entry
Data : lars@atdmt[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:lars@atdmt.com/
Expires : 2010-09-02 02:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking Cookie Object Recognized!
Type : IECache Entry
Data : lars@cgi-bin[1].txt
TAC Rating : 3
Category : Data Miner
Comment : Hits:1
Value : Cookie:lars@imrworldwide.com/cgi-bin
Expires : 2009-01-19 01:00:00
LastSync : Hits:1
UseCount : 0
Hits : 1

Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 2
Objects found so far: 2



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2


Scanning Hosts file......
Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts".
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
1 entries scanned.
New critical objects:0
Objects found so far: 2




Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 2

13:03:24 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:05:15.434
Objects scanned:112214
Objects identified:2
Objects ignored:0
New critical objects:2


Hijacket log:

Logfile of HijackThis v1.99.1
Scan saved at 13:49:39, on 2005-09-03
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\Program\SlySoft\AnyDVD\AnyDVD.exe
C:\Program\D-Tools\daemon.exe
C:\Program\VIAudioi\SBADeck\ADeck.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Trend Micro\Internet Security\pccguide.exe
C:\Program\Trend Micro\Internet Security\PCClient.exe
C:\Program\Trend Micro\Internet Security\TMOAgent.exe
C:\Program\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program\Logitech\iTouch\iTouch.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\RegDoctor\RegDoctor.exe
C:\WINDOWS\System32\popcorn72.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program\LightSurf\Common\IconMgr.exe
C:\Program\LightSurf\Color Indicator\TICIcon.exe
C:\Program\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program\Trend Micro\Internet Security\tmproxy.exe
C:\Program\Trend Micro\Internet Security\PccPfw.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Microsoft Office\Office10\WINWORD.EXE
C:\Program\Trend Micro\Internet Security\PCCMAIN.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
R3 - URLSearchHook: (no name) - {8E254065-E412-3709-A51B-41DF00B0A1C2} - (no file)
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Program\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AudioDeck] C:\Program\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RegDoctor] "C:\Program\RegDoctor\RegDoctor.exe" -Quick
O4 - HKLM\..\Run: [dmxut.exe] C:\WINDOWS\System32\dmxut.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn72.exe rundll.dll,LoadMouseProfile
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LightSurf.lnk = C:\Program\LightSurf\Common\IconMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Distiller Assistant 3.0.lnk = C:\Acrobat3\Distillr\DISTASST.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zy ... player.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f008.mail.spray.se/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA2BC00D-1A5E-4B76-9FE0-295429C2E99B}: NameServer = 69.50.176.158,85.255.112.8
O18 - Protocol: bw+0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\tmproxy.exe
Alice66
 
Inlägg: 5
Blev medlem: lör 03 sep 2005, 12.57
Ort: Helsingborg

Inläggav Malou » lör 03 sep 2005, 13.12

Hej och välkommen Alice66 :D

Jag flyttar din tråd till Ad-Awaredelen här på forumet (passar lite bättre där) :wink:

Ser att du har en service igång (SvcProc) som vi måste åtgärda (samt lite annat)!

Återkommer alldeles strax till dig då jag skrivit klart en procedur till dig. Håll ut så länge :wink:

MVH/Malou
Malou
 

Inläggav Malou » lör 03 sep 2005, 14.00

Hej Alice66 :D

Då skall vi se vad du skall göra för något :wink:

Ladda ner och spara AboutBuster 5.0 från nedanstående länk till ditt skrivbord.
Den kommer zippad.

http://www.downloads.subratam.org/AboutBuster.zip

Nu skapa en mapp på C:Enheten som du döper till AboutBuster.
Öppna Zippen AboutBuster och installera den till den nya mappen du skapat på C:Enheten.
Starta AboutBuster "Klicka OK" och kontrollera om det finns uppdateringar till programmet. Om det finns "Klicka på Downloads Updates". Finns inga uppdateringar så säger den till och stängs.
Använd/scanna INTE med AboutBuster ännu:

Hämta även hem CCleaner:
Det här programmet städar rent i dina temporära mappar som normalt är dolda för en användare, vidare så städas det i registret.
På nedanstående sida/länk finns infromation om hur du på bästa sätt använder CCleaner samt att där finns en nerladdningslänk:
=> CCleaner V1.23.160
Gör en städning med CCleaner:

******************************************************
Skriv ut nedanstående eller kopiera det till något textdokument som du sparar på skrivbordet:

Öppna aktivitetshanteraren (Ctrl+Alt+Del) och se där om du hittar
svcproc.exe / dmxut.exe <=Om de hittas. Avsluta processerna:
popcorn72.exe <=Nytillkommen. Avsluta processen:

Vidare:
Stäng ner Internet (dra ur nätverkskabeln):
Starta om datorn till felsäkert läge (tryck F8 upprepade gånger under uppstarten):

Gå till "Start" => "Kör" => Skriv i Kör fältet services.msc sen klicka på Ok
Leta efter service med namnet

System Startup Service (SvcProc)

Dubbelklicka på den och sedan Stoppa den
Sedan ändra Startmetod till Inaktiverad
Klicka Verkställ och sedan Ok
Stäng fönstret sen.

Vidare:
Fortfarande felsäkert läge:


Öppna HJT. Klicka på Scan-knappen. Bocka för nedanstående detaljer. Klicka på Fix Checked-knappen:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\System32\msblank.html
R3 - URLSearchHook: (no name) - {8E254065-E412-3709-A51B-41DF00B0A1C2} - (no file)

O1 - Hosts: localhost 127.0.0.1

O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\System32\popcorn72.exe rundll.dll,LoadMouseProfile <=Nytillkommen:
O4 - HKLM\..\Run: [dmxut.exe] C:\WINDOWS\System32\dmxut.exe

O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q330995.exe

O17 - HKLM\System\CCS\Services\Tcpip\..\{EA2BC00D-1A5E-4B76-9FE0-295429C2E99B}: NameServer = 69.50.176.158,85.255.112.8

O18 - Protocol: bw+0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll

O23 - Service: System Startup Service (SvcProc) - Unknown owner - C:\WINDOWS\svcproc.exe (file missing)


Då du gjort ovanstående:

Vidare:
Stanna kvar i felsäkert läge:

För att hitta de filer du nu skall leta upp, måste du klicka (windowstangent+E) och i verktygsfältet klicka på "Verktyg>mappalternativ" och under "Visa" klicka på "Visa dolda filer och mappar" samt avbocka "dölj filnamstillägg för kända filtyper" och "Dölj skyddade operativsystemfiler"

Sök/Leta reda på:
Delita de rödmarkerade filerna:
C:\WINDOWS\System32\msblank.html<=Delita filen:
C:\WINDOWS\System32\dmxut.exe<=Delita filen:
C:\WINDOWS\svcproc.exe<=Delita filen:
C:\WINDOWS\System32\popcorn72.exe <=Nytillkommen: Delita filen:

Töm papperskorgen:

Vidare:
Fortfarande felsäkert läge:


OBS:
Scanna INTE med båda nedanstående samtidigt:

Starta AboutBuster och "Klicka Ok". Det tar en liten stund för den att söka för ett komplett resultat. Då den är klar svara Yes/Ja, AboutBuster scannar nu en andra gång, Klicka Yes/Ja vid closing Explorer (stäng utforskaren).

Gör även en scanning med AAW i Full System Scan, ta bort det den hittar.

Nu:
Starta om datorn till normalläge igen:


OBS:
AboutBuster har nu ändrat din startsida till Google. För att råda bot på detta så skriv in den startsida du vill ha igen.

Nu:
Gör en ny scanning med AAW i Full System Scan, kopiera in loggen hit.
Gör en ny HJT-log, kopiera in även den så går vi vidare med restern om så behöves.

Om du känner dig osäker på någonting så fråga gärna innan du gör något på egen hand och innan du påbörjar proceduren :wink:


Önskar dig lycka till :wink:

MVH/Malou
Senast redigerad av Malou lör 03 sep 2005, 15.30, redigerad totalt 1 gång.
Malou
 

Inläggav Malou » lör 03 sep 2005, 15.28

Hej Alice66 :D

Vill bara göra dig uppmärksam på att jag har uppdaterat mitt ovanstående inlägg med att lägga till en detalj som du skall ta med i proceduren:


Se ovanstående inlägg

MVH/Malou
Malou
 

Tack för det snabba svaret!!

Inläggav Alice66 » lör 03 sep 2005, 20.18

Återkommer med en rapport om hur det gått.

Fortsatt trevlig helg

Alice66
Alice66
 
Inlägg: 5
Blev medlem: lör 03 sep 2005, 12.57
Ort: Helsingborg

Inläggav Malou » lör 03 sep 2005, 20.26

Hej Alice66 :D

Återkommer med en rapport om hur det gått.

Ja tack, väldigt gärna :wink:

PS: Glöm inte att göra nya loggor (efter du gjort procedurerna) och kopiera in dem hit som jag bad om, så vi får se hur det ser ut och om vi behöver gå vidare samt eventuellt ta till några andra verktyg :wink:

Önskar även dig en fortsatt trevlig helg!

MVH/Malou
Malou
 

Här kommer en rapport.

Inläggav Alice66 » sön 04 sep 2005, 15.16

Hej
Nu har jag kört igenom PC enligt intruktionerna. Det enda jag hade pr0blem med var Auto Buster. När jag körde den fick jag inte upp de svarsalternativen som fanns i instruktionen. Jag körde den i alla fall 2 ggr och hoppas att det ändå blev rätt.

Ett stort tack!!

Alice 66

Här kommer de nya loggorna:

Ad-Aware SE Build 1.06r1
Logfile Created on:den 4 september 2005 14:17:28
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R64 31.08.2005
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
None
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Definition File:
=========================
Definitions File Loaded:
Reference Number : SE1R64 31.08.2005
Internal build : 75
File location : C:\Program\Lavasoft\Ad-Aware SE Personal\defs.ref
File size : 515324 Bytes
Total size : 1551493 Bytes
Signature data size : 1518382 Bytes
Reference data size : 32599 Bytes
Signatures total : 43181
CSI Fingerprints total : 1032
CSI data size : 36709 Bytes
Target categories : 15
Target families : 740


Memory + processor status:
==========================
Number of processors : 1
Processor architecture : Intel Pentium III
Memory available:13 %
Total physical memory:458224 kb
Available physical memory:56592 kb
Total page file size:1084064 kb
Available on page file:622104 kb
Total virtual memory:2097024 kb
Available virtual memory:2033536 kb
OS:Microsoft Windows XP Professional Service Pack 1 (Build 2600)

Ad-Aware SE Settings
===========================
Set : Search for low-risk threats
Set : Safe mode (always request confirmation)
Set : Scan active processes
Set : Scan registry
Set : Deep-scan registry
Set : Scan my IE Favorites for banned URLs
Set : Scan my Hosts file

Extended Ad-Aware SE Settings
===========================
Set : Unload recognized processes & modules during scan
Set : Scan registry for all users instead of current user only
Set : Always try to unload modules before deletion
Set : During removal, unload Explorer and IE if necessary
Set : Let Windows remove files in use at next reboot
Set : Delete quarantined objects after restoring
Set : Include basic Ad-Aware settings in log file
Set : Include additional Ad-Aware settings in log file
Set : Include reference summary in log file
Set : Include alternate data stream details in log file
Set : Play sound at scan completion if scan locates critical objects


2005-09-04 14:17:28 - Scan started. (Full System Scan)

Listing running processes
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

#:1 [smss.exe]
FilePath : \SystemRoot\System32\
ProcessID : 616
ThreadCreationTime : 2005-09-04 11:00:00
BasePriority : Normal


#:2 [csrss.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 692
ThreadCreationTime : 2005-09-04 11:00:03
BasePriority : Normal


#:3 [winlogon.exe]
FilePath : \??\C:\WINDOWS\system32\
ProcessID : 716
ThreadCreationTime : 2005-09-04 11:00:03
BasePriority : High


#:4 [services.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 760
ThreadCreationTime : 2005-09-04 11:00:03
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Tjänst- och styrenhetsprogram
InternalName : services.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : services.exe

#:5 [lsass.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 772
ThreadCreationTime : 2005-09-04 11:00:03
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : LSA Shell (Export Version)
InternalName : lsass.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : lsass.exe

#:6 [svchost.exe]
FilePath : C:\WINDOWS\system32\
ProcessID : 956
ThreadCreationTime : 2005-09-04 11:00:03
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:7 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1000
ThreadCreationTime : 2005-09-04 11:00:04
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:8 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1100
ThreadCreationTime : 2005-09-04 11:00:04
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:9 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1168
ThreadCreationTime : 2005-09-04 11:00:04
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:10 [explorer.exe]
FilePath : C:\WINDOWS\
ProcessID : 1400
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 6.00.2800.1106 (xpsp1.020828-1920)
ProductVersion : 6.00.2800.1106
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Utforskaren
InternalName : explorer
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : EXPLORER.EXE

#:11 [brsvc01a.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1428
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 1, 0, 0, 3
ProductVersion : 1, 0, 0, 3
ProductName : brother Industries Ltd brsvc01a
CompanyName : brother Industries Ltd
FileDescription : brsvc01a
InternalName : brsvc01a
LegalCopyright : Copyright © Brother Industries, Ltd 2001
OriginalFilename : brsvc01a.exe

#:12 [brss01a.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1468
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 1.004
ProductVersion : 1, 0, 0, 4
ProductName : brother Industries Ltd brss01a.exe
CompanyName : brother Industries Ltd
FileDescription : brss01a.exe
InternalName : brss01a.exe
LegalCopyright : Copyright ? 2001
OriginalFilename : brss01a.exe
Comments : Brsplproc XP wrapper

#:13 [svchost.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 1712
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 5.1.2600.0 (xpclient.010817-1148)
ProductVersion : 5.1.2600.0
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : Generic Host Process for Win32 Services
InternalName : svchost.exe
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : svchost.exe

#:14 [tmntsrv.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1732
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 11.41.0.5021
ProductVersion : 11.41.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : Tmntsrv
InternalName : Tmntsrv
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : Tmntsrv.exe

#:15 [tmproxy.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 1764
ThreadCreationTime : 2005-09-04 11:00:05
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : TmProxy.exe
InternalName : TmProxy.exe
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : TmProxy.exe

#:16 [anydvd.exe]
FilePath : C:\Program\SlySoft\AnyDVD\
ProcessID : 232
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : High


#:17 [daemon.exe]
FilePath : C:\Program\D-Tools\
ProcessID : 240
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal


#:18 [adeck.exe]
FilePath : C:\Program\VIAudioi\SBADeck\
ProcessID : 204
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 1.0.0.0
ProductVersion : 5.30c(Jetway)
ProductName : Vinyl Deck
CompanyName : VIA Technologies, Inc.
FileDescription : VIA Codec Control Panel
InternalName : Vinyl Deck

#:19 [qttask.exe]
FilePath : C:\Program\QuickTime\
ProcessID : 248
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 6.5.1
ProductVersion : QuickTime 6.5.1
ProductName : QuickTime
CompanyName : Apple Computer, Inc.
InternalName : QuickTime Task
LegalCopyright : © Apple Computer, Inc. 2001-2004
OriginalFilename : QTTask.exe

#:20 [pccguide.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 260
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCCGuide
InternalName : PCCGuide
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCCGuide

#:21 [pcclient.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 268
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCClient
InternalName : PCClient
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCClient

#:22 [tmoagent.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 252
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : TrendMicro Outbreak agent
InternalName : TMOAgent
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : TMOAgent.EXE

#:23 [jusched.exe]
FilePath : C:\Program\Java\j2re1.4.2_06\bin\
ProcessID : 288
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal


#:24 [itouch.exe]
FilePath : C:\Program\Logitech\iTouch\
ProcessID : 296
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 2.20.243
ProductVersion : 2.20.243
ProductName : iTouch
CompanyName : Logitech Inc.
FileDescription : iTouch Application
InternalName : iTouch
LegalCopyright : (C) 1998-2003 Logitech. All rights reserved.
LegalTrademarks : Logitech® and iTouch® are registered trademarks of Logitech Inc.
OriginalFilename : iTouch.exe
Comments : Created by the iTouch team

#:25 [ituneshelper.exe]
FilePath : C:\Program\iTunes\
ProcessID : 304
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iTunesHelper Module
InternalName : iTunesHelper
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iTunesHelper.exe

#:26 [ctfmon.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 368
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 5.1.2600.1106 (xpsp1.020828-1920)
ProductVersion : 5.1.2600.1106
ProductName : Microsoft® Windows® Operating System
CompanyName : Microsoft Corporation
FileDescription : CTF Loader
InternalName : CTFMON
LegalCopyright : © Microsoft Corporation. All rights reserved.
OriginalFilename : CTFMON.EXE

#:27 [msnmsgr.exe]
FilePath : C:\Program\MSN Messenger\
ProcessID : 436
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 6.2.0205
ProductVersion : Version 6.2
ProductName : MSN Messenger
CompanyName : Microsoft Corporation
FileDescription : MSN Messenger
InternalName : msnmsgr
LegalCopyright : Copyright (c) Microsoft Corporation 1997-2004
LegalTrademarks : Microsoft(R) is a registered trademark of Microsoft Corporation in the U.S. and/or other countries.
OriginalFilename : msnmsgr.exe

#:28 [logitechdesktopmessenger.exe]
FilePath : C:\Program\Logitech\Desktop Messenger\8876480\Program\
ProcessID : 472
ThreadCreationTime : 2005-09-04 11:00:09
BasePriority : Normal
FileVersion : 2.1.2.0
ProductVersion : 2.1.2.0
ProductName : Logitech Desktop Messenger
CompanyName : Logitech
FileDescription : Logitech Desktop Messenger
InternalName : Logitech BackWeb Runner
LegalCopyright : Copyright (C) Logitech 2000-2004. All rights reserved
OriginalFilename : backweb-8876480.exe
Comments : http://www.logitech.com/ldm

#:29 [iconmgr.exe]
FilePath : C:\Program\LightSurf\Common\
ProcessID : 508
ThreadCreationTime : 2005-09-04 11:00:10
BasePriority : Normal
FileVersion : 1, 0, 0, 1
ProductVersion : 1, 0, 0, 1
ProductName : IconMgr
CompanyName : LightSurf Technologies, Inc.
FileDescription : IconMgr
InternalName : IconMgr
LegalCopyright : Copyright ©2002, LightSurf Technologies, Inc.
OriginalFilename : IconMgr.exe

#:30 [ticicon.exe]
FilePath : C:\Program\LightSurf\Color Indicator\
ProcessID : 644
ThreadCreationTime : 2005-09-04 11:00:11
BasePriority : Normal
FileVersion : 2, 2, 0, 3
ProductVersion : 2, 2, 0, 0
ProductName : Color Indicator system tray application
CompanyName : LightSurf Technologies, Inc.
FileDescription : TICIcon.exe
InternalName : TICIcon.exe
LegalCopyright : Copyright© 1999-2002 LightSurf Technologies, Inc.
LegalTrademarks : All rights reserved
OriginalFilename : TICIcon.exe
Comments : Color Indicator system tray application

#:31 [acrotray.exe]
FilePath : C:\Program\Adobe\Acrobat 6.0\Distillr\
ProcessID : 312
ThreadCreationTime : 2005-09-04 11:00:11
BasePriority : Normal
FileVersion : 6.0.1.2003102300
ProductVersion : 6.0.1.2003102300
ProductName : AcroTray - Adobe Acrobat Distiller helper application.
CompanyName : Adobe Systems Inc.
FileDescription : AcroTray
InternalName : AcroTray
LegalCopyright : Copyright 1984-2003 Adobe Systems Incorporated and its licensors. All rights reserved.
OriginalFilename : AcroTray.exe

#:32 [pccpfw.exe]
FilePath : C:\Program\Trend Micro\Internet Security\
ProcessID : 660
ThreadCreationTime : 2005-09-04 11:00:11
BasePriority : Normal
FileVersion : 11.40.0.5015
ProductVersion : 11.40.0
ProductName : Trend Pc-cillin 11
CompanyName : Trend Micro Incorporated.
FileDescription : PCCPFW
InternalName : PCCPFW
LegalCopyright : Copyright (C) 1995-2004 Trend Micro Incorporated. All rights reserved.
LegalTrademarks : Copyright (C) Trend Micro Incorporated.
OriginalFilename : PCCPFW.exe

#:33 [ipodservice.exe]
FilePath : C:\Program\iPod\bin\
ProcessID : 2104
ThreadCreationTime : 2005-09-04 11:00:30
BasePriority : Normal
FileVersion : 4.7.1.30
ProductVersion : 4.7.1.30
ProductName : iTunes
CompanyName : Apple Computer, Inc.
FileDescription : iPodService Module
InternalName : iPodService
LegalCopyright : © 2003-2004 Apple Computer, Inc. All Rights Reserved.
OriginalFilename : iPodService.exe

#:34 [wuauclt.exe]
FilePath : C:\WINDOWS\System32\
ProcessID : 2656
ThreadCreationTime : 2005-09-04 11:01:24
BasePriority : Normal
FileVersion : 5.8.0.2469 built by: lab01_n(wmbla)
ProductVersion : 5.8.0.2469
ProductName : Operativsystemet Microsoft® Windows®
CompanyName : Microsoft Corporation
FileDescription : Automatiska uppdateringar
InternalName : wuauclt.exe
LegalCopyright : © Microsoft Corporation. Med ensamrätt.
OriginalFilename : wuauclt.exe

#:35 [firefox.exe]
FilePath : C:\Program\MOZILL~1\
ProcessID : 3880
ThreadCreationTime : 2005-09-04 11:31:50
BasePriority : Normal


#:36 [winword.exe]
FilePath : C:\Program\Microsoft Office\Office10\
ProcessID : 536
ThreadCreationTime : 2005-09-04 11:59:39
BasePriority : Normal


#:37 [ad-aware.exe]
FilePath : C:\Program\Lavasoft\Ad-Aware SE Personal\
ProcessID : 2552
ThreadCreationTime : 2005-09-04 12:02:52
BasePriority : Normal
FileVersion : 6.2.0.236
ProductVersion : SE 106
ProductName : Lavasoft Ad-Aware SE
CompanyName : Lavasoft Sweden
FileDescription : Ad-Aware SE Core application
InternalName : Ad-Aware.exe
LegalCopyright : Copyright © Lavasoft AB Sweden
OriginalFilename : Ad-Aware.exe
Comments : All Rights Reserved

#:38 [bitcomet.exe]
FilePath : C:\Program\BitComet\
ProcessID : 320
ThreadCreationTime : 2005-09-04 12:15:11
BasePriority : Normal
FileVersion : 0.57.
ProductVersion : 0.57.
ProductName : BitComet
CompanyName : http://www.BitComet.com
FileDescription : BitComet - a BitTorrent Client
InternalName : BitComet.exe
LegalCopyright : Copyright (C) Ningyu Ran, All Rights Reserved.
OriginalFilename : SimpleBT.exe

Memory scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Registry Scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started deep registry scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Deep registry scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Started Tracking Cookie scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»


Tracking cookie scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0



Deep scanning and examining files (C:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for C:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Deep scanning and examining files (E:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for E:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Deep scanning and examining files (F:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for F:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0


Deep scanning and examining files (G:)
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»

Disk Scan Result for G:\
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 0
Objects found so far: 0

Hosts file scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
0 entries scanned.
New critical objects:0
Objects found so far: 0


14:22:21 Scan Complete

Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:04:52.240
Objects scanned:107306
Objects identified:0
Objects ignored:0
New critical objects:0
Alice66
 
Inlägg: 5
Blev medlem: lör 03 sep 2005, 12.57
Ort: Helsingborg

Inläggav Malou » sön 04 sep 2005, 15.27

Hej Alice66 :D

Tack själv för att vi får hjälpa!

Det enda jag hade pr0blem med var Auto Buster. När jag körde den fick jag inte upp de svarsalternativen som fanns i instruktionen. Jag körde den i alla fall 2 ggr och hoppas att det ändå blev rätt.

Ok.
Det var märkligt :?
Men vi håller tummarna för att det ändå hjälpte.

Ad-Awareloggen ser ren och fin ut.
Mycket bra jobbat :wink:

Men jag saknar HJT-loggen. Skulle väldigt gärna få ta en titt på den också innan jag släpper dig :D

MVH/Malou
Malou
 

Här kommer den....

Inläggav Alice66 » sön 04 sep 2005, 16.24

MVH
Alice 66

Logfile of HijackThis v1.99.1
Scan saved at 17:23:03, on 2005-09-04
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\brsvc01a.exe
C:\WINDOWS\System32\brss01a.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Trend Micro\Internet Security\Tmntsrv.exe
C:\Program\Trend Micro\Internet Security\tmproxy.exe
C:\Program\SlySoft\AnyDVD\AnyDVD.exe
C:\Program\D-Tools\daemon.exe
C:\Program\VIAudioi\SBADeck\ADeck.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Trend Micro\Internet Security\pccguide.exe
C:\Program\Trend Micro\Internet Security\PCClient.exe
C:\Program\Trend Micro\Internet Security\TMOAgent.exe
C:\Program\Java\j2re1.4.2_06\bin\jusched.exe
C:\Program\Logitech\iTouch\iTouch.exe
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program\LightSurf\Common\IconMgr.exe
C:\Program\LightSurf\Color Indicator\TICIcon.exe
C:\Program\Adobe\Acrobat 6.0\Distillr\acrotray.exe
C:\Program\Trend Micro\Internet Security\PccPfw.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program\MOZILL~1\firefox.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsidan.telia.se/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program\MSN Apps\MSN Toolbar\01.02.4000.1001\sv\msntb.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AnyDVD] C:\Program\SlySoft\AnyDVD\AnyDVD.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [AudioDeck] C:\Program\VIAudioi\SBADeck\ADeck.exe 1
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program\Trend Micro\Internet Security\pccguide.exe"
O4 - HKLM\..\Run: [PCClient.exe] "C:\Program\Trend Micro\Internet Security\PCClient.exe"
O4 - HKLM\..\Run: [TM Outbreak Agent] "C:\Program\Trend Micro\Internet Security\TMOAgent.exe" /run
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_06\bin\jusched.exe
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [RegDoctor] "C:\Program\RegDoctor\RegDoctor.exe" -Quick
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [LDM] C:\Program\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: LightSurf.lnk = C:\Program\LightSurf\Common\IconMgr.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Acrobat Assistant.lnk = C:\Program\Adobe\Acrobat 6.0\Distillr\acrotray.exe
O4 - Global Startup: Distiller Assistant 3.0.lnk = C:\Acrobat3\Distillr\DISTASST.EXE
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\j2re1.4.2_06\bin\npjpi142_06.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\MSMSGS.EXE
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan ... asinst.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game15.zylomgames.com/activex/zy ... player.cab
O16 - DPF: {C36112BF-2FA3-4694-8603-3B510EA3B465} (Lycos File Upload Component) - http://f008.mail.spray.se/app/uploader/FileUploader.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{EA2BC00D-1A5E-4B76-9FE0-295429C2E99B}: NameServer = 195.67.199.33,195.67.199.34,195.67.199.35
O18 - Protocol: bw80s - {A8DE53DD-B639-4AB5-9E14-0365B7381232} - C:\Program\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\System32\brsvc01a.exe
O23 - Service: iPod-tjänst (iPodService) - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\PccPfw.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\Tmntsrv.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Incorporated. - C:\Program\Trend Micro\Internet Security\tmproxy.exe
Alice66
 
Inlägg: 5
Blev medlem: lör 03 sep 2005, 12.57
Ort: Helsingborg

Inläggav Malou » sön 04 sep 2005, 16.39

Hej Alice66 :D

Ber att få gratulera till rena och fina loggor :D
Även din HJT-log ser numera ren och fin ut igen.
Mycket bra gjort :D

Om du är direktinloggad till Internet numera så kan du bocka/fixa även den här nedanstående detaljen. Telia använder sig inte av Proxy längre.
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost

Vill även passa på att rekommendera dig till att hämta hem alla säkerhetsuppdateringar som finns tillgängliga för ditt Windows System, Internet Explorer och Outlook Express:
Samt gärna hämta hem och installera SP2
=> Windows Update/Microsoft Update


Hur mår datorn nu?
Kvarstår det några problem?

MVH/Malou
Malou
 

Den funkar bra nu...

Inläggav Alice66 » sön 04 sep 2005, 17.13

..förutom att jag lyckats tappa bort drivrutinen till skrivaren....men det är ju lätt att åtgärda.
Jag har passat på att byta webbläsare idag till Fire Fox och ska fixa alla uppdateringar du föreslagit. Frid och fröjd med andra ord.
Jag är så glad att jag lyckades hitta detta forum. När man är en glad amatör så fixar man inte denna typen av problem själv.

Ha det så bra

Alice 66
Alice66
 
Inlägg: 5
Blev medlem: lör 03 sep 2005, 12.57
Ort: Helsingborg

Inläggav Malou » sön 04 sep 2005, 17.25

Hej Alice66 :D

Jag är så glad att jag lyckades hitta detta forum. När man är en glad amatör så fixar man inte denna typen av problem själv.

Tack för att du tycker om vårat lilla forum och att vi fick lov att hjälpa dig :wink:
Och glada amatörer har vi alla varit (och kanske är så fortfarande), det är på det här sättet man lär sig :wink:

..förutom att jag lyckats tappa bort drivrutinen till skrivaren....men det är ju lätt att åtgärda.

Ok.
Har du tillgång till skrivarens installationsskiva/programvara så skall det inte vara några problem.

Jag har passat på att byta webbläsare idag till Fire Fox och ska fixa alla uppdateringar du föreslagit. Frid och fröjd med andra ord.

Ok.
Även om du har bytt Webbläsare så är det viktigt att hämta säkerhetsuppdateringarna :wink:
Låter underbart att allt är frid och fröjd igen.

Ha det så jättebra och var rädd om datorn!

MVH/Malou
Malou
 

Inläggav plun » sön 04 sep 2005, 17.26

Hej Alice66

Bra jobbat :lol:

Här kan du läsa mer om SP2 och nya funktioner. SP2 har fått mycket skäll som är helt felaktigt tycker jag.

Här kan du iaf läsa på om du funderar över något innan och efter
uppgradering.

http://www.microsoft.com/sverige/security/protect/

8)

[Tråden är nu låst eftersom problemet är löst]
Tycker du att den är felaktigt låst, vad god kontakta Hansen eller Malou
Användarvisningsbild
plun
 
Inlägg: 2405
Blev medlem: ons 08 jun 2005, 18.52


Återgå till Lösta och gamla problem/arkiv

Vilka är online

Användare som besöker denna kategori: Inga registrerade användare och 0 gäster

cron