norbat Skrevet 27. april 2008 Forfatter Del Skrevet 27. april 2008 Hei, Xarus, Ja, du har noe rammel liggende, så du kan kjøre gjennom langversjonen i 1.post. Den skulle fjerne det aller meste. Loggene det spørres etter, poster du i en egen tråd som du oppretter ved å klikke på Nytt Emne-knappen Lenke til kommentar
Xarus Skrevet 27. april 2008 Del Skrevet 27. april 2008 Slik, nå har jeg peisa inn alle loggene. Lenke til kommentar
bokhylle Skrevet 2. mai 2008 Del Skrevet 2. mai 2008 PCen oppfører seg litt rart nå. Så jeg legger ut en logg. Noen som kan ta en titt? Takk Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:46:09, on 02.05.2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe c:\programfiler\fellesfiler\logishrd\lvmvfm\LVPrcSrv.exe C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe C:\Programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\OneStepSearch\onestep.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4ss.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\Programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\OneStepSearch\onestep.exe C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4gui.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\rundll32.exe C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Programfiler\Razer\DeathAdder\razerhid.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Razer\DeathAdder\razerofa.exe C:\Programfiler\uTorrent\uTorrent.exe C:\Programfiler\MSN Messenger\msnmsgr.exe C:\Programfiler\MSN Messenger\usnsvc.exe C:\Programfiler\Winamp\winamp.exe C:\WINDOWS\system32\CTPdeSrv.exe C:\Programfiler\Mozilla Firefox 3 Beta 5\firefox.exe C:\Documents and Settings\Administrator\Skrivebord\HiJackThis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://login.live.com/ppsecure/sha1auth.srf?lc=1044 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Programfiler\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DeathAdder] C:\Programfiler\Razer\DeathAdder\razerhid.exe O4 - HKLM\..\RunServices: [Microsoft Corporation Svchost Services] mssvcs.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Programfiler\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\RunServices: [Microsoft Corporation Svchost Services] mssvcs.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe /RUNONCE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Programfiler\PartyGaming\PartyPoker\RunApp.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Programfiler\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Programfiler\Fellesfiler\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Programfiler\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Programfiler\Fellesfiler\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Programfiler\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: LVCOMSer - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\LVCOMSER\LVComSer.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\programfiler\fellesfiler\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Programfiler\Fellesfiler\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: NBService - Nero AG - C:\Programfiler\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Programfiler\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: OneStep Search Service - OneStepSearch.net, Inc. - C:\Programfiler\OneStepSearch\onestep.exe O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C:\Programfiler\Sunbelt Software\Personal Firewall\kpf4ss.exe O23 - Service: StarWind AE Service (StarWindServiceAE) - Unknown owner - C:\Programfiler\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe (file missing) -- End of file - 7520 bytes Lenke til kommentar
norbat Skrevet 2. mai 2008 Forfatter Del Skrevet 2. mai 2008 bokhylle: Ja, du har noe rusk (bla. onestepsearch). Kjør gjennom langversjonen i 1.post og opprett en egen tråd der du poster loggene. Lenke til kommentar
lknight Skrevet 2. mai 2008 Del Skrevet 2. mai 2008 her er logg fra siste scan... HJT: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 14:50, on 2008-05-02 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe C:\Programfiler\Norton Internet Security\ISSVC.exe C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Programfiler\Intel\Wireless\Bin\ZcfgSvc.exe C:\WINDOWS\Explorer.EXE C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe C:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe C:\Programfiler\Fellesfiler\Microsoft Shared\VS7Debug\mdm.exe C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe C:\WINDOWS\system32\nvsvc32.exe C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe C:\WINDOWS\system32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programfiler\Apoint\Apoint.exe C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe C:\Programfiler\Dell\QuickSet\quickset.exe C:\Programfiler\Dell\Media Experience\PCMService.exe C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\Skype\Phone\Skype.exe C:\Programfiler\Apoint\Apntex.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Programfiler\Yahoo!\Messenger\ymsgr_tray.exe C:\WINDOWS\system32\wuauclt.exe C:\Programfiler\Mozilla Firefox\firefox.exe C:\Programfiler\HijackThis\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/def...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programfiler\Yahoo!\Common\yiesrvc.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Programfiler\MSN Apps\ST1.03.0000.1005\en-xu\stmain.dll O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\no\msntb.dll O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Programfiler\MSN Apps\MSN Toolbar\MSN Toolbar1.02.5000.1021\no\msntb.dll O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Programfiler\Fellesfiler\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Programfiler\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint\Apoint.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [intelWireless] C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM\..\Run: [Dell QuickSet] C:\Programfiler\Dell\QuickSet\quickset.exe O4 - HKLM\..\Run: [PCMService] "C:\Programfiler\Dell\Media Experience\PCMService.exe" O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [updateManager] "C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" /r O4 - HKLM\..\Run: [symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\RunServices: [DJSNetCN] C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Programfiler\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [Creative WebCam Tray] "C:\Programfiler\Creative\Shared Files\CamTray.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Programfiler\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [DWQueuedReporting] "C:\PROGRA~1\FELLES~1\MICROS~1\DW\dwtrig20.exe" -t O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Programfiler\Yahoo!\Common\yiesrvc.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Programfiler\Yahoo!\Common\Yinsthelper.dll O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccProxy.exe O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccPwdSvc.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSetMgr.exe O23 - Service: Symantec Licensing Detect Internet Connection (DJSNETCN) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe O23 - Service: EvtEng - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\EvtEng.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Programfiler\Norton Internet Security\ISSVC.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect-tjeneste (navapsvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\navapsvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: RegSrvc - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C:\Programfiler\Intel\Wireless\Bin\S24EvMon.exe O23 - Service: SAVScan - Symantec Corporation - C:\Programfiler\Norton Internet Security\Norton AntiVirus\SAVScan.exe O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\FELLES~1\SYMANT~1\SCRIPT~1\SBServ.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SNDSrvc.exe O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\Security Center\SymWSC.exe O23 - Service: WLANKEEPER - Intel® Corporation - C:\Programfiler\Intel\Wireless\Bin\WLKeeper.exe -- End of file - 11017 bytes Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 08-05-01.1 - Lasse 2008-05-02 14:25:06.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1044.18.131 [GMT 2:00] Running from: C:\Documents and Settings\Lasse\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\WINDOWS\system32\drivers\fad.sys . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_SZKG5 ((((((((((((((((((((((((( Files Created from 2008-04-02 to 2008-05-02 ))))))))))))))))))))))))))))))) . 2008-05-02 06:59 . 2008-05-02 06:59 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-05-02 06:57 . 2008-05-02 14:21 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-05-02 06:57 . 2008-05-02 06:57 <DIR> d-------- C:\Documents and Settings\Lasse\Programdata\SUPERAntiSpyware.com 2008-05-02 06:51 . 2008-05-02 06:51 <DIR> d-------- C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-05-02 06:19 . 2008-05-02 06:19 <DIR> dr-h----- C:\Documents and Settings\Lasse\Siste 2008-05-02 06:15 . 2008-05-02 06:15 <DIR> d-------- C:\Programfiler\CCleaner . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-02 12:16 --------- d-----w C:\Programfiler\Spybot - Search & Destroy 2008-05-02 05:16 --------- d-----w C:\Documents and Settings\All Users\Programdata\Spybot - Search & Destroy 2008-04-19 14:59 --------- d-----w C:\Documents and Settings\Lasse\Programdata\Skype 2008-04-19 09:48 6,580 --sha-w C:\WINDOWS\SYSTEM32\KGyGaAvL.sys 2008-04-09 21:10 --------- d-----w C:\Documents and Settings\Lasse\Programdata\AdobeUM 2008-04-04 22:36 --------- d-----w C:\Programfiler\Java 2008-03-20 08:11 1,845,248 ----a-w C:\WINDOWS\SYSTEM32\win32k.sys 2008-03-20 08:11 1,845,248 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\win32k.sys 2008-02-20 06:52 282,624 ----a-w C:\WINDOWS\SYSTEM32\gdi32.dll 2008-02-20 06:52 282,624 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\gdi32.dll 2008-02-20 05:39 45,568 ----a-w C:\WINDOWS\SYSTEM32\dnsrslvr.dll 2008-02-20 05:39 45,568 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsrslvr.dll 2008-02-20 05:39 148,992 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\dnsapi.dll 2008-02-16 22:35 3,080,704 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\mshtml.dll 2008-02-15 09:23 18,432 ------w C:\WINDOWS\SYSTEM32\DLLCACHE\iedw.exe 2008-02-12 19:05 691,545 ----a-w C:\WINDOWS\unins000.exe 2005-05-07 16:59 35,776 ----a-w C:\Documents and Settings\Lasse\Programdata\GDIPFONTCACHEV1.DAT 2005-04-26 13:34 2,148 ----a-w C:\Documents and Settings\Lasse\minf.dat 2007-09-10 19:32 168 --sh--r C:\WINDOWS\SYSTEM32\12DA2ABAEA.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 14:00 15360] "Skype"="C:\Programfiler\Skype\Phone\Skype.exe" [2006-10-13 18:20 20058152] "Creative WebCam Tray"="C:\Programfiler\Creative\Shared Files\CamTray.exe" [2005-03-29 08:13 258048] "Yahoo! Pager"="C:\Programfiler\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 17:43 4670704] "DWQueuedReporting"="C:\PROGRA~1\FELLES~1\MICROS~1\DW\dwtrig20.exe" [2005-04-25 14:45 36040] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-02-29 16:03 1481968] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="nwiz.exe" [2004-10-26 14:01 921600 C:\WINDOWS\SYSTEM32\nwiz.exe] "Apoint"="C:\Programfiler\Apoint\Apoint.exe" [2004-08-21 20:04 155648] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 04:25 144784] "IntelWireless"="C:\Programfiler\Intel\Wireless\Bin\ifrmewrk.exe" [2004-10-30 16:59 385024] "Dell QuickSet"="C:\Programfiler\Dell\QuickSet\quickset.exe" [2004-10-07 21:44 610304] "PCMService"="C:\Programfiler\Dell\Media Experience\PCMService.exe" [2004-04-11 22:15 290816] "DVDLauncher"="C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" [2004-04-11 13:43 53248] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2004-08-13 03:05 122939] "UpdateManager"="C:\Programfiler\Fellesfiler\Sonic\Update Manager\sgtray.exe" [2004-01-07 03:01 110592] "Symantec NetDriver Monitor"="C:\PROGRA~1\SYMNET~1\SNDMon.exe" [2005-05-15 01:00 100056] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-02-21 17:24 58984] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2006-08-15 23:25 282624] "Sony Ericsson PC Suite"="C:\Programfiler\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2006-11-24 01:06 487424] "NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2004-10-26 14:01 4632576] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices] "DJSNetCN"="C:\Programfiler\Fellesfiler\Symantec Shared\DJSNETCN.exe" [2005-01-24 14:12 43152] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 14:00 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 12:55 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 12:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\IntelWireless] C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll 2004-09-07 18:08 110592 C:\Programfiler\Intel\Wireless\Bin\LgNotify.dll [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programfiler\\Messenger\\MSMSGS.EXE"= "C:\\Programfiler\\Yahoo!\\Messenger\\YServer.exe"= "C:\\Programfiler\\SightSpeed\\SightSpeed.exe"= "C:\\Programfiler\\Yahoo!\\Messenger\\YahooMessenger.exe"= "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "C:\\Programfiler\\MSN Messenger\\livecall.exe"= "C:\\Programfiler\\Skype\\Phone\\Skype.exe"= R2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2006-08-03 18:08] S3 P0630VID;Creative WebCam Live!;C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2005-06-06 03:44] S3 se44bus;Sony Ericsson Device 068 driver (WDM);C:\WINDOWS\system32\DRIVERS\se44bus.sys [2006-11-30 14:58] S3 se44mdfl;Sony Ericsson Device 068 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\se44mdfl.sys [2006-11-30 14:58] S3 se44mdm;Sony Ericsson Device 068 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\se44mdm.sys [2006-11-30 14:58] S3 se44mgmt;Sony Ericsson Device 068 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\se44mgmt.sys [2006-11-30 14:58] S3 se44nd5;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (NDIS);C:\WINDOWS\system32\DRIVERS\se44nd5.sys [2006-11-30 14:58] S3 se44obex;Sony Ericsson Device 068 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\se44obex.sys [2006-11-30 14:58] S3 se44unic;Sony Ericsson Device 068 USB Ethernet Emulation SEMC44 (WDM);C:\WINDOWS\system32\DRIVERS\se44unic.sys [2006-11-30 14:58] *Newly Created Service* - SASDIFSV . Contents of the 'Scheduled Tasks' folder "2008-04-04 18:04:12 C:\WINDOWS\Tasks\Norton AntiVirus - Søk på min datamaskin - Lasse.job" Spyware: Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/02/2008 at 02:11 PM Application Version : 4.0.1154 Core Rules Database Version : 3451 Trace Rules Database Version: 1404 Scan type : Complete Scan Total Scan Time : 06:52:26 Memory items scanned : 499 Memory threats detected : 0 Registry items scanned : 5236 Registry threats detected : 0 File items scanned : 16891 File threats detected : 3 Adware.Tracking Cookie C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@clicktorrent[2].txt er vel en god del å ta tak i der, ja..? Lenke til kommentar
norbat Skrevet 2. mai 2008 Forfatter Del Skrevet 2. mai 2008 (endret) lknight: Ut ove adwaren som ble fjernet, så ser loggene fine ut. Opplever du noe som tilsier at du fortsatt har noe rusk på maskinen? Endret 2. mai 2008 av norbat Lenke til kommentar
lknight Skrevet 3. mai 2008 Del Skrevet 3. mai 2008 hmm.. ja.. den er fremdeles veldig treig da... selv med 1024mb RAM... hvordan fikse dette..? får forresten ikke avinstallert norton! selv ikke i legg/fjern-programmer! hvorfor ikke? er logget inn som administrator da... må kanskje gjøre dette i sikkermodus..? Lenke til kommentar
norbat Skrevet 3. mai 2008 Forfatter Del Skrevet 3. mai 2008 Du kan bruke Norton Removal Tool for å fjerne Norton. Lenke til kommentar
simrem Skrevet 7. mai 2008 Del Skrevet 7. mai 2008 Hei, Har fått endel popupvinduer i det siste. Mest pokerreklame. Har kjørt både spybot og SAS og fjernet det som gikk ann å fjerne der. Men det er fortsatt ikke vekke. Prøvde å bruke ComboFix, men den støtter ikke Vista 64Bit. Har tatt en scan med HiJackThis og fått følgende data: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:38:41, on 07.05.2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Program Files (x86)\Hewlett-Packard\IAM\bin\asghost.exe C:\Windows\SMINST\scheduler.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\DAEMON Tools\daemon.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files (x86)\Svconr\Svconr.exe C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files (x86)\PDF Complete\pdfsty.exe C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\pthosttr.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe C:\Program Files (x86)\Hp\HP Software Update\hpwuSchd2.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files (x86)\Hewlett-Packard\Shared\HpqToaster.exe C:\Program Files (x86)\PowerISO\PWRISOVM.EXE C:\Program Files (x86)\CyberLink\Shared files\brs.exe C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe C:\Windows\SysWOW64\conime.exe C:\Windows\SMINST\scheduler.exe C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\SMINST\scheduler.exe C:\Windows\SMINST\scheduler.exe C:\Windows\SMINST\scheduler.exe C:\Users\Simon\Desktop\hijackthis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...b&pf=laptop R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&a...b&pf=laptop R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O1 - Hosts: ::1 localhost O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files (x86)\google\googletoolbar2.dll O2 - BHO: Credential Manager for HP ProtectTools - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - C:\Program Files (x86)\Hewlett-Packard\IAM\Bin\ItIEAddIn.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files (x86)\google\googletoolbar2.dll O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files (x86)\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM\..\Run: [PDF Complete] "C:\Program Files (x86)\PDF Complete\pdfsty.exe" O4 - HKLM\..\Run: [PTHOSTTR] C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\PTHOSTTR.EXE /Start O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles(x86)%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe C:\PROGRA~2\HEWLET~1\IAM\Bin\ASTSVCC.dll,RegisterModule O4 - HKLM\..\Run: [HP Software Update] c:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [PWRISOVM.EXE] "C:\Program Files (x86)\PowerISO\PWRISOVM.EXE" O4 - HKLM\..\Run: [bDRegion] "C:\Program Files (x86)\Cyberlink\Shared Files\brs.exe" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe" O4 - HKLM\..\Run: [WatchDog] "C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\RunOnce: [sT Recovery Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files (x86)\DAEMON Tools\daemon.exe" -lang 1033 O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [svconr] C:\Program Files (x86)\Svconr\Svconr.exe O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - Startup: Adobe Gamma.lnk = C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: DVD Check.lnk = C:\Program Files (x86)\InterVideo\DVD Check\DVDCheck.exe O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send bilde til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send side til &Bluetooth-enhet... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MIC273~1\WEB2FE~1\Office12\REFIEBAR.DLL O9 - Extra button: Send til Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send til &Bluetooth-enhet... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll O13 - Gopher Prefix: O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin Control) - http://appldnld.apple.com.edgesuite.net/co...ex/qtplugin.cab O16 - DPF: {A903E5AB-C67E-40FB-94F1-E1305982F6E0} (KooPlayer Control) - http://www.euchannels.net/UKooPlayer.ocx O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/Facebo...Uploader4_5.cab O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = fortknox.hp O17 - HKLM\System\CCS\Services\Tcpip\..\{2EE3F769-3733-4365-950D-B6E90A3F8CD2}: NameServer = 158.38.141.98 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = fortknox.hp O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = fortknox.hp O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files (x86)\Lavasoft\Ad-Aware 2007\aawservice.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Unknown owner - C:\Windows\system32\agr64svc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati External Event Utility - Unknown owner - C:\Windows\system32\Ati2evxx.exe (file missing) O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-30007 (IISADMIN) - Unknown owner - C:\Windows\system32\inetsrv\inetinfo.exe (file missing) O23 - Service: IviRegMgr - InterVideo - C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files (x86)\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files (x86)\Common Files\SureThing Shared\stllssvr.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: @%windir%\system32\inetsrv\iisres.dll,-20001 (WMSvc) - Unknown owner - C:\Windows\system32\inetsrv\wmsvc.exe (file missing) -- End of file - 16172 bytes Er det noen flere ting jeg kan gjøre? Lenke til kommentar
r2d290 Skrevet 8. mai 2008 Del Skrevet 8. mai 2008 (endret) *glem det. så ikke at du har laget en egen tråd :/* Endret 8. mai 2008 av r2d290 Lenke til kommentar
Axl91 Skrevet 22. mai 2008 Del Skrevet 22. mai 2008 Kjørte Antivir men valgte å bytte da jeg syntes det var merkelig den aldri fant virus ved scan. ikke at jeg oppsøker virus, men er vant med at det kommer. trolig ett sted jeg gjør feil da det ikke er noe stort. dunno men ihvertfall så fant Avast ni trojanere på første forsøk. kanskje det er flere. men aner ikke hvordan jeg skal fjerne dem, er det bare høyre klikk og slett? virker litt for lett, så jeg leggeer inn en hijack logg her. og takker for all hjelp jeg får=) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:52:29, on 22.05.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16575) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\System32\rundll32.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe C:\Windows\System32\rundll32.exe C:\Program Files\CyberLink\MagicSports\Kernel\MagicSports\MSPMirage.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\COMODO\Firewall\cfp.exe C:\Program Files\Alwil Software\Avast4\ashDisp.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Windows\system32\wuauclt.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.exe C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Windows\system32\Taskmgr.exe C:\Users\Axl\Desktop\HiJackThis\HijackThis.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - C:\Windows\system32\PnkBstrB.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe O23 - Service: Start BT in service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: X10 Device Network Service (x10nets) - X10 - C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe -- End of file - 2757 bytes Lenke til kommentar
norbat Skrevet 22. mai 2008 Forfatter Del Skrevet 22. mai 2008 Det virker som om hjt-loggen ikke er komplett (det mangler noen linjer). Du kunne ha kjørt combofix. Den lager en logg som kan fortelle litt mer: Hent Combofix, og legg det på skrivebordet Kjør combofix.exe, og følg veiledningen. Du må ikke klikke på vinduet mens programmet kjører. Post loggfilen fra combofix (c:\combofix.txt) Fint om du oppretter en egen tråd (klikk Nytt Emne) Lenke til kommentar
mona14 Skrevet 28. mai 2008 Del Skrevet 28. mai 2008 Eieren av en pc, klager på endel pop-ups. HJT logg her: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:23, on 28.05.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\mobsync.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEwuvTmN.dll,#1 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Lene\AppData\Local\Temp\urQhGwWq.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Lene\AppData\Local\Temp\geBUKEvU.dll,#1 O4 - HKCU\..\Run: [b08ee145] rundll32.exe "C:\Users\Lene\AppData\Local\Temp\bjlorass.dll",b O4 - HKCU\..\Run: [bMb3bdd2d9] Rundll32.exe "C:\Users\Lene\AppData\Local\Temp\tkimbicj.dll",s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 11035 bytes Lenke til kommentar
r2d290 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 (endret) Hallo mona14 Start hijackthis, velg "do a systemscan only", og sett hake foran følgende linjer: O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEwuvTmN.dll,#1 O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Lene\AppData\Local\Temp\urQhGwWq.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Lene\AppData\Local\Temp\geBUKEvU.dll,#1 O4 - HKCU\..\Run: [b08ee145] rundll32.exe "C:\Users\Lene\AppData\Local\Temp\bjlorass.dll",b O4 - HKCU\..\Run: [bMb3bdd2d9] Rundll32.exe "C:\Users\Lene\AppData\Local\Temp\tkimbicj.dll",s Finn deretter de nevnte O4-linjene med Windows utforsker/Min datamaskin. Plaseringen er: C:\Windows\system32\gEwuvTmN.dll C:\Users\Lene\AppData\Local\Temp\urQhGwWq.dll C:\Users\Lene\AppData\Local\Temp\geBUKEvU.dll C:\Users\Lene\AppData\Local\Temp\bjlorass.dll C:\Users\Lene\AppData\Local\Temp\tkimbicj.dll Disse filene sletter du manuelt (husk å slette de fra papirkurven etterpå). Hvis du ikke finner filene, kan det være fordi du ikke har skrudd på "vis skjulte filer og mapper": Følg denne guiden... Husk å skru AV "Vis skjulte filer og mapper" når du er ferdig med prosessen! Restart deretter PC-en, og post en ny hijackthis-log, samt gi en raport på hvordan maskinen fungerer. Endret 29. mai 2008 av r2d290 Lenke til kommentar
mona14 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 Ny logg: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:23, on 28.05.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\mobsync.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEwuvTmN.dll,#1 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Lene\AppData\Local\Temp\urQhGwWq.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Lene\AppData\Local\Temp\geBUKEvU.dll,#1 O4 - HKCU\..\Run: [b08ee145] rundll32.exe "C:\Users\Lene\AppData\Local\Temp\bjlorass.dll",b O4 - HKCU\..\Run: [bMb3bdd2d9] Rundll32.exe "C:\Users\Lene\AppData\Local\Temp\tkimbicj.dll",s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 11035 bytes PCn er som før, like treig og det popper fortsatt opp pop-ups Lenke til kommentar
r2d290 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 (endret) Loggen er som før, like mange linjer. Er du sikker på at du postet riktig logg? Tiden for når hver av loggene be laget viser det samme tidspunkt. Prøv å restarte maskinen før du gjør et nytt forsøk... Ser i ettertid at jeg glemte å tilføye en viktig detalj: Etter at du har satt hake foran linjene, skal du trykke på knappen "Fix checked" Slette oppføringer med hijackthis: Klikk for å se/fjerne innholdet nedenfor Kjør hijackthis.exe. Velg "Do a system scan only" 1. Kryss av for de oppførningene du har fått beskjed om å slette. 2. Trykk på knappen "Fix checked" 3. Trykk Ja/yes for å fjerne oppførningene. Du er ferdig. Etter du har gjort dette poster du en ny log i emnet ditt slik at de som hjelper deg kan se at alt er i orden. Gjør et nytt forsøk med å fixe linjene, Forsvinner de ikke, kan du prøve å gjøre det fra sikkerhetsmodus: Sikkermodus Klikk for å se/fjerne innholdet nedenfor Man blir ofte bedt om å starte maskinen i sikkermodus når man skal fjerne virus eller lignende. Grunnen til det er at når maskinen starter i sikkermodus starter bare de nødvendigste prossessene/programmene i windows. Det vil si at i de fleste tilfeller starter ikke programmet vi vil fjerne heller da det ikke er en av de nødvendigste programmene i windows. Det finnes to måter å starte i sikkermodus som jeg vet om. F8 metoden: Trykk på F8 tasten når du starter maskinen. Rett etter at BIOSen er ferdig med oppgavene sine. Windows 2000 norsk versjon Klikk for å se/fjerne innholdet nedenfor Har du Windows 2000 norsk versjon kommer denne listen opp etter at du har trykket på F8 tasten: Meny for avanserte alternativer for Windows 2000 Velg et alternativ: Sikkermodus Sikkermodus med nettverk Sikkermodus med bare kommandolinjen Aktiver oppstartslogging Aktiver VGA-modus Siste fungerende konfigurasjon Gjenopprettingsmodus for katalogtjenester (bare Windows 2000-DCer) Feilsøkingsmodus Start opp på vanlig måte Tilbake til menyen for valg av operativsystem Bruk Pil opp og Pil ned for å flytte til ditt valg. Trykk Enter for å velge. Du skal velge alternativet der det står "Sikkermodus med nettverk" for så å trykke Enter Windows 2000 engelsk versjon Klikk for å se/fjerne innholdet nedenfor Har du Windows 2000 EN så kommer denne listen opp etter at du har trykket på F8 Windows 2000 Advanced Options Menu Please select an option: Safe Mode Safe Mode with Networking Safe Mode with Command Prompt Enable Boot Logging Enable VGA Mode Last Known Good Configuration Directory Services Restore Mode (Windows 2000 domain controllers only) Debugging Mode Boot Normally Return to OS Choices Menu Use Up arrow and Down arrow to move the hightlight to your choice. Press Enter to choose. Alternativet du skal velge er alternativet det står "Safe Mode with Networking", trykk så enter Windows XP norsk versjon Klikk for å se/fjerne innholdet nedenfor Har du Windows XP norsk versjon kommer denne listen opp etter at du har trykket på F8 tasten: Sikkermodus Sikkermodus med nettverkstjeneste Sikkermodus med kommandolinje Aktiver VGA-modus Den siste fungerende konfigurasjonen Gjenopprettingsmodus for katalogtjenester Feilsøkingsmodus Aktiver oppstartslogging Start Windows på vanlig måte Omstart Du skal velge alternativet der det står "Sikkermodus med nettverk" for så å trykke Enter Windows XP engelsk versjon Klikk for å se/fjerne innholdet nedenfor Har du Windows XP engelsk versjon kommer denne listen opp etter at du har trykket på F8 tasten: Windows Advanced Options Menu Please select an option: Safe Mode Safe Mode with Networking Safe Mode with Command Prompt Enable Boot Logging Enable VGA mode Last Known Good Configuration (your most recent settings that worked) Directory Services Restore Mode (Windows domain controllers only) Debugging Mode Start Windows Normally Reboot Return to OS Choices Menu Use the up and down arrow keys to move the highlight to your choice. Du skal velge alternativet der det står "Safe Mode with Networking" for så å trykke Enter. Den andre metoden for å starte i sikkermodus er denne: Åpne startmenyen gå til Kjør -> skriv msconfig -> boot.ini -> huk av for /SAFEBOOT Endret 29. mai 2008 av r2d290 Lenke til kommentar
mona14 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 Hm. Dagjorde jeg det riktig. en fik beskje om at det var noen som ikke kunne bli slettet. Ja, er sikker på at dt e itig logg. Pøverengan til jeg, og legger inn en ny logg på nytt : ) Lenke til kommentar
mona14 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 (endret) Hm. Da gjorde jeg det riktig, men fikk beskje om at det var noen som ikke kunne bli slettet. Ja, er sikker på at det er riktig logg. Pøver engang til jeg, og legger inn en ny logg på nytt : ) -- Ser ikke ut til at jeg har gjort det riktig denne gangen eller på loggen: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 20:29:23, on 28.05.2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16643) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\RtHDVCpl.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Acer\Empowering Technology\SysMonitor.exe C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe C:\Windows\System32\rundll32.exe C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\mobsync.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE C:\Program Files\Internet Explorer\ieuser.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Windows Live Toolbar\msn_sl.exe C:\Windows\system32\Macromed\Flash\FlashUtil9b.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Windows\system32\SearchFilterHost.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sol.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://no.intl.acer.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://no.intl.acer.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O1 - Hosts: ::1 localhost O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: ShowBarObj Class - {83A2F9B1-01A2-4AA5-87D1-45B6B8505E96} - C:\Windows\system32\ActiveToolBand.dll O2 - BHO: Påloggingshjelp for Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe" O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" O4 - HKLM\..\Run: [MSServer] rundll32.exe C:\Windows\system32\gEwuvTmN.dll,#1 O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\Lene\AppData\Local\Temp\urQhGwWq.dll,c O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\Lene\AppData\Local\Temp\geBUKEvU.dll,#1 O4 - HKCU\..\Run: [b08ee145] rundll32.exe "C:\Users\Lene\AppData\Local\Temp\bjlorass.dll",b O4 - HKCU\..\Run: [bMb3bdd2d9] Rundll32.exe "C:\Users\Lene\AppData\Local\Temp\tkimbicj.dll",s O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user') O4 - Global Startup: Empowering Technology Launcher.lnk = ? O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD42/JSCDL/jre/6u...ows-i586-jc.cab O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 11035 bytes Når jeg skulle slette linkene fra HijackThis, fikk jeg denne meldingen på noen av de: Kan ikke fullføre handlingen fordi filen er åpen i et annet program. Klarer ikke helt å skjønne i hvilket. Er ikke alle linkene jeg finner eller. Når jeg restarte fikk jeg denne meldingen, når Pcn var på igjen: Feil ved innlastning av C:\Windows\system32\gEwuvTmN.dell Angitte moduler ble ikke funnet. Spyware Doctor kommer med at denne linken, adserver.adtech.de, prøver å komme inn. Kan dette hjelpe deg noe? Endret 29. mai 2008 av mona14 Lenke til kommentar
r2d290 Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 (endret) Gjør nok ikke det Du ser at datoen er lik på alle loggene "Scan saved at 20:29:23, on 28.05.2008" Du prøvde å restarte før du lagde loggen? Har du prøvd fra sikkerhetsmodus? Kommer f.eks linja O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) opp i listen over alle linjene I PROGRAMMET, eller er det bare i tekst-dokumentet at den kommer opp? Edit: etter å ha lest din edit, så tror jeg at du er nødt til å bruke sikkerhetsmodus for å fikse O4-linjene (siden dette er filer som starter opp sammen med windows). I sikkerhetsmodus er det bare de viktige filene som starter opp, så da tror jeg det skal bli lettere å få fiksa dem. Endret 29. mai 2008 av r2d290 Lenke til kommentar
lknight Skrevet 29. mai 2008 Del Skrevet 29. mai 2008 her er logg over en pc jeg har forsøkt å kjøre renseprosessen på. ser at den fremdeles er ganske så treig, så jeg lurer på om jeg skal avinstallere Norton Antivirus... tror du at det hjelper, kanskje? her har du iallefall loggene: Combofix: Klikk for å se/fjerne innholdet nedenfor ComboFix 08-05-29.1 - Knut Sk 2008-05-29 20:25:06.1 - NTFSx86 Running from: C:\Documents and Settings\Knut Sk\Skrivebord\ComboFix.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\Documents and Settings\Audhild\err.log C:\Documents and Settings\Dina Birgitte\err.log C:\Documents and Settings\Dina Birgitte\Programdata\HbTools C:\Documents and Settings\Gjest\err.log C:\Documents and Settings\Gjest\Programdata\HbTools C:\Documents and Settings\Knut Sk\err.log C:\Programfiler\FunWebProducts C:\Programfiler\myglobalsearch C:\Programfiler\myglobalsearch\bar\2.bin\M9FFXTBR.JAR C:\Programfiler\myglobalsearch\bar\2.bin\M9FFXTBR.MANIFEST C:\Programfiler\myglobalsearch\bar\2.bin\M9NTSTBR.JAR C:\Programfiler\myglobalsearch\bar\2.bin\M9NTSTBR.MANIFEST C:\Programfiler\myglobalsearch\bar\2.bin\M9PLUGIN.DLL C:\Programfiler\myglobalsearch\bar\2.bin\NPMYGLSH.DLL C:\Programfiler\myglobalsearch\bar\CacheB4A8F6 C:\Programfiler\myglobalsearch\bar\CacheB4AD6B C:\Programfiler\myglobalsearch\bar\CacheB4AEF1.bin C:\Programfiler\myglobalsearch\bar\CacheB4B2AA.bin C:\Programfiler\myglobalsearch\bar\CacheB4B4AE.bin C:\Programfiler\myglobalsearch\bar\Cache\files.ini C:\Programfiler\myglobalsearch\bar\History\search C:\Programfiler\myglobalsearch\bar\Settings\prevcfg.htm C:\Programfiler\myglobalsearch\bar\Settings\settings.dat C:\Programfiler\myglobalsearch\bar\Settings\settings.htm C:\Programfiler\MyWebSearch C:\Programfiler\MyWebSearch\bar\History\search C:\Programfiler\MyWebSearch\bar\Settings\s_pid.dat C:\Programfiler\MyWebSearch\bar\Settings\settings.dat C:\Programfiler\MyWebSearch\bar\Settings\settings.htm . ((((((((((((((((((((((((( Files Created from 2008-04-28 to 2008-05-29 ))))))))))))))))))))))))))))))) . 2008-05-29 19:08 . 2008-05-29 19:08 <DIR> d-------- C:\Documents and Settings\All Users\Programdata\SUPERAntiSpyware.com 2008-05-29 19:07 . 2008-05-29 19:07 <DIR> d-------- C:\Programfiler\SUPERAntiSpyware 2008-05-29 19:07 . 2008-05-29 19:07 <DIR> d-------- C:\Documents and Settings\Knut Sk\Programdata\SUPERAntiSpyware.com 2008-05-29 18:59 . 2008-05-29 18:59 <DIR> dr-h----- C:\Documents and Settings\Knut Sk\Siste 2008-05-29 18:56 . 2008-05-29 18:56 <DIR> d-------- C:\Programfiler\CCleaner 2008-05-24 20:10 . 2008-05-24 20:10 <DIR> d---s---- C:\Documents and Settings\Gjest\UserData . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-05-29 18:39 --------- d-----w C:\Programfiler\Fellesfiler\Symantec Shared 2008-05-29 18:21 --------- d-----w C:\Documents and Settings\All Users\Programdata\Symantec 2008-05-29 18:13 --------- d-----w C:\Programfiler\BearShare 2008-05-29 17:07 --------- d-----w C:\Programfiler\Fellesfiler\Wise Installation Wizard 2008-05-29 16:47 --------- d-----w C:\Programfiler\BoontyGames 2008-05-18 21:44 --------- d-----w C:\Documents and Settings\Knut Sk\Programdata\uTorrent 2008-04-22 17:39 --------- d-----w C:\Programfiler\MP3 Player Utilities 4.18 2008-04-13 11:09 --------- d-----w C:\Programfiler\utorrent 2008-04-12 14:27 --------- d-----w C:\Programfiler\Fellesfiler\Adobe 2008-04-11 15:50 --------- d-----w C:\Programfiler\ErrorSmart 2008-04-11 15:07 --------- d-----w C:\Documents and Settings\Knut Sk\Programdata\ErrorSmart 2008-04-07 21:01 --------- d-----w C:\Programfiler\Winamp 2008-04-07 19:00 --------- d-----w C:\Documents and Settings\Dina Birgitte\Programdata\ErrorSmart 2008-04-06 18:25 806 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.INF 2008-04-06 18:25 8,014 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.CAT 2008-04-06 18:25 115,000 ----a-w C:\WINDOWS\system32\drivers\SYMEVENT.SYS 2008-04-06 18:25 --------- d-----w C:\Programfiler\Symantec 2008-04-06 17:42 --------- d-----w C:\Programfiler\Norton Internet Security 2008-04-03 12:32 --------- d-----w C:\Programfiler\Lexmark X1100 Series 2008-04-02 17:09 --------- d-----w C:\Programfiler\Telenor 2008-04-02 17:09 --------- d-----w C:\Documents and Settings\All Users\Programdata\Telenor 2008-04-02 17:09 --------- d-----w C:\Documents and Settings\All Users\Programdata\Emotum . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SweetIM"="C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe" [2006-12-27 16:53 73840] "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 13:00 15360] "Registry Helper"="C:\Programfiler\Registry Helper\RegistryHelper.exe" [ ] "Disk Cleaner"="C:\Programfiler\Disk Cleaner\DiskCleaner.exe" [ ] "SUPERAntiSpyware"="C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2008-05-13 12:43 1510640] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" [2005-01-23 11:36 155648] "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2005-01-23 11:31 126976] "SoundMAXPnP"="C:\Programfiler\Analog Devices\Core\smax4pnp.exe" [2004-10-14 15:42 1404928] "DMXLauncher"="C:\Programfiler\Dell\Media Experience\DMXLauncher.exe" [2005-01-27 02:02 86016] "ISUSPM Startup"="C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 17:50 221184] "Lexmark X1100 Series"="C:\Programfiler\Lexmark X1100 Series\lxbkbmgr.exe" [2003-08-19 17:06 57344] "dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [2005-05-31 06:33 122941] "ISUSScheduler"="C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" [2004-07-27 17:50 81920] "BigDogPath"="C:\WINDOWS\VM_STI.exe" [2003-01-21 09:19 40960] "DVDLauncher"="C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" [2005-02-23 17:19 53248] "Telenor Online Start"="C:\Programfiler\Telenor\Online Start\Telenor.exe" [ ] "QuickTime Task"="C:\Programfiler\QuickTime\qttask.exe" [2007-02-16 11:54 282624] "iTunesHelper"="C:\Programfiler\iTunes\iTunesHelper.exe" [2007-03-02 16:24 257088] "SunJavaUpdateSched"="C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" [2008-02-22 05:25 144784] "Support audio cool poll"="C:\Documents and Settings\All Users\Programdata\INTERNET SPAM SUPPORT AUDIO\cash pure.exe" [2008-05-29 20:43 2428416] "WinampAgent"="C:\Programfiler\Winamp\winampa.exe" [2008-01-16 00:54 37376] "ccApp"="C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" [2007-02-20 14:17 115816] "osCheck"="C:\Programfiler\Norton Internet Security\osCheck.exe" [2007-02-20 14:16 771704] "SoftwareStation"="C:\Programfiler\eAcceleration\Station\station.exe" [ ] "Adobe Reader Speed Launcher"="C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 22:16 39792] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-04 13:00 15360] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Programfiler\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 10:13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "vidc.ffds"= ffdshow.ax [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "C:\\Programfiler\\MSN Messenger\\msnmsgr.exe"= "C:\\WINDOWS\\SYSTEM32\\LEXPPS.EXE"= "C:\\Programfiler\\Internet Explorer\\iexplore.exe"= "C:\\Programfiler\\utorrent\\utorrent.exe"= "C:\\Programfiler\\Zapu\\Zapu\\wDivi.exe"= "C:\\Programfiler\\Telenor\\Telenorhjelpen\\Telenor.exe"= "C:\\Programfiler\\iTunes\\iTunes.exe"= R0 ndisrd;ndisrd;C:\WINDOWS\system32\drivers\ndisrd.sys [2005-04-04 07:25] R2 Automatisk LiveUpdate-planlegging;Automatisk LiveUpdate-planlegging;"C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe" [2007-09-26 13:03] S3 Boonty Games;Boonty Games;"C:\Programfiler\Fellesfiler\BOONTY Shared\Service\Boonty.exe" [2006-08-28 16:41] S3 cmudau;C-Media USB Sound Interface;C:\WINDOWS\system32\drivers\cmudau.sys [2004-03-09 09:07] S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys [2005-08-02 23:10] S3 USB-100;Jensen USB Fast Ethernet Adapter;C:\WINDOWS\system32\DRIVERS\NETUSB2F.SYS [2001-05-08 16:58] S3 w300bus;Sony Ericsson W300 Driver driver (WDM);C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 16:49] S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter;C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 16:50] S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver;C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 16:50] S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM);C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 16:50] S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface;C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 16:50] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] tapisrv REG_MULTI_SZ Tapisrv *Newly Created Service* - COMHOST . Contents of the 'Scheduled Tasks' folder "2008-05-23 16:48:01 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job" - C:\Programfiler\Apple Software Update\SoftwareUpdate.exe "2008-04-12 01:30:01 C:\WINDOWS\Tasks\ErrorSmart Scheduled Scan.job" - C:\Programfiler\ErrorSmart\ErrorSmart.ex - C:\Programfiler\ErrorSmart "2008-05-26 18:00:00 C:\WINDOWS\Tasks\Norton Internet Security Online - Kjør fullstendig systemsøk - Knut Sk.job" SuperAntiSpyware: Klikk for å se/fjerne innholdet nedenfor SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/29/2008 at 08:07 PM Application Version : 4.1.1046 Core Rules Database Version : 3470 Trace Rules Database Version: 1461 Scan type : Complete Scan Total Scan Time : 00:55:36 Memory items scanned : 541 Memory threats detected : 2 Registry items scanned : 5144 Registry threats detected : 101 File items scanned : 22971 File threats detected : 474 Adware.MyGlobalSearchBar C:\PROGRAMFILER\MYGLOBALSEARCH\BAR\2.BIN\MGSBAR.DLL C:\PROGRAMFILER\MYGLOBALSEARCH\BAR\2.BIN\MGSBAR.DLL HKLM\Software\Classes\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\InprocServer32 HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\Programmable HKCR\CLSID\{37B85A21-692B-4205-9CAD-2626E4993404}\TypeLib HKLM\Software\Classes\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32 HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\Programmable HKCR\CLSID\{37B85A29-692B-4205-9CAD-2626E4993404}\TypeLib HKLM\Software\Classes\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404} HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Control HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32 HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\InprocServer32#ThreadingModel HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\MiscStatus\1 HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\ProgID HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Programmable HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\TypeLib HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\Version HKCR\CLSID\{37B85A2B-692B-4205-9CAD-2626E4993404}\VersionIndependentProgID HKLM\Software\Classes\CLSID\{EF281620-A3A3-4f08-874F-D68CFC9B7945} HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945} HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945} HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\InprocServer32 HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\InprocServer32#ThreadingModel HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\ProgID HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\Programmable HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\TypeLib HKCR\CLSID\{EF281620-A3A3-4F08-874F-D68CFC9B7945}\VersionIndependentProgID HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37B85A21-692B-4205-9CAD-2626E4993404} HKLM\Software\Microsoft\Internet Explorer\Toolbar#{37B85A29-692B-4205-9CAD-2626E4993404} HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404} HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\win32 HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\FLAGS HKCR\TypeLib\{37B85A20-692B-4205-9CAD-2626E4993404}\1.0\HELPDIR BearShare File Sharing Client C:\PROGRAMFILER\BEARSHARE\BEARSHARE.EXE C:\PROGRAMFILER\BEARSHARE\BEARSHARE.EXE [bearShare] C:\PROGRAMFILER\BEARSHARE\BEARSHARE.EXE C:\DOCUMENTS AND SETTINGS\ALL USERS\START-MENY\PROGRAMMER\BEARSHARE\BEARSHARE.LNK C:\DOCUMENTS AND SETTINGS\ALL USERS\START-MENY\PROGRAMMER\BEARSHARE.LNK C:\DOCUMENTS AND SETTINGS\AUDHILD\SKRIVEBORD\BEARSHARE.LNK C:\DOCUMENTS AND SETTINGS\DINA BIRGITTE\SKRIVEBORD\BEARSHARE.LNK C:\DOCUMENTS AND SETTINGS\KNUT SK\SKRIVEBORD\BEARSHARE.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-1007\DC1055.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-1007\DC1056.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-1007\DC813.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-1007\DC992.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-1008\DC45.LNK C:\RECYCLER\S-1-5-21-3276781575-1798454269-388581382-501\DC1.LNK C:\SYSTEM VOLUME INFORMATION\_RESTORE{3E0C683E-89DF-4C61-BBDB-4266F97EC915}\RP668\A0061223.LNK C:\SYSTEM VOLUME INFORMATION\_RESTORE{3E0C683E-89DF-4C61-BBDB-4266F97EC915}\RP691\A0062552.LNK C:\WINDOWS\Prefetch\BEARSHARE.EXE-04B4A245.pf Adware.MyWay HKLM\Software\Classes\CLSID\{014DA6C9-189F-421a-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10} HKCR\CLSID\{014DA6C9-189F-421A-88CD-07CFE51CFF10}\InprocServer32 HKLM\Software\MyWay HKLM\Software\MyWay\SearchAssistant Adware.IST/YourSiteBar HKLM\Software\Microsoft\Internet Explorer\Toolbar#{86227D9C-0EFE-4f8a-AA55-30386A3F5686} HKCR\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8} HKCR\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}\ProxyStubClsid HKCR\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}\ProxyStubClsid32 HKCR\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}\TypeLib HKCR\Interface\{03B800F9-2536-4441-8CDA-2A3E6D15B4F8}\TypeLib#Version HKCR\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542} HKCR\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}\ProxyStubClsid HKCR\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}\ProxyStubClsid32 HKCR\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}\TypeLib HKCR\Interface\{DFBCC1EB-B149-487E-80C1-CC1562021542}\TypeLib#Version HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44} HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}\1.0 HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}\1.0 HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}\1.0\win32 HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}\1.0\FLAGS HKCR\TypeLib\{4EE12B71-AA5E-45EC-8666-2DB3AD3FDF44}\1.0\HELPDIR HKLM\Software\YourSiteBar HKLM\Software\YourSiteBar#installTitle HKLM\Software\YourSiteBar#serverpath HKLM\Software\YourSiteBar#urlAfterInstall HKLM\Software\YourSiteBar#gUpdate HKLM\Software\YourSiteBar#TBRowMode HKLM\Software\YourSiteBar#yoursitebar.xml HKLM\Software\YourSiteBar#imagemap_normal.bmp HKLM\Software\YourSiteBar#showcorrupted HKLM\Software\YourSiteBar#updatever HKLM\Software\YourSiteBar#refreshscope HKLM\Software\YourSiteBar#allowupdate HKLM\Software\YourSiteBar#LastCheckTime HKLM\Software\YourSiteBar#version.txt HKLM\Software\YourSiteBar#UpdateBegin HKLM\Software\YourSiteBar\Historycompare_item HKLM\Software\YourSiteBar\Historyfiles HKLM\Software\YourSiteBar\Historyfiles#C:\Programfiler\YourSiteBar\yoursitebar.xml HKLM\Software\YourSiteBar\Historyfiles#C:\Programfiler\YourSiteBar\imagemap_normal.bmp HKLM\Software\YourSiteBar\Historyfiles#C:\Programfiler\YourSiteBar\version.txt C:\Programfiler\YourSiteBar\imagemap_normal.bmp C:\Programfiler\YourSiteBar\version.txt C:\Programfiler\YourSiteBar\yoursitebar.xml C:\Programfiler\YourSiteBar Adware.Tracking Cookie C:\Documents and Settings\Knut Sk\Cookies\knut [email protected][2].txt C:\Documents and Settings\Knut Sk\Cookies\knut [email protected][2].txt C:\Documents and Settings\Knut Sk\Cookies\knut sk@adtech[1].txt C:\Documents and Settings\Knut Sk\Cookies\knut [email protected][1].txt C:\Documents and Settings\Knut Sk\Cookies\knut [email protected][2].txt C:\Documents and Settings\Knut Sk\Cookies\knut [email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@adrenalinesk[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@xiti[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@zedo[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@specificclick[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@adnetserver[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@atwola[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@apmebf[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@revenue[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@adultswim[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@bizrate[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@doubleclick[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@interclick[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@247realmedia[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@zanox[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@belnk[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@indextools[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@fortunecity[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@accelerator-media[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@questionmarket[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@dealtime[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@tradedoubler[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@screensavers[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@findwhat[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@superstats[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@winantivirus[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@statcounter[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@kontera[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@sexlist[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@hotlog[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@burstnet[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@clevermedia[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@hitbox[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@hotbar[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@experclick[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@tribalfusion[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@trafficmp[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@mywebsearch[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@teenstryanal[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@adserver[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@adrevolver[3].txt C:\Documents and Settings\Audhild\Cookies\audhild@adrevolver[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@findcoolclothes[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@traffictracker[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@funwebproducts[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@focalex[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@2o7[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@click24[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@adtech[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@toplist[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][3].txt C:\Documents and Settings\Audhild\Cookies\audhild@bravenet[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@overture[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@partypoker[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@partyfriendfinder[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@adecn[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@maxserving[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@youngporn[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@advertising[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@valueclick[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@realmedia[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@yadro[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@fliptrack[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@fastclick[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@indexstats[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@adsrevenue[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@crackle[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@azjmp[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@stats[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@atdmt[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@find---people[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@enhance[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@adbrite[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@smileycentral[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@tripod[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@tacoda[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@mediaport[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@mediaplex[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@weborama[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@sextracker[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@cassava[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@nextag[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@pacificpoker[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@revsci[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@casalemedia[1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@clicktorrent[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][2].txt C:\Documents and Settings\Audhild\Cookies\audhild@drivecleaner[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@herfirstanalsex[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@insightexpressai[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@optimost[1].txt C:\Documents and Settings\Audhild\Cookies\audhild@pacificpoker[3].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Cookies\audhild@serving-sys[2].txt C:\Documents and Settings\Audhild\Cookies\audhild@smartadserver[2].txt C:\Documents and Settings\Audhild\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Lokale innstillinger\Temp\Cookies\[email protected][1].txt C:\Documents and Settings\Audhild\Lokale innstillinger\Temp\Cookies\[email protected][1].txt .msnportal.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .server.iad.liveperson.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] www.incentaclick.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .track.adform.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .track.adform.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] track.adform.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .track.adform.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .track.adform.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .doubleclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tradedoubler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tradedoubler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tradedoubler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tradedoubler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statcounter.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .kontera.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .kontera.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .kontera.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .kontera.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .a.websponsors.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .adviva.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] ad.yieldmanager.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] ad.yieldmanager.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] ad.yieldmanager.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .zedo.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .zedo.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] ad1.emediate.dk [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .yadro.ru [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .yadro.ru [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .xiti.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .zanox.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .www.click24.no [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .www.burstbeacon.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .www.adserver5.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .vdn.valuead.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .vdn.valuead.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .vdn.valuead.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .vdn.valuead.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .vdn.valuead.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .watagame.banneradministration.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .valueclick.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .wrigley.122.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .watagame.banneradministration.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .watagame.banneradministration.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tribalfusion.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .webstat.yamaha.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .webstat.yamaha.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tracker.affistats.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .trinitymirror.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .traffictracker.dk [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .weborama.fr [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tripod.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .try.screensavers.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .toplist.cz [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.www.fi [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .telenorstartsiden.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stats.channel4.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .telenor.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.onestat.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.onestat.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.if.no [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.onestat.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .superstats.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statse.webtrendslive.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tacoda.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tacoda.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .tacoda.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .stat.katalysatormedia.no [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .smileycentral.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .smileycentral.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .spreadshirtag.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .smartadserver.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .smartadserver.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .specificclick.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .smartadserver.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .locator.metadata.windowsmedia.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .server.cpmstar.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .servedby.adxpower.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .servedby.adxpower.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .servedby.adxpower.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serving-sys.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .serif.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .rotator.adjuggler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statse.webtrendslive.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .statse.webtrendslive.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revsci.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .saxoorklamedia.122.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .rotator.adjuggler.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .revenue.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .int.sitestat.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .rambler.ru [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .pacificpoker.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .realmedia.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .realmedia.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .questionmarket.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .questionmarket.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .partygaming.122.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .overture.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .overture.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .overture.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .partypoker.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .partypoker.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .perf.overture.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .int.sitestat.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .nstat.allerinternett.no [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .mywebsearch.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .mediamgr.ugo.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .maxserving.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .maxserving.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .microsoftwlmessengermkt.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .msnaccountservices.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .microsofteup.112.2o7.net [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .mediaplex.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .media.adrevolver.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] .media.adrevolver.com [ C:\Documents and Settings\Audhild\Programdata\Mozilla\Firefox\Profiles\qhoc099d.default\cookies.txt ] C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@tradedoubler[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@experclick[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adtech[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@belnk[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@toplist[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@mediaplex[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@247realmedia[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@partyfriendfinder[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@bfast[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@findsomeonegood[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adrevolver[3].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adrevolver[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@questionmarket[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@netmediagroup[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@tacoda[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@partypoker[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@2o7[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@advertising[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@tripod[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adultswim[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@maxserving[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adbrite[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@tribalfusion[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@cassava[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@indexstats[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@revsci[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adlegend[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][3].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@valueclick[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@casalemedia[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@burstnet[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@revenue[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@atwola[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@minitrackmania[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@serving-sys[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@atdmt[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@pacificpoker[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@trafficmp[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@smileycentral[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adserver[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@doubleclick[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@hitbox[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@drivecleaner[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@hotbar[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@interclick[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@clicktorrent[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@indextools[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@xiti[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@overture[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@realmedia[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@dmtracker[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@zedo[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@fastclick[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@specificclick[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@superstats[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@adultfriendfinder[1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@focalex[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@hotels-and-discounts[2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][1].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina [email protected][2].txt C:\Documents and Settings\Dina Birgitte\Cookies\dina birgitte@statcounter[1].txt .fastclick.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .fastclick.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .casalemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .doubleclick.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .apmebf.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .advertising.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .tradedoubler.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] track.adform.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-warnerbrothers.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .eas.apm.emediate.eu [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .eas.apm.emediate.eu [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-groupernetworks.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-wssuk.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .edsa.122.2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .e2.emediate.se [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-wssuk.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .estat.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-hasbro.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-hasbro.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-hasbro.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-ladbrokes.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-cb.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-cb.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-cb.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-cb.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-dig.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-warnerbrothers.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ehg-yvesrocher.hitbox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .counter.hitslink.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .imrworldwide.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .blinck.112.2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .int.sitestat.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .bfast.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .www5.addfreestats.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .burstnet.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .belnk.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .bs.serving-sys.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .imrworldwide.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adtech.de [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads2.drivelinemedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adultfriendfinder.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.gamesbannernet.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.gamesbannernet.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.tinde.no [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.avis2.no [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.pointroll.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adtech.de [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.adremedy.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.adremedy.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.easyad.info [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adserver.easyad.info [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ads.dyrogmedia.no [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .atdmt.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad1.emediate.dk [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .247realmedia.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .int.sitestat.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adlegend.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.zanox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.zanox.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adbrite.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adopt.euroclick.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .2o7.net [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .media.adrevolver.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adrevolver.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad1.emediate.dk [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad1.emediate.dk [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .ad.yieldmanager.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .adrevolver.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] .media.adrevolver.com [ C:\Documents and Settings\Dina Birgitte\Programdata\Mozilla\Firefox\Profiles\6n5sdapc.default\cookies.txt ] C:\Documents and Settings\Gjest\Cookies\gjest@serving-sys[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@tribalfusion[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@adultfriendfinder[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@tacoda[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@adbrite[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@doubleclick[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@adlegend[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@burstnet[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@atdmt[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@pacificpoker[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@apmebf[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@statcounter[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@smileycentral[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@xiti[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@zedo[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@advertising[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@hitbox[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@hotbar[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@maxserving[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@247realmedia[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@tradedoubler[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@valueclick[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@belnk[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@fastclick[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Cookies\gjest@overture[1].txt C:\Documents and Settings\Gjest\Cookies\gjest@2o7[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@casalemedia[2].txt C:\Documents and Settings\Gjest\Cookies\[email protected][2].txt C:\Documents and Settings\Gjest\Cookies\gjest@adtech[2].txt C:\Documents and Settings\Gjest\Cookies\gjest@mediaplex[1].txt C:\Documents and Settings\Gjest\Cookies\[email protected][1].txt C:\Documents and Settings\Gjest\Lokale innstillinger\Temp\Cookies\gjest@2o7[2].txt C:\Documents and Settings\Gjest\Lokale innstillinger\Temp\Cookies\gjest@atdmt[1].txt Adware.IST/ISTBar (Slotch Bar) HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429} HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}\1.1 HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}\1.1 HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}\1.1\win32 HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}\1.1\FLAGS HKCR\TypeLib\{67907B3C-A6EF-4A01-99AD-3FCD5F526429}\1.1\HELPDIR HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F} HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}\ProxyStubClsid HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}\ProxyStubClsid32 HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}\TypeLib HKCR\Interface\{0985C112-2562-46F2-8DA6-92648BA4630F}\TypeLib#Version HKU\S-1-5-21-3276781575-1798454269-388581382-1006\Software\Microsoft\Internet Explorer\Main#BandRest HKLM\SOFTWARE\Microsoft\Internet Explorer\Main#BandRest Trojan.ErrorSafe C:\DOCUMENTS AND SETTINGS\AUDHILD\LOKALE INNSTILLINGER\TEMP\ERRORSAFESCANNERSETUP.EXE C:\DOCUMENTS AND SETTINGS\AUDHILD\LOKALE INNSTILLINGER\TEMP\NI.ERSH_9999_N91S1212\SETUP.EXE C:\WINDOWS\SYSTEM32\ERRORSAFESETUP.EXE Adware.Lop C:\DOCUMENTS AND SETTINGS\AUDHILD\LOKALE INNSTILLINGER\TEMP\STA16.EXE Adware.Lop-Variant C:\SYSTEM VOLUME INFORMATION\_RESTORE{3E0C683E-89DF-4C61-BBDB-4266F97EC915}\RP701\A0063202.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{3E0C683E-89DF-4C61-BBDB-4266F97EC915}\RP704\A0063451.EXE C:\SYSTEM VOLUME INFORMATION\_RESTORE{3E0C683E-89DF-4C61-BBDB-4266F97EC915}\RP704\A0063453.EXE HJT: Klikk for å se/fjerne innholdet nedenfor Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 21:35, on 2008-05-29 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe C:\WINDOWS\system32\LEXBCES.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\LEXPPS.EXE C:\WINDOWS\Explorer.EXE C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\hkcmd.exe C:\Programfiler\Analog Devices\Core\smax4pnp.exe C:\Programfiler\Dell\Media Experience\DMXLauncher.exe C:\Programfiler\Lexmark X1100 Series\lxbkbmgr.exe C:\WINDOWS\system32\dla\tfswctrl.exe C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe C:\WINDOWS\VM_STI.EXE C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe C:\Programfiler\QuickTime\qttask.exe C:\Programfiler\iTunes\iTunesHelper.exe C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe C:\Programfiler\Winamp\winampa.exe C:\Programfiler\Lexmark X1100 Series\lxbkbmon.exe C:\Programfiler\Internet Explorer\iexplore.exe C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe C:\Programfiler\iPod\bin\iPodService.exe C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe C:\WINDOWS\system32\ctfmon.exe C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\System32\svchost.exe C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Programfiler\internet explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\notepad.exe C:\Programfiler\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.startsiden.no/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programfiler\Macrogaming\SweetIMBarForIE\toolbar.dll R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programfiler\Share_Accelerator_MM\tbSha1.dll O2 - BHO: Koblingshjelpeprogram for Adobe PDF Reader - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Fellesfiler\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Programfiler\Fellesfiler\Symantec Shared\coShared\Browser\1.5\NppBho.dll O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programfiler\Share_Accelerator_MM\tbSha1.dll O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Programfiler\Fellesfiler\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Telenor Telenorhjelpen Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Programfiler\Telenor\Telenorhjelpen\IEFixItNowPlugin.dll O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Programfiler\Macrogaming\SweetIMBarForIE\toolbar.dll O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Programfiler\Share_Accelerator_MM\tbSha1.dll O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Programfiler\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [DMXLauncher] C:\Programfiler\Dell\Media Experience\DMXLauncher.exe O4 - HKLM\..\Run: [iSUSPM Startup] C:\PROGRA~1\FELLES~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Programfiler\Lexmark X1100 Series\lxbkbmgr.exe" O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe O4 - HKLM\..\Run: [iSUSScheduler] "C:\Programfiler\Fellesfiler\InstallShield\UpdateService\issch.exe" -start O4 - HKLM\..\Run: [bigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera 301x O4 - HKLM\..\Run: [DVDLauncher] "C:\Programfiler\filer\CyberLink\PowerDVD\DVDLauncher.exe" O4 - HKLM\..\Run: [Telenor Online Start] "C:\Programfiler\Telenor\Online Start\Telenor.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Programfiler\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Programfiler\Java\jre1.6.0_05\bin\jusched.exe" O4 - HKLM\..\Run: [support audio cool poll] C:\Documents and Settings\All Users\Programdata\INTERNET SPAM SUPPORT AUDIO\cash pure.exe O4 - HKLM\..\Run: [WinampAgent] C:\Programfiler\Winamp\winampa.exe O4 - HKLM\..\Run: [ccApp] "C:\Programfiler\Fellesfiler\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "C:\Programfiler\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [softwareStation] C:\Programfiler\eAcceleration\Station\station.exe /b Startup O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Programfiler\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKCU\..\Run: [sweetIM] C:\Programfiler\Macrogaming\SweetIM\SweetIM.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Registry Helper] "C:\Programfiler\Registry Helper\RegistryHelper.Exe" /boot O4 - HKCU\..\Run: [Disk Cleaner] "C:\Programfiler\Disk Cleaner\DiskCleaner.Exe" /boot O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Programfiler\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOKAL TJENESTE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETTVERKSTJENESTE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: AutorunsDisabled O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programfiler\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe O16 - DPF: {00C1329F-D6C9-46A2-8C3F-23F50977F0A5} (SMUpdateAX Class) - http://www.liquidlab.se/smupdate/stallet/SetupInf.cab O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedC...bin/AvSniff.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) - O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Messe...nt.cab56907.cab O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com/products/acrobat/nos/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineS...er.cab56986.cab O20 - Winlogon Notify: !SASWinLogon - C:\Programfiler\SUPERAntiSpyware\SASWINLO.dll O23 - Service: Automatisk LiveUpdate-planlegging - Symantec Corporation - C:\Programfiler\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Boonty Games - BOONTY - C:\Programfiler\Fellesfiler\BOONTY Shared\Service\Boonty.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Programfiler\Fellesfiler\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Programfiler\iPod\bin\iPodService.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Programfiler\Norton Internet Security\isPwdSvc.exe O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Programfiler\WinPcap\rpcapd.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\CCPD-LC\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Programfiler\Fellesfiler\Symantec Shared\AppCore\AppSvc32.exe -- End of file - 10620 bytes takk for hjelpen. Lenke til kommentar
Anbefalte innlegg
Opprett en konto eller logg inn for å kommentere
Du må være et medlem for å kunne skrive en kommentar
Opprett konto
Det er enkelt å melde seg inn for å starte en ny konto!
Start en kontoLogg inn
Har du allerede en konto? Logg inn her.
Logg inn nå