View Full Version : Winfixer?
Hello there!
I recently ran a Spybot scan that found two entries for "Winfixer" ("tracking cookies", it said)--I fixed them. However, each time I've rebooted the computer since, Spybot finds them again. I would be ever so grateful for your input and help, as I've been before! :)
Here is the HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 11:03:40, on 2006-02-27
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program\Iomega\System32\ActivityDisk.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\Program\Dell\Media Experience\PCMService.exe
C:\Program\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\Iomega\DriveIcons\ImgIcon.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Iomega\AutoDisk\AD2KClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Outlook Express\msimn.exe
C:\Program\Microsoft Office\OFFICE11\WINWORD.EXE
C:\PROGRAM\MOZILL~1\FIREFOX.EXE
C:\Antispyware\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://start.comhem.se/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.euro.dell.com/countries/se/sve/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://www.euro.dell.com/countries/se/sve/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Länkar
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} -
C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} -
C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} -
C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched]
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\Media
Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher]
"C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2\Surround
Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet]
C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program\Delade filer\Sonic\Update
Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program\Norton Internet
Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Iomega Startup Options]
C:\Program\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons]
C:\Program\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade
filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe
/Consumer
O4 - HKLM\..\Run: [Name of App] C:\Program\SAMSUNG\FW
LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe"
-atboottime
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:ENG
O4 - HKCU\..\Run: [Iomega Active Disk]
C:\Program\Iomega\AutoDisk\AD2KClient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search -
res://c:\program\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word -
res://c:\program\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links -
res://c:\program\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page -
res://c:\program\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportera till Microsoft Excel -
res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages -
res://c:\program\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English -
res://c:\program\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file
missing)
O9 - Extra button: Referensinformation -
{92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) -
http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
(MsnMessengerSetupDownloadControl Class) -
http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
"C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation
- C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Crypkey License - Unknown owner -
C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation -
C:\Program\Iomega\System32\ActivityDisk.exe
O23 - Service: iPodService - Apple Computer, Inc. -
C:\Program\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec
Corporation - C:\Program\Norton Internet Security\Norton
AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
C:\Program\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet
Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
Hello and sorry for the wait.
Please go here and post a link back to this topic to flag a helper.
If you have waited three days for advice post here. (http://forums.spybot.info/showthread.php?p=4836#post4836)
Hi there,
I have been waiting for help. My problem does not seem very serious, but it would be nice to get rid of it! :)
Here is the link to my topic:
http://forums.spybot.info/showthread.php?t=2698
check you post please
hi
sorry for the wait
Please download ewido anti malware (http://www.ewido.net/en/download/) it is a free version of the program.
Install ewido security suite
When installing, under "Additional Options" uncheck..
Install background guard
Install scan via context menu
Launch ewido, there should be an icon on your desktop, double-click it.
The program will now open to the main screen.
When you run ewido for the first time, you may get a warning "Database could not be found!". Click OK. We will fix this in a moment.
You will need to update ewido to the latest definition files.
On the left hand side of the main screen click update.
Then click on Start Update.
The update will start and a progress bar will show the updates being installed.
(the status bar at the bottom will display ("Update successful")
If you are having problems with the updater, you can use this link to manually update ewido.
ewido manual updates (http://www.ewido.net/en/download/updates/)
Once the updates are installed do the following:
reboot your computer in SafeMode by doing the following:
Restart your computer
After hearing your computer beep once during startup, but before the Windows icon appears, press F8.
Instead of Windows loading as normal, a menu should appear
Select the first option, to run Windows in Safe Mode.
then launch ewido:
Click on scanner
Click on Complete System Scan and the scan will begin.
You will be prompted to clean the first infection.
Select "Perform action on all infections", then proceed.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
Click Save report.
Save the report .txt file to your desktop or a location where you can find it easily.
Close ewido security suite.
reboot
post a new hijackthis log and the ewido report
I just ran a SpyBot scan, and for some reason this time it did not find anything. No Winfixer. Do you recommend I still run ewido?
The only symptom I've had of anything wrong on my computer is that NAV auto-protect reports it's off every time I reboot, then swiftly turns on.
Do you recommend I still run ewido?
The only symptom I've had of anything wrong on my computer is that NAV auto-protect reports it's off every time I reboot, then swiftly turns on.
yes, run the scan in safe mode, then post the report and a new hjt log thank you
Right!
Here is the new HJT log, followed by the Ewido log - I had to break them up into two messages, as, apparently, a message can only be 20000 characters long:
Logfile of HijackThis v1.99.1
Scan saved at 13:25:53, on 2006-03-05
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\Program\Dell\Media Experience\PCMService.exe
C:\Program\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\Iomega\DriveIcons\ImgIcon.exe
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program\QuickTime\qttask.exe
C:\Program\ewido anti-malware\ewidoctrl.exe
C:\Program\Iomega\System32\ActivityDisk.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\Program\Iomega\AutoDisk\AD2KClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Antispyware\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.comhem.se/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Name of App] C:\Program\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:ENG
O4 - HKCU\..\Run: [Iomega Active Disk] C:\Program\Iomega\AutoDisk\AD2KClient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation - C:\Program\Iomega\System32\ActivityDisk.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
Apparently the Ewido report in itself is too long, so I've broken that one up too...
Report-Checksum: 630B9847
Scan result:
:mozilla.9:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.10:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.11:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.12:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.15:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.19:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.22:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.28:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.41:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.43:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.44:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.207:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.219:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.256:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.264:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.268:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.269:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.270:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.273:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.274:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.288:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.289:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.295:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.296:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.318:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Addynamix : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.323:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.324:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.396:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.398:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.399:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.400:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.401:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.443:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned with backup
:mozilla.515:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.516:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.517:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.518:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.551:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.552:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.553:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.554:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.575:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.576:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.578:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.579:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.581:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.582:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.596:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.616:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.633:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.634:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.635:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.636:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.637:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.708:C:\Documents and Settings\Jakob Winnberg\Application Data\Mozilla\Firefox\Profiles\bcxcbgur.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@c.enhance[1].txt -> TrackingCookie.Enhance : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cnn.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz11.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz3.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz4.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz5.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz6.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz7.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz8.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@cz9.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@e-2dj6wjmycpczekp.stats.esomniture[2].txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@image.masterstats[1].txt -> TrackingCookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@ivwbox[2].txt -> TrackingCookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@maxim.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@paypopup[2].txt -> TrackingCookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@sales.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@server3.web-stat[2].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@stats1.reliablestats[2].txt -> TrackingCookie.Reliablestats : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@symantec.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@vip.clickzs[1].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@vip2.clickzs[2].txt -> TrackingCookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@webstat[3].txt -> TrackingCookie.Web-stat : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@www.myaffiliateprogram[2].txt -> TrackingCookie.Myaffiliateprogram : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Cookies\jakob winnberg@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Lokala inställningar\Temp\Cookies\jakob winnberg@com[2].txt -> TrackingCookie.Com : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Skrivbord\SetUps&Zips\AMAnalogWarfare2\Angular Momentum Analog Warfare 2.exe -> Adware.MDH : Cleaned with backup
C:\Documents and Settings\Jakob Winnberg\Skrivbord\SetUps&Zips\AMAnalogWarfare2.zip/Angular Momentum Analog Warfare 2.exe -> Adware.MDH : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP350\A0026345.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP350\A0026346.exe -> Trojan.Qhost.df : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP350\A0026353.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP351\A0026409.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP351\A0026436.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP352\A0026503.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP352\A0026513.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP352\A0026535.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP353\A0026589.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP353\A0026599.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP354\A0026612.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP355\A0027087.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP356\A0027108.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP357\A0027134.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP357\A0027180.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP358\A0027211.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP360\A0027444.exe -> Trojan.Pakes : Cleaned with backup
C:\System Volume Information\_restore{B19406CB-15FE-4643-899E-BE44508A1787}\RP360\A0027447.exe -> Trojan.Favadd.an : Cleaned with backup
hi
are you still with us?
Please check your Private Messages too !
hi
thanks for sending that report
all infected items seem to be in system restore. we will handle the later
do you still have that behaviour with NAV auto protect?
also can you post a freh hiajckthis log
Hi.
Yes, and I put it wrong when I said it was auto-protect--what it says is: "NAV is not activated". A few seconds later, it obviously is.
Here is the new HJT log:
Logfile of HijackThis v1.99.1
Scan saved at 13:16:50, on 2006-03-12
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\hkcmd.exe
C:\Program\Java\jre1.5.0_06\bin\jusched.exe
C:\Program\Dell\Media Experience\PCMService.exe
C:\Program\CyberLink\PowerDVD\DVDLauncher.exe
C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program\ewido anti-malware\ewidoctrl.exe
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\Iomega\System32\ActivityDisk.exe
C:\Program\Iomega\DriveIcons\ImgIcon.exe
C:\Program\Delade filer\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program\Delade filer\Real\Update_OB\realsched.exe
C:\Program\Microsoft AntiSpyware\gcasServ.exe
C:\Program\iTunes\iTunesHelper.exe
C:\Program\QuickTime\qttask.exe
C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
C:\Program\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\Program\Iomega\AutoDisk\AD2KClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Mozilla Firefox\firefox.exe
C:\Program\Messenger\msmsgs.exe
C:\Antispyware\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.comhem.se/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.euro.dell.com/countries/se/sve/gen/default.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program\google\googletoolbar1.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe
O4 - HKLM\..\Run: [CTDVDDet] C:\Program\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program\Delade filer\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] C:\Program\Norton Internet Security\UrlLstCk.exe
O4 - HKLM\..\Run: [Iomega Startup Options] C:\Program\Iomega\Common\ImgStart.exe
O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program\Iomega\DriveIcons\ImgIcon.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program\Delade filer\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [Name of App] C:\Program\SAMSUNG\FW LiveUpdate\Liveupdate.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [SB Audigy 2 Startup Menu] /L:ENG
O4 - HKCU\..\Run: [Iomega Active Disk] C:\Program\Iomega\AutoDisk\AD2KClient.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &Google Search - res://c:\program\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program\google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xportera till Microsoft Excel - res://C:\Program\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://c:\program\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/kavwebscan_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: Crypkey License - Unknown owner - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program\ewido anti-malware\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Iomega Activity Disk2 - Iomega Corporation - C:\Program\Iomega\System32\ActivityDisk.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program\iPod\bin\iPodService.exe
O23 - Service: Norton AntiVirus Auto Protect-tjänst (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
ok which version of NAV it is? i must consult a friend of mine who is a NAV specialist ...
Norton Antivirus 10.0.1.13. Norton Internet Security 7.0.3.8.
just to clarify, you have swedish language versions ?
Ja! :)
It is the Swedish version.
hi
i'll post some instructions in english anyways ;)
1. Open NIS by doubleclicking on the system tray icon and then go to: Help, About, Activation. See what it says and if it tells you need to activate the product, you should continue and run the activation wizard there -- you will need his original CD with the activation key on it.
2. If that doesn't fix or isn't clear you can consult this document:
How to activate your Norton 2004/2005 program after it is installed
http://service1.symantec.com/SUPPORT/custserv.nsf/docid/2006031516125146?Open&src=bar_sch_nam&docid=20041001101742925&nsf=custserv.nsf&view=a8f4836d2a65eae0882568c4007f9e39&dtype=&prod=&ver=&osv=&osv_lvl=&seg=
3. If all else fails youcan always try a repair {uninstall & reinstall}
special thanks to Randy Bell for this info :)
Thanks for the help--but I can't find anything to activate that isn't activated. And as I said, the message that NAV is inactive is temporary--it then turns active, so that's what I'm working with as I try to fix the issue... :(
I suppose I should take this to Symantec directly!
hi
did you try to uninstall the reinstall it ?
No, I did not get around to the uninstall/reinstall. Will do that ASAP. Going away for a few days... :)
A question regarding uninstalling/reinstalling NIS/NAV: what will happen to my subscription data? Will it somehow retrieve that? :scratch:
hi
if you still have your cd key, there will be no problems
i seem to remember that the subscription data is hidden in the registry, and uninstall wont delete it
Well, NIS/NAV came preinstalled on the computer, and the reinstall CD only has the Setup.exe. So I'd have to be sure the subscription data is then retrieved from the registry--or funny things might start happening! Are you sure about this? :)
hi
well its not the end of the world, if its not, there are free antivirus solutions available. my last experience is from NAV 2002 so my info may be outdated
Yes--but seeing as I paid to have NAV running for another year (one born each minute! ;) ), it would be nice if it did run for another year.
I mean, it obviously works anyway. So do I just accept that error message, seeing as it is no big deal?
hi
have you tried contacting symantec's support ?
they should still have a copy of your puchase data
This topic will be archived to prevent others with similar issues posting in it.
If you need it re-opened please send me a pm and provide a link to the thread.
Thank you illukka.