Weird System Config Fejl - God Geek Challenge! X3

GMB · #1 25 januar 2008, 17:47

Så i en tråd på et andet webstedJeg forsøgte at slippe af med en runner fejl, og fik nogle råd til at gå ind i Kør og redigere startlyden ting og un-klik på Opdateringer fra HP indstilling. Det gjorde jeg, og det løst dette problem, men nu er jeg hente dette:

Jeg har prøvet en masse forskellige ting, men jeg normalt kun gøre tingene værre. Her er, hvad startlyden ting ser ud nu:

og

Nogen mente, at det kunne være virus-relaterede. Jeg fandt en trojan, men det var let behandles, men jeg er stadig få fejl.

Jeg ved, at dette er et parti, men det er virkelig begynder at bremse temmeligt alt og er bare at give mig et helvede, når jeg forsøger at få noget gjort. Enhver hjælp ville være meget værdsat.

**evilfantasy** · #2 25 januar 2008, 18:29

Gå og ændre den til Normal start Mode.

Installer Start Tool

Åbn værktøj og højre klikke på noget, du ikke længere ønsker at køre ved start derefter vælge Fjern.

Hvad er fqvcil?

GMB · #3 25 januar 2008, 18:45

Helt ærligt, jeg har ingen idé. Jeg er virkelig dårlig med computere, så jeg ved ikke engang, hvad de fleste af, at ting betyder. x3 jeg havde det på Normal før, og det var stadig gør det, men lad mig tjekke, at værktøjet og genstart og se, om det hjælper.

Thanks a lot for rådgivning af den måde. :) Jeg forstår det.

**evilfantasy** · #4 25 januar 2008, 18:50

At indrejse, ikke ser ret. Lad os tage et nærmere kig.

Download og omdøbe HijackThis (HJT)

Dobbeltklik på HJTInstall.
Klik på Installer knappen.
Det vil automatisk placere HJT i C: \ Programmer \ TrendMicro \ HijackThis \ HijackThis.exe.
Efter installere, HijackThis bør åbne for dig.
- Luk HijackThis og omdøb den.
- Gå til C: \ Programmer \ Trend Micro \HijackThis.exe
- Højreklik på HijackThis.exe og vælge Omdøb.
- Skriv sniper.exe og tryk Indtast.
- Højreklik på på sniper.exe og vælge Send til > Desktop (Opret genvej)
Fra skrivebordet åbne HiajckThis.
Hvis du bruger Windows Vista, skal du sørge for at Kør som administrator
Klik på Må en systemscanning og gemme en logfil knappen
HijackThis scanner og derefter en log åbnes i Notesblok.
Kopier og indsæt derefter logge på dit indlæg.
- Må ikke har Hijackthis fastsætte noget endnu. Det meste af, hvad det finder vil være harmløse eller endda kræves.

Selv om vi har omdøbt HijackThis til snigskytte, vil vi stadig referere til det som HijackThis eller HJT.

GMB · #5 25 januar 2008, 19:07

Wow ... det er en masse ting.

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt på 9:05:38 PM, den 1/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Programmer \ ewido \ security suite \ ewidoctrl.exe
c: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ Programmer \ Google \ Gmail Notifier \ gnotify.exe
C: \ Programmer \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Windows \ System \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Programmer \ Microsoft IntelliType Pro \ itype.exe
C: \ Programmer \ Microsoft IntelliPoint \ ipoint.exe
C: \ Programmer \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programmer \ QuickTime \ QTTask.exe
C: \ Programmer \ iTunes \ iTunesHelper.exe
C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Programmer \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Programmer \ iPod \ bin \ iPodService.exe
C: \ Programmer \ synspunkt \ synspunkt Manager \ ViewMgr.exe
C: \ Programmer \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Programmer \ InterMute \ SpySubtract \ SpySub.exe
C: \ Programmer \ Mozilla Firefox \ firefox.exe
C: \ Programmer \ AIM \ aim.exe
C: \ Programmer \ BitLord \ BitLord.exe
C: \ Programmer \ Winamp \ winamp.exe
C: \ Programmer \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Programmer \ Messenger \ msmsgs.exe
C: \ Programmer \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Programmer \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP-visning - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - c: \ Programmer \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Programmer \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Programmer \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "c: \ Programmer \ HP \ (AAC4FC36-8F89-4587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ WINDOWS \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [Type] "C: \ Programmer \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Programmer \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Programmer \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeperUI.exe / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [SWG] "C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Gå ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R (User "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SWG] "C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Gå ogleToolbarNotifier.exe" (User "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe (User '? ')
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund (User '? ")
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe (User '? ")
O4 - Startup: Adobe Gamma.lnk = C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Programmer \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Programmer \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Opdateringer fra HP.lnk = C: \ Programmer \ Opdateringer fra HP \ 309731 \ Programmer \ Updates fra HP.exe
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Ekstra knap: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Programmer \ AIM \ aim.exe
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Programmer \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Programmer \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasse) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programmer \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido sikkerhed suite control - ewido netværk - C: \ Programmer \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown ejer - c: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown ejer - C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of file - 14608 bytes

**evilfantasy** · #6 25 januar 2008, 19:33

Åbn HJT og vælg Må en systemscanning kun derefter anbringe en markering ved siden af:

F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe

Luk alle vinduer undtagen for HJT klik derefter på Fix kontrolleres.

----------

Downloade ViewpointKiller

Unzip programmet og hele indholdet af ViewpointKiller.zip til en placering som dit skrivebord.
Dobbeltklik på ViewpointKiller ikonet for at køre ViewpointKiller.exe.
Vælg Fil menuen, og vælg Kontroller, om du har set installeret.
Hvis ViewpointKiller tyder på, at nogen af de synspunkt varianter er installeret, skal du vælge den korrekte Slå ihjel mulighed i Fil menuen.

Følg instruktionerne og instruktionerne nøje, besvare Ja eller Nej afhængigt af hvilken løsning du er mest tryg ved.
Den Msconfig instruktioner er meget vigtig, så sørg for at læse dem nøje.

Bemærk: Når du er færdig med ViewpointKiller højreklikke og slette alle filer, der blev unzipped.

----------

Hent Combofix af subs fra en af de nedenstående links.
(Prøv alle tre, hvis det er nødvendigt)

VIGTIGT - Combofix.exe SKAL gemmes på dit Desktop.

Luk alle åbne Internet-browsere. (Firefox, Internet Explorer, etc)
Luk / deaktiver alle anti-virus og anti malware-programmer så de ikke interfererer med Combofix. <- VIGTIGT
- Klik på dette link at se en liste over programmer, der skal deaktiveres, og hvordan du deaktivere dem. Hvis din ikke er børsnoteret, og du ikke ved hvordan man deaktivere det, så spørg.
Dobbeltklik combofix.exe & følg instruktionerne.
- Fra tastaturet vælge 1 og tryk Indtast
Når du er færdig, vil den udarbejde en log for dig.
Post at logge på din næste svar.

Må ikke mouseclick combofix vindue, mens den kører.
Scanningen deaktiverer midlertidigt skrivebordet.
Hvis afbrydes den kan forlade computeren indefryses.
Hvis dette sker, skal du genstarte at genoprette skrivebordet.

----------

Næste post skal du tilføje
Combofix log

**evilfantasy** · #7 25 januar 2008, 19:37

Flyttet til Virus, Spyware & Sikkerhed forum.

GMB · #8 25 januar 2008, 21:15

Vi har en delvis succes! Noget jeg har arbejdet. Ikke sikker på, hvilken en det var, men det er en begyndelse. Jeg genstartes efter ComboFix blev gjort, og nu alle de andre fejl er væk, først nu jeg får dette:

Jeg har set det før, men jeg kan ikke huske, hvordan jeg fast det.

Her er logfilen fra ComboFix:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Kører fra: C: \ Documents and Settings \ HP_Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Files Created fra 2007-12-26 til 2008-01-26 ))))))))))) ))))))))))))))))))))
.

2008-01-25 22:48. 2000-08-31 08:00 51.200 - a ------ C: \ WINDOWS \ Nircmd.exe
2008-01-25 21:01. 2008-01-25 21:01 <DIR> d -------- C: \ Programmer \ Trend Micro
2008-01-23 18:27. 2008-01-23 18:27 <DIR> d -------- C: \ Programmer \ DivX
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ WINDOWS \ «AøŽ O'-o
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ MOON papegøje
2008-01-04 00:51. 2008-01-04 00:53 <DIR> d -------- C: \ Programmer \ Winamp
2008-01-04 00:50. 2008-01-04 00:50 8.759.168 - a ------ C: \ Programmer \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-26 03:38 --------- d ----- w C: \ Programmer \ synspunkt
2008-01-26 03:06 --------- d ----- w C: \ Programmer \ Hewlett-Packard
2008-01-25 16:55 --------- d ----- w C: \ Programmer \ Norton Internet Security
2008-01-25 12:16 --------- d ----- w C: \ Programmer \ Common Files \ Symantec Shared
2008-01-22 03:23 --------- d ----- w C: \ Programmer \ LimeWire
2008-01-19 23:36 164 ---- aw C: \ install.dat
2008-01-19 23:35 --------- d ----- w C: \ Programmer \ Webroot
2008-01-05 01:56 1.526.640 ---- aw C: \ WINDOWS \ WRSetup.dll
2008-01-05 01:34 23.920 ---- aw C: \ Windows \ System32 \ Drivers \ sskbfd.sys
2008-01-05 01:34 21.872 ---- aw C: \ Windows \ System32 \ Drivers \ sshrmd.sys
2008-01-05 01:34 20.336 ---- aw C: \ Windows \ System32 \ Drivers \ SSFS0BB9.sys
2008-01-05 01:34 163.696 ---- aw C: \ Windows \ System32 \ Drivers \ ssidrv.sys
2007-12-26 04:47 --------- d ----- w C: \ Programmer \ AIM
2007-12-17 00:44 --------- d ----- w C: \ Programmer \ QuickTime
2007-12-16 18:36 805 ---- aw C: \ Windows \ System32 \ Drivers \ SYMEVENT.INF
2007-12-16 18:36 60,800 ---- aw C: \ WINDOWS \ system32 \ S32EVNT1.DLL
2007-12-16 18:36 123,952 ---- aw C: \ Windows \ System32 \ Drivers \ SYMEVENT.SYS
2007-12-16 18:36 10,740 ---- aw C: \ Windows \ System32 \ Drivers \ SYMEVENT.CAT
2007-12-16 18:36 --------- d ----- w C: \ Programmer \ Symantec
2007-12-02 23:38 --------- d ----- w C: \ Programmer \ Plant Tycoon
2007-11-29 22:30 200.704 ---- aw C: \ WINDOWS \ system32 \ ssldivx.dll
2007-11-29 22:30 1.044.480 ---- aw C: \ WINDOWS \ system32 \ libdivx.dll
2007-11-07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ lsasrv.dll
2007-11-07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ dllcache \ lsasrv.dll
2007-10-30 23:42 3.590.656 ---- aw C: \ WINDOWS \ system32 \ dllcache \ mshtml.dll
2007-10-30 17:20 360.064 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Tcpip.sys
2007-10-29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ Quartz.dll
2007-10-29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Quartz.dll
2007-10-27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ wmasf.dll
2007-10-27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ dllcache \ wmasf.dll
2007-06-27 20:23 318.904-c - aw C: \ Programmer \ wmpfirefoxplugin.exe
2007-02-19 21:57 12.887.872-c - aw C: \ Programmer \ sspsetup1_.exe
2007-02-10 23:31 2.599.088-c - aw C: \ Programmer \ Shockwave_Installer_Slim.exe
2007-02-10 23:26 12.711.440-c - aw C: \ Programmer \ RealPlayer10-5GOLD.exe
2007-02-10 23:20 19,666,504-c - aw C: \ Programmer \ QuickTimeInstaller.exe
2007-02-10 23:08 1.410.680-c - aw C: \ Programmer \ install_flash_player.exe
2007-02-10 17:58 25,755,448-c - aw C: \ Programmer \ wmp11-windowsxp-x86-enu.exe
2006-10-11 00:51 774.144-c - aw C: \ Programmer \ RngInterstitial.dll
2006-09-16 02:12 811.584-c - aw C: \ Programmer \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries er ikke vist
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-09 23:00 15360]
"Creative Detector" = "C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe" [2004-12-02 17:23 102400]
"SWG" = "C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Gå ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.e XE" [2006-11-02 13:43 472632]
"MSMSGS" = "C: \ Programmer \ Messenger \ msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"(0228e555-4f9c-4e35-a3ec-b109a192b4c2)" = "C: \ Programmer \ Google \ Gmail Notifier \ gnotify.exe" [2005-07-15 16:48 479232]
"SunJavaUpdateSched" = "C: \ Programmer \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005-03-15 13:37 32881]
"ccApp" = "C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe" [2008-01-08 17:33 53096]
"Symantec PIF AlertEng" = "C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007-03-12 17:30 517768]
"SoundMan" = "SOUNDMAN.EXE" [2005-04-06 17:57 90112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Reminder" = "C: \ Windows \ Creator \ Remind_XP.exe" [2004-12-13 21:23 663552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004-04-14 08:43 233472]
"hpsysdrv" = "c: \ windows \ system \ hpsysdrv.exe" [1998-05-07 04:04 52736]
"HotKeysCmds" = "C: \ WINDOWS \ system32 \ hkcmd.exe" [2004-12-01 05:55 126976]
"High Definition Audio Property Page Shortcut" = "HDAudPropShortcut.exe" [2004-03-17 19:10 61952 C: \ WINDOWS \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ ehome \ ehtray.exe" [2005-08-05 13:56 64512]
"AlcWzrd" = "ALCWZRD.EXE" [2005-04-06 17:53 2805248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004-06-29 05:06 88363 C: \ WINDOWS \ AGRSMMSG.exe]
"Type" = "C: \ Programmer \ Microsoft IntelliType Pro \ itype.exe" [2006-11-21 20:08 813912]
"IntelliPoint" = "C: \ Programmer \ Microsoft IntelliPoint \ ipoint.exe" [2007-02-05 18:52 849280]
"WinampAgent" = "C: \ Programmer \ Winamp \ winampa.exe" [2007-12-20 10:16 37376]
"KBD" = "C: \ HP \ KBD \ KBD.EXE" [2005-02-02 16:44 61440]
"SpySweeper" = "C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" [2008-01-04 20:56 5367664]
"AutoTBar" = "C: \ Programmer \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Menuen Start \ Programmer \ Start \
Adobe Gamma Loader.lnk - C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2004-10-04 00:12:18 113664]
Adobe Reader Speed Launch.lnk - C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [2005-09-23 21:05:26 29696]
SpySubtract.lnk - C: \ Programmer \ InterMute \ SpySubtract \ sslaunch.exe [2005-03-15 14:14:11 73728]
Opdateringer fra HP.lnk - C: \ Programmer \ Opdateringer fra HP \ 309731 \ Programmer \ Updates fra HP.exe [2005-03-15 14:15:23 45056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ policies \ system]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Themes \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Themes \ Royale.theme

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ run-]
"QuickTime Task" = "C: \ Programmer \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Programmer \ iTunes \ iTunesHelper.exe"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ explorer \ mountpoints2 \ (749df047-9937-11db-9221-0013d408ae3c)]
\ Shell \ AutoRun \ command - L: \ wd_windows_tools \ setup.exe

* Nyoprettede Service * - COMHOST
* Nyoprettede Service * - PROCEXP90
.
Indhold af "Planlagte opgaver" mappe
"2008-01-19 15:35:02 C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job"
- C: \ Programmer \ Apple Software Update \ SoftwareUpdate.exe
"2008-01-26 01:09:39 C: \ WINDOWS \ Tasks \ Norton AntiVirus - Run Full System Scan - HP_Administrator.job"
- C: \ PROGRA ~ 1 \ NORTON ~ 1 \ NORTON ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit / stealth malware detector ved Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 22:54:40
Windows 5.1.2600 Service Pack 2 NTFS

scanning skjulte processer ...

scanning skjulte autostart entries ...

scanning skjulte filer ...

scanning afsluttet med succes
skjulte filer: 0

************************************************** ************************
.
Afslutning tid: 2008-01-25 22:55:28
.
2008-01-09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [IMG] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ IMG]

**evilfantasy** · #9 25 januar 2008, 21:48

Har dette ske snarest muligt efter at downloade Winamp?

Kør en ny HJT scan og efter at log.

GMB · #10 25 januar 2008, 22:32

Jeg har haft Winamp i lang tid, før det begyndte at ske. Jeg var nødt til at re-installere den stund tilbage, før de fejl, men jeg kan ikke huske, hvor hurtigt efter fejl opstod.

Her er den HJT log:

Logfile af Trend Micro HijackThis v2.0.2
Scan gemt kl 12:29:23 AM, den 1/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Kørende processer:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Programmer \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programmer \ Google \ Gmail Notifier \ gnotify.exe
C: \ Programmer \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Windows \ System \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Programmer \ Microsoft IntelliType Pro \ itype.exe
C: \ Programmer \ Microsoft IntelliPoint \ ipoint.exe
C: \ Programmer \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Programmer \ ewido \ security suite \ ewidoctrl.exe
c: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Programmer \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Programmer \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Programmer \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Programmer \ synspunkt \ synspunkt Manager \ ViewMgr.exe
C: \ Programmer \ InterMute \ SpySubtract \ SpySub.exe
C: \ Programmer \ Mozilla Firefox \ firefox.exe
C: \ Programmer \ AIM \ aim.exe
C: \ Programmer \ Encore \ Hoyle Card Games 2005 \ HoyleCardGames2005.exe
C: \ Programmer \ Trend Micro \ HijackThis \ sniper.exe
C: \ Programmer \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programmer \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Programmer \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Programmer \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Programmer \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programmer \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programmer \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [Type] "C: \ Programmer \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Programmer \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Programmer \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Programmer \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Programmer \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [SWG] "C: \ Programmer \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Gå ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programmer \ Messenger \ msmsgs.exe" / baggrund
O4 - Startup: Adobe Gamma.lnk = C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Programmer \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programmer \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Programmer \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Opdateringer fra HP.lnk = C: \ Programmer \ Opdateringer fra HP \ 309731 \ Programmer \ Updates fra HP.exe
O8 - Extra sammenhæng menupunktet: E & ksporter til Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programmer \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Ekstra knap: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Ekstra knap: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Programmer \ AIM \ aim.exe
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Ekstra knap: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programmer \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Programmer \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Programmer \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasse) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programmer \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programmer \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Programmer \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido sikkerhed suite control - ewido netværk - C: \ Programmer \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Tabel Manager (IDriverT) - Macrovision Corporation - C: \ Programmer \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programmer \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown ejer - c: \ Programmer \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Programmer \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Programmer \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Programmer \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown ejer - C: \ Programmer \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: synspunkt Manager Service - synspunkt Corporation - C: \ Programmer \ synspunkt \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programmer \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of file - 12852 bytes

Lignende Tråde
Tråd	Thread Starter	Forum	Svar	Last Post
RIS Problem "Windows \ system32 \ config \ system"	alfred01	Windows-operativsystemer	0	17th May 2009 14:12
Købe nye computer - kan nogen fortælle mig, hvis denne konfig er godt?	ahsanjee	General Hardware Chat	7	14 juni 2009 08:27
\ Windows \ system32 \ config \ system mangler eller er beskadiget	fenderdude	Windows-operativsystemer	1	23 december 2008 07:47
ER mit system godt nok?	MystikalDawn	General Hardware Chat	6	23 november 2008 08:50
System godt nok til at spille GTR?	Sandra	PC & Console Gaming	4	9. okt 2008 10:37