Weird sistemos konfigūracijos klaidos - Geros Geek Challenge! X3

GMB · #1 Sausis 25, 2008, 17:47

Taigi, sriegis kitoje svetainėjeAš bandžiau atsikratyti Runner klaida, kuri buvo pateikta keletas patarimų eiti į Pradėti ir redaguoti Startup dalykas ir JT spustelėkite HP pasirinkimo Atnaujinimai. Aš, kad ir kad išspręsti šią problemą, bet dabar man tai:

I've tried įvairių dalykų krūva, bet aš paprastai tik pablogintų situaciją. Štai ką paleisties dalykas atrodo dabar:

ir

Kažkas siūlė, kad ji gali būti viruso susiję. Aš rasti Trojos arklys, bet jis lengvai sprendžiami, tačiau vis tiek gaunu klaidos.

Aš žinau, tai yra daug, bet tai tikrai pradeda lėčiau labai daug visko ir tai tik duoti man pragaras, jei bandau ką nors nuveikti. Any help būtų labai dėkingi.

**evilfantasy** · #2 Sausis 25, 2008, 18:29

Pasirinkite ir pakeiskite jį į starto Normalus režimas.

Įdiegti Paleistis Tool

Atidaryti įrankį ir paspauskite dešiniuoju pelės klavišu nieko nebenorite rodyti paleisties tada pasirinkite Pašalinti.

Kas yra fqvcil?

GMB · #3 Sausis 25, 2008, 18:45

Sąžiningai, aš ne idėja. Aš tikrai blogai su kompiuteriais, todėl aš net nežinau, ką dauguma kad kita priemonė. X3 aš jį Normalus anksčiau, ir jis vis dar tai daro, bet norėčiau sužinoti, kad priemonė ir iš naujo ir patikrinti, ar tai padeda.

Ačiū už patarimus daug, beje. :) I appreciate it.

**evilfantasy** · #4 Sausis 25, 2008, 18:50

Šį įrašą neatrodo teisė. Leidžia atidžiau pažvelgti.

Atsisiųskite ir pervardinti HijackThis (HJT)

Dukart spustelėkite HJTInstall.
Spauskite Įdiegti mygtuką.
Jis bus automatiškai vieta HJT į C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
Po install, HijackThis turėtų atverti jums.
- Uždaryti HijackThis ir pervadinti.
- Eikite į C: \ Program Files \ Trend Micro \HijackThis.exe
- Dešiniuoju pelės mygtuku spustelėkite HijackThis.exe pasirinkite Pervadinti.
- Įveskite sniper.exe paspauskite Registracija.
- Dešiniuoju pelės mygtuku spustelėkite ant sniper.exe pasirinkite Siųsti > Desktop (Sukurti nuorodą)
Nuo darbastalio atidaryti HiajckThis.
Jei naudojate "Windows Vista", įsitikinkite, Vykdyti kaip administratorius
Spauskite Ar sistema nuskaito ir išsaugokite failą mygtukas
HijackThis bus nuskaityti ir tada žurnale bus atidaryta Notepad.
Nukopijuokite ir įklijuokite savo pranešimą Prisijungti.
- Ne turi nustatyti HijackThis nieko nėra. Daugiausia, ką ji mano bus nekenksmingas ir netgi būtina.

Nors mes pervadintas HijackThis Snaiperis, mes vis dar galime kreiptis į jį kaip HijackThis ar HJT.

GMB · #5 Sausis 25, 2008, 19:07

Wow ... tai daiktų aikštelė.

Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 9:05:38 dėl 1/25/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ eHoMe \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe
C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Požiūris \ Požiūris Manager \ ViewMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ nscsrvce.exe
C: \ Program Files \ interMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Skype \ aim.exe
C: \ Program Files \ BitLord \ BitLord.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ ssu.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
F2 - REG: System.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP vaizdas - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - C: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / / M " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] C: \ Windows \ Sukūrė \ Remind_XP.exe "
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "C: \ Program Files \ HP \ (AAC4FC36-8F89-4587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ WINDOWS \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Nekilnojamas Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ eHoMe \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [spysweeper] C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Grįžti ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User '?)
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe" / R (Vartotojas "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run (User '?)
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Grįžti ogleToolbarNotifier.exe" (vartotojo "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.exe (User? )
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background (User '?)
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe (User '?)
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Atnaujinimai HP.lnk = C: \ Program Files \ Updates HP \ 309.731 \ Program \ Atnaujinimai HP.exe
O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: Skype - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ Skype \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasė) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatinė LIVEUPDATE Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: Ewido Security Suite kontrolė - Ewido tinkluose - C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LIVEUPDATE - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LIVEUPDATE Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ nscsrvce.exe
O23 - Service: PACSPTISVR - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
O23 - Service: Sony SPTI tarnybos (SPTISRV) - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI tarnybos (SSScsiSV) - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Požiūris vadybininkas Paslaugos - Požiūris Corporation - C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper programa (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe

--
End of file - 14.608 baitų

**evilfantasy** · #6 Sausis 25, 2008, 19:33

Atidaryti HJT ir pasirinkite Ar sistema nuskaito tik tada vieta žymės langelį:

F2 - REG: System.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe

Uždaryti visus išskyrus HJT tada spustelėkite Windows Fix patikrinta.

----------

Atsisiųsti ViewpointKiller

Unzip programa ir visas jos turinys ViewpointKiller.zip į vietą, pavyzdžiui, kompiuteryje.
Dukart spustelėkite piktogramą ViewpointKiller skaičiuoti ViewpointKiller.exe.
Pasirinkite Failas meniu, ir pasirinkite Patikrinkite, ar turite įdiegti Viewpoint.
Jei ViewpointKiller rodo, kad bet Požiūris variantai yra įdiegta, pasirinkite tinkamą Žudyti galimybė Failas meniu.

Vykdykite instrukcijas, ir labai atsargiai, atsakydamas Taip arba Ne priklausomai nuo to, kuris variantas jums labiausiai tinka.
MSConfig instrukcijos yra labai svarbi, todėl būtina juos perskaityti atidžiai.

Pastaba Kai daroma ViewpointKiller dešiniuoju pelės klavišu ir ištrinkite visus failus, kurie buvo zdekompresowane.

----------

Atsisiųskite Combofix iki einantys iš vienos iš žemiau nuorodų.
(Pabandykite visi trys, jei reikia)

SVARBU - Combofix.exe TURI bus išsaugotas jūsų Desktop.

Uždarykite visus atidarytus interneto naršyklių. (Firefox, Internet Explorer, ir tt)
Uždaryti / išjungti visi antivirusinę ir kovos kenkėjiškų programų kad jie netrukdytų Combofix. <- DĖMESIO
- Spauskite šį saitą pamatyti programų sąrašą, kuris turėtų būti išjungtas ir kaip juos išjungti. Jei Jūsų nėra šiame sąraše, ir jūs nežinote, kaip ją išjungti, kreipkitės.
Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas.
- Iš klaviatūros pasirinkite 1 paspauskite Registracija
Kai bus baigta, bus pateikti žurnalas Jums.
Skelbti kad Prisijungti kitą atsakymą.

Don't mouseclick combofix lango, o tai veikia.
Scan bus laikinai išjungti savo darbalaukyje.
Jeigu nutraukiamas, jis gali palikti kompiuterį užšaldyti.
Jei taip atsitinka, prašom perkrauti atkurti darbastalio.

----------

Sekantis prašome pridėti
Combofix Prisijungti

**evilfantasy** · #7 Sausis 25, 2008, 19:37

Perkelta į virusų, šnipinėjimo ir saugumo forumas.

GMB · #8 Sausis 25, 2008, 21:15

Mes dalinės sėkmės! Kažkas aš dirbo. Nežinote, kurių vienas buvo, bet tai pradžia. Aš vėl po ComboFix buvo padaryta, ir dabar visos kitos klaidos dingo, tik dabar gaunu taip:

Aš mačiau, kad prieš, bet aš nepamenu kaip aš fixed it.

Štai failą iš ComboFix:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Veikia nuo: C: \ Documents and Settings \ HP_Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Failus, sukurtus nuo 2007/12/26 iki 2008/01/26 ))))))))))) ))))))))))))))))))))
.

2008-01-25 22:48. 2000-08-31 08:00 51.200 - ------ C: \ WINDOWS \ Nircmd.exe
2008-01-25 21:01. 2008-01-25 21:01 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-01-23 18:27. 2008-01-23 18:27 <DIR> d -------- C: \ Program Files \ DIVX
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ WINDOWS \ «AøŽ O'-Ø
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ MOON PARROT
2008-01-04 00:51. 2008-01-04 00:53 <DIR> d -------- C: \ Program Files \ Winamp
2008-01-04 00:50. 2008-01-04 00:50 8.759.168 - ------ C: \ Program Files \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Pranešimas )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-26 03:38 --------- d ----- w C: \ Program Files \ Požiūris
2008-01-26 03:06 --------- d ----- w C: \ Program Files \ Hewlett-Packard
2008-01-25 16:55 --------- d ----- w C: \ Program Files \ Norton Internet Security
2008-01-25 12:16 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008-01-22 03:23 --------- d ----- w C: \ Program Files \ LimeWire
2008-01-19 23:36 164 ---- AW C: \ install.dat
2008-01-19 23:35 --------- d ----- w C: \ Program Files \ Webroot
2008-01-05 01:56 1.526.640 ---- AW C: \ WINDOWS \ WRSetup.dll
2008-01-05 01:34 23.920 ---- AW C: \ WINDOWS \ system32 \ drivers \ sskbfd.sys
2008-01-05 01:34 21.872 ---- AW C: \ WINDOWS \ system32 \ drivers \ sshrmd.sys
2008-01-05 01:34 20.336 ---- AW C: \ WINDOWS \ system32 \ drivers \ SSFS0BB9.sys
2008-01-05 01:34 163.696 ---- AW C: \ WINDOWS \ system32 \ drivers \ ssidrv.sys
2007-12-26 04:47 --------- d ----- w C: \ Program Files \ Skype
2007-12-17 00:44 --------- d ----- w C: \ Program Files \ QuickTime
2007-12-16 18:36 805 ---- AW C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.INF
2007-12-16 18:36 60.800 ---- AW C: \ WINDOWS \ system32 \ S32EVNT1.DLL
2007-12-16 18:36 123.952 ---- AW C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.SYS
2007-12-16 18:36 10.740 ---- AW C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.CAT
2007-12-16 18:36 --------- d ----- w C: \ Program Files \ Symantec
2007-12-02 23:38 --------- d ----- w C: \ Program Files \ Plant Tycoon
2007-11-29 22:30 200.704 ---- AW C: \ WINDOWS \ system32 \ ssldivx.dll
2007-11-29 22:30 1.044.480 ---- AW C: \ WINDOWS \ system32 \ libdivx.dll
2007-11-07 09:26 721.920 ---- AW C: \ WINDOWS \ system32 \ Lsasrv.dll
2007-11-07 09:26 721.920 ---- AW C: \ WINDOWS \ system32 \ dllcache \ Lsasrv.dll
2007-10-30 23:42 3.590.656 ---- AW C: \ WINDOWS \ system32 \ dllcache \ Mshtml.dll
2007-10-30 17:20 360.064 ---- AW C: \ WINDOWS \ system32 \ dllcache \ Tcpip.sys
2007-10-29 22:35 1.287.680 ---- AW C: \ WINDOWS \ system32 \ Quartz.dll
2007-10-29 22:35 1.287.680 ---- AW C: \ WINDOWS \ system32 \ dllcache \ Quartz.dll
2007-10-27 22:40 222.720 ---- AW C: \ WINDOWS \ system32 \ wmasf.dll
2007-10-27 22:40 222.720 ---- AW C: \ WINDOWS \ system32 \ dllcache \ wmasf.dll
2007-06-27 20:23 318.904-c - AW C: \ Program Files \ wmpfirefoxplugin.exe
2007-02-19 21:57 12.887.872-c - AW C: \ Program Files \ sspsetup1_.exe
2007-02-10 23:31 2.599.088-C - AW C: \ Program Files \ Shockwave_Installer_Slim.exe
2007-02-10 23:26 12.711.440-c - AW C: \ Program Files \ RealPlayer10-5GOLD.exe
2007-02-10 23:20 19.666.504-c - AW C: \ Program Files \ QuickTimeInstaller.exe
2007-02-10 23:08 1.410.680-C - AW C: \ Program Files \ install_flash_player.exe
2007-02-10 17:58 25.755.448-c - AW C: \ Program Files \ wmp11-WindowsXP-x86-ENU.exe
2006-10-11 00:51 774.144-c - AW C: \ Program Files \ RngInterstitial.dll
2006-09-16 02:12 811.584-c - AW C: \ Program Files \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Kraunasi Taškai )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Pastaba: * tuščių įrašų ir teisėtu default įrašai nerodoma
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-09 23:00 15360]
"Creative Detektorius" = "C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe" [2004-12-02 17:23 102400]
"SWG" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Grįžti ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.e XE" [2006-11-02 13:43 472632]
"MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
(0228e555-4f9c-4e35-a3ec-b109a192b4c2) "=" C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe "[2005-07-15 16:48 479232]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005-03-15 13:37 32881]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe" [2008-01-08 17:33 53096]
"Symantec PIF AlertEng" = "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007-03-12 17:30 517768]
"SoundMan" = "SOUNDMAN.EXE" [2005-04-06 17:57 90112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Priminimas" = "C: \ Windows \ Sukūrė \ Remind_XP.exe" [2004-12-13 21:23 663552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004-04-14 08:43 233472]
"hpsysdrv" = "c: \ windows \ system \ hpsysdrv.exe" [1998-05-07 04:04 52736]
"HotKeysCmds" = "C: \ WINDOWS \ system32 \ hkcmd.exe" [2004-12-01 05:55 126976]
"High Definition Audio Nekilnojamas Page Shortcut" = "HDAudPropShortcut.exe" [2004-03-17 19:10 61952 C: \ WINDOWS \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ eHoMe \ ehtray.exe" [2005-08-05 13:56 64512]
"AlcWzrd" = "ALCWZRD.EXE" [2005-04-06 17:53 2805248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004-06-29 05:06 88363 C: \ WINDOWS \ AGRSMMSG.exe]
"itype" = "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe" [2006-11-21 20:08 813912]
"IntelliPoint" = "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe" [2007-02-05 18:52 849280]
"WinampAgent" = "C: \ Program Files \ Winamp \ winampa.exe" [2007-12-20 10:16 37376]
"KBD" = "C: \ HP \ KBD \ KBD.EXE" [2005-02-02 16:44 61440]
"Spysweeper" = "C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe" [2008-01-04 20:56 5367664]
"AutoTBar" = "C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Adobe Gamma Loader.lnk - C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2004-10-04 00:12:18 113664]
Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [2005-09-23 21:05:26 29696]
SpySubtract.lnk - C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe [2005-03-15 14:14:11 73728]
Atnaujinimai iš HP.lnk - C: \ Program Files \ Updates HP \ 309.731 \ Program \ Atnaujinimai HP.exe [2005-03-15 14:15:23 45056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Policies \ System]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Themes \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Themes \ Royale.theme

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Run-]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (749df047-9937-11db-9221-0013d408ae3c)]
\ Shell \ Autorun \ command - L: \ wd_windows_tools \ setup.exe

* Naujai sukurta tarnyba * - COMHOST
* Naujai sukurta tarnyba * - PROCEXP90
.
Turinys "Scheduled Tasks" katalogą
"2008-01-19 15:35:02 C: \ WINDOWS \ Uždaviniai \ AppleSoftwareUpdate.job"
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe
"2008-01-26 01:09:39 C: \ WINDOWS \ Uždaviniai \ Norton AntiVirus - Pradėti pilna sistema Scan - HP_Administrator.job"
- C: \ PROGRA ~ 1 \ NORTON ~ 1 \ NORTON ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit / Stealth kenkėjiškų detektorius pagal Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 22:54:40
Windows 5.1.2600 Service Pack 2 NTFS

skenavimo paslėptus procesus ...

skenavimo paslėptas autostart entries ...

skenavimo paslėptus failus ...

skenavimas baigtas sėkmingai
paslėptus failus: 0

************************************************** ************************
.
Atlikimo laikas: 2008-01-25 22:55:28
.
2008-01-09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [IMG] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ img]

**evilfantasy** · #9 Sausis 25, 2008, 21:48

Ar tai vyksta iš karto po atsisiųsti Winamp?

Paleiskite naujas HJT nuskaityti ir rašyti, kad žurnalas.

GMB · #10 Sausis 25, 2008, 22:32

Turėjau Winamp ilgą laiką, kol šis pradėjo vyksta. Aš iš naujo ją įdiegti kurį laiką atgal, kol klaidų, bet aš negaliu prisiminti, kaip greitai po klaidos.

Štai HJT Prisijungti:

Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 12:29:23, on 1/26/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ eHoMe \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe
C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ nscsrvce.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ ssu.exe
C: \ Program Files \ Požiūris \ Požiūris Manager \ ViewMgr.exe
C: \ Program Files \ interMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Skype \ aim.exe
C: \ Program Files \ Encore \ Hoyle Card Games 2005 \ HoyleCardGames2005.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
C: \ Program Files \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / / M " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] C: \ Windows \ Sukūrė \ Remind_XP.exe "
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ windows \ system \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Nekilnojamas Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ eHoMe \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [spysweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe" / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ detektorius \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Grįžti ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Nokia \ sonic ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ interMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Atnaujinimai HP.lnk = C: \ Program Files \ Updates HP \ 309.731 \ Program \ Atnaujinimai HP.exe
O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: Skype - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ Skype \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø12 - Plugin for. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasė) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatinė LIVEUPDATE Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: Ewido Security Suite kontrolė - Ewido tinkluose - C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LIVEUPDATE - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LIVEUPDATE Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ nscsrvce.exe
O23 - Service: PACSPTISVR - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
O23 - Service: Sony SPTI tarnybos (SPTISRV) - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI tarnybos (SSScsiSV) - "Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Požiūris vadybininkas Paslaugos - Požiūris Corporation - C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper programa (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe

--
End of file - 12.852 baitų

Panašios Temos
Siūlas	Thread Starter	Forumas	Atsakymai	Last Post
UIP problema "Windows \ system32 \ config \ system"	alfred01	Windows "operacinės sistemos	0	Birželis 17, 2009 14:12
Pirkdami naują kompiuterį - gali kas nors pasakyti, jei config gera?	ahsanjee	General Hardware Chat	7	Birželis 14, 2009 08:27
\ windows \ system32 \ config \ system arba jis sugadintas	fenderdude	Windows "operacinės sistemos	1	23 gruodis 2008 07:47
Ar mano sistema pakankamai geras?	MystikalDawn	General Hardware Chat	6	Lapkritis 23, 2008 08:50
Sistema pakankamai geras žaisti GTR?	Sandra	PC & konsolės Žaidimai	4	9 spalis 2008 10:37