[GMB]

Tāpēc, pavedienu uz citu vietni, Es centos atbrīvoties no runner kļūdu un saņēma padomus iedziļināties Vadi un rediģēt startēšanas lieta un ANO klikšķi no HP iespēju atjauninājumi. Es to izdarīja, un atrisināt šo problēmu, bet tagad man šo:



I've tried ķekars dažādas lietas, bet es parasti tikai pasliktinātu stāvokli. Lūk, ko starta lieta izskatās tagad:



un



Kāds cits ieteica, ka varētu būt vīrusu saistītas. I did atrast Trojan, bet tās bija viegli risināt, bet es esmu vēl arvien kļūdas.

Es zinu, tas ir daudz, bet tas tiešām sāk palēnināties diezgan daudz viss un tas ir tikai dod man elle kad mēģinu kaut ko izdarīt. Any help, būtu ļoti appreciated.

[evilfantasy]

Go un izmainiet to uz Normal Startup Mode.

Install Startup Tool

Open instruments un tiesības uz visu, ko jūs vairs nevēlaties palaist pie starta pēc tam izvēlieties Izņemt.

Kas ir fqvcil?

[GMB]

Godīgi, man nav ne jausmas. Es esmu ļoti slikts ar datoriem, tāpēc es pat nezina, kas visvairāk šī stuff līdzekļus. x3 man bija to Normal pirms, un tas joprojām dara to, bet ļaujiet man pārbaudīt, ka instruments un restart un redzēt, ja tas palīdz.

Thanks daudz par ieteikumiem, ko veidā. :) I appreciate it.

[evilfantasy]

Šis ieraksts neizskatās labi. Ļauj pietuvināt.

Lejupielādējiet un pārdēvēt HijackThis (HJT)

• Double-click uz HJTInstall.
• Noklikšķiniet uz Install pogu.
• Tas automātiski novietot HJT in C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
• Pēc instalēšanas, HijackThis jāatver jums.
  • Aizvērt HijackThis un pārdēvēt to.
  • Iet uz C: \ Program Files \ Trend Micro \HijackThis.exe
  • Tiesības, noklikšķiniet uz HijackThis.exe un izvēlieties Pārdēvēt.
  • Tips sniper.exe un nospiediet Enter.
  • Right-click uz sniper.exe un izvēlieties Sūtīt > Desktop (izveidot īsceļu)
• No darbvirsmas atvērts HiajckThis.
• Ja lietojat Windows Vista, pārliecinieties, ka Run As Administrator
• Noklikšķiniet uz Vai sistēmas skenēšanu un saglabāt log failu poga
• HijackThis skenēs un tad log atvērsies notepad.
• Nokopējiet un ielīmējiet log in your post.
  • Nav ir HijackThis noteikt kaut kas vēl. Lielākā daļa no tā konstatē, būs nekaitīgi, vai pat ir.

Pat ja mums ir pārdēvēta HijackThis ir snaiperis, mēs vēl aizvien norādīs uz to, HijackThis vai HJT.

[GMB]

Wow ... tas ir daudz sīkumi.

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 9:05:38 gada 1/25/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Windows \ System \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ InterMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ BitLord \ BitLord.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
F2 - REG: SYSTEM.INI: Userinit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53.707.962-6F74-2D53-2.644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP view - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - C: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / / M " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Atgādinājums] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ Windows \ System \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "C: \ Program Files \ HP \ (AAC4FC36-8F89-4.587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ WINDOWS \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Ātrais] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe / startintray
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R (User "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe" (lietotāja "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe (User "? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background (User '? ")
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe (User '? ")
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Updates no HP.lnk = C: \ Program Files \ Atjauninājumi no HP \ 309.731 \ Program \ Updates no HP.exe
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: AIM - (AC9E2541-2.814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø12 - Spraudnis. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
Ø16 - DPF: (17.492.023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (30.528.230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klase) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
Ø16 - DPF: (6A344D34-5.231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
Ø16 - DPF: (DBFF771D-3F92-4C70-9.978-508738536F38) (CSConn klase) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
Ø16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative dienests CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: Ewido Security Suite control - Ewido tīkli - C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Marķēšanas dienests (LightScribeService) - Unknown īpašnieks - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown īpašnieks - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of failu - 14.608 bytes

[evilfantasy]

Open HJT un izvēlieties Vai sistēmas skenēšanu tikai tad vieta atzīmi blakus:

F2 - REG: SYSTEM.INI: Userinit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe

Aizveriet visus logus, izņemot HJT pēc tam noklikšķiniet uz Fix pārbaudīja.

----------

Lejupielādēt ViewpointKiller

• Unzip programmas un visus saturs ViewpointKiller.zip uz atrašanās vietu, piemēram, darbvirsmas.
• Dubultklikšķi ViewpointKiller ikonas rādīt ViewpointKiller.exe.
• Izvēlieties Fails izvēlne, un izvēlieties Pārbaudiet, vai jums ir Viewpoint uzstādītas.
• Ja ViewpointKiller norāda, ka kāds no Viewpoint variantiem ir instalēta programma, izvēlieties atbilstošu Nogalināt iespēja Fails izvēlnē.

• Sekojiet komandas un instrukciju ļoti uzmanīgi, atbildot uz Jā vai Nē atkarībā no tā, kurš variants Jums ir visērtāk.
• Msconfig instrukcijas ir ļoti svarīgs, tāpēc pārliecinieties, izlasiet tos uzmanīgi.

• Piezīme: Kad darīts ar ViewpointKiller labo klikšķi un dzēst visus failus, kas tika unzipped.

----------

Lūdzu, lejupielādējiet Combofix ar subs no vienas no saitēm.
(Try visi trīs, ja nepieciešams)

• Link # 1
• Link # 2
• Link # 3

SVARĪGI - Combofix.exe Jābūt saglabāta jūsu savu Desktop.

• Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc)
• Aizvērt / izslēgt visi pret vīrusu un pret ļaunprātīgu programmatūru programmas lai viņi netraucē Combofix. <- IMPORTANT
  • Noklikšķiniet uz šo saiti redzēt programmu sarakstu, kas ir invalīdi un to, kā pārtraukt to darbību. Ja jūsu valsts nav sarakstā, un jūs nezināt, kā atspējot, lūdzu, jautājiet.
• Dubultklikšķi combofix.exe un sekojiet norādījumiem.
  • No tastatūras izvēlētos 1 un nospiediet Enter
• Kad pabeigts, tas rada log for you.
• Dienests, log jūsu nākamo atbildi.

Nav mouseclick combofix loga kamēr tas darbojas.
Skenēšana uz laiku apturēt jūsu darbvirsmas.
Ja pārtraukta tā var atstāt datoru iesaldēti.
Ja tā notiek, lūdzu pārstartējiet atjaunošanai darbvirsmas.

----------

Next post lūdzu, pievienojiet
Combofix log

[evilfantasy]

Pārvietots uz vīrusu, spiegprogrammatūru un drošības forumā.

[GMB]

Mums ir daļēji panākumi! Kaut ko es tomēr strādāja. Neesat pārliecināts, kurš no tā bija, bet tas ir sākums. Es atsākta pēc tam, ComboFix tika darīts, un tagad visas citas kļūdas ir aizgājuši, tikai tagad es saņemu šo:



Esmu redzējis, ka pirms, bet es neatceros, kā es noteikti to.

Šeit ir log faila ComboFix:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Sākot no: C: \ Documents and Settings \ HP_Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Faili Created no 2007/12/26 līdz 2008/01/26 ))))))))))) ))))))))))))))))))))
.

2008/01/25 22:48. 2000/08/31 08:00 51.200 - ------ C: \ WINDOWS \ Nircmd.exe
2008/01/25 21:01. 2008/01/25 21:01 <DIR> d -------- C: \ Program Files \ Trend Micro
2008/01/23 18:27. 2008/01/23 18:27 <DIR> d -------- C: \ Program Files \ DivX
2008/01/21 01:48. 2008/01/21 01:48 <DIR> d -------- C: \ WINDOWS \ "AøŽ O'-ø
2008/01/21 01:48. 2008/01/21 01:48 <DIR> d -------- C: \ MOON PARROT
2008/01/04 00:51. 2008/01/04 00:53 <DIR> d -------- C: \ Program Files \ Winamp
2008/01/04 00:50. 2008/01/04 00:50 8.759.168 - ------ C: \ Program Files \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Ziņojums )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008/01/26 03:38 --------- d ----- w C: \ Program Files \ Viewpoint
2008/01/26 03:06 --------- d ----- w C: \ Program Files \ Hewlett-Packard
2008/01/25 16:55 --------- d ----- w C: \ Program Files \ Norton Internet Security
2008/01/25 12:16 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008/01/22 03:23 --------- d ----- w C: \ Program Files \ limewire
2008/01/19 23:36 164 ---- aw C: \ install.dat
2008/01/19 23:35 --------- d ----- w C: \ Program Files \ Webroot
2008/01/05 01:56 1.526.640 ---- aw C: \ WINDOWS \ WRSetup.dll
2008/01/05 01:34 23.920 ---- aw C: \ WINDOWS \ system32 \ drivers \ sskbfd.sys
2008/01/05 01:34 21.872 ---- aw C: \ WINDOWS \ system32 \ drivers \ sshrmd.sys
2008/01/05 01:34 20.336 ---- aw C: \ WINDOWS \ system32 \ drivers \ SSFS0BB9.sys
2008/01/05 01:34 163.696 ---- aw C: \ WINDOWS \ system32 \ drivers \ ssidrv.sys
2007/12/26 04:47 --------- d ----- w C: \ Program Files \ AIM
2007/12/17 00:44 --------- d ----- w C: \ Program Files \ QuickTime
2007/12/16 18:36 805 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.INF
2007/12/16 18:36 60.800 ---- aw C: \ WINDOWS \ system32 \ S32EVNT1.DLL
2007/12/16 18:36 123.952 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.SYS
2007/12/16 18:36 10.740 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.CAT
2007/12/16 18:36 --------- d ----- w C: \ Program Files \ Symantec
2007/12/02 23:38 --------- d ----- w C: \ Program Files \ Plant Tycoon
2007/11/29 22:30 200.704 ---- aw C: \ WINDOWS \ system32 \ ssldivx.dll
2007/11/29 22:30 1.044.480 ---- aw C: \ WINDOWS \ system32 \ libdivx.dll
2007/11/07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ lsasrv.dll
2007/11/07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ dllcache \ lsasrv.dll
2007/10/30 23:42 3.590.656 ---- aw C: \ WINDOWS \ system32 \ dllcache \ mshtml.dll
2007/10/30 17:20 360.064 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Tcpip.sys
2007/10/29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ quartz.dll
2007/10/29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ dllcache \ quartz.dll
2007/10/27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ wmasf.dll
2007/10/27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ dllcache \ wmasf.dll
2007/06/27 20:23 318.904-c - aw C: \ Program Files \ wmpfirefoxplugin.exe
2007/02/19 21:57 12.887.872-c - aw C: \ Program Files \ sspsetup1_.exe
2007/02/10 23:31 2.599.088-c - aw C: \ Program Files \ Shockwave_Installer_Slim.exe
2007/02/10 23:26 12.711.440-c - aw C: \ Program Files \ RealPlayer10-5GOLD.exe
2007/02/10 23:20 19.666.504-c - aw C: \ Program Files \ QuickTimeInstaller.exe
2007/02/10 23:08 1.410.680-c - aw C: \ Program Files \ install_flash_player.exe
2007/02/10 17:58 25.755.448-c - aw C: \ Program Files \ wmp11-windowsxp-x86-lvi.exe
2006/10/11 00:51 774.144-c - aw C: \ Program Files \ RngInterstitial.dll
2006/09/16 02:12 811.584-c - aw C: \ Program Files \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"ctfmon.exe" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [2004/08/09 23:00 15.360]
"Creative Detector" = "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" [2004/12/02 17:23 102.400]
"SWG" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Iet ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.e XE" [2006/11/02 13:43 472.632]
"MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [2004/10/13 11:24 1.694.208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"(0228e555-4f9c-4e35-a3ec-b109a192b4c2)" = "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe" [2005/07/15 16:48 479.232]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005/03/15 13:37 32.881]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" [2008/01/08 17:33 53.096]
"Symantec PIF AlertEng" = "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007/03/12 17:30 517.768]
"SoundMan" = "SOUNDMAN.EXE" [2005/04/06 17:57 90.112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Atgādne" = "C: \ Windows \ Creator \ Remind_XP.exe" [2004/12/13 21:23 663.552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004/04/14 08:43 233.472]
"hpsysdrv" = "C: \ Windows \ System \ hpsysdrv.exe" [1998/05/07 04:04 52.736]
"HotKeysCmds" = "C: \ WINDOWS \ system32 \ hkcmd.exe" [2004/12/01 05:55 126.976]
"High Definition Audio Property Page Shortcut" = "HDAudPropShortcut.exe" [2004/03/17 19:10 61.952 C: \ WINDOWS \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ ehome \ ehtray.exe" [2005/08/05 13:56 64.512]
"AlcWzrd" = "ALCWZRD.EXE" [2005/04/06 17:53 2.805.248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004/06/29 05:06 88.363 C: \ WINDOWS \ AGRSMMSG.exe]
"itype" = "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe" [2006/11/21 20:08 813.912]
"IntelliPoint" = "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe" [2007/02/05 18:52 849.280]
"WinampAgent" = "C: \ Program Files \ Winamp \ winampa.exe" [2007/12/20 10:16 37.376]
"KBD" = "C: \ HP \ KBD \ KBD.EXE" [2005/02/02 16:44 61.440]
"SpySweeper" = "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" [2008/01/04 20:56 5.367.664]
"AutoTBar" = "C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Adobe Gamma Loader.lnk - C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2004/10/04 00:12:18 113.664]
Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe [2005/09/23 21:05:26 29.696]
SpySubtract.lnk - C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe [2005/03/15 14:14:11 73.728]
Atjauninājumi no HP.lnk - C: \ Program Files \ Atjauninājumi no HP \ 309.731 \ Program \ Updates no HP.exe [2005/03/15 14:15:23 45.056]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Policies \ SYSTEM]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Themes \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Themes \ Royale.theme

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Run-]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe"


[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (749df047-9.937-11db-9.221-0013d408ae3c)]
\ Shell \ Autorun \ komandu - L: \ wd_windows_tools \ setup.exe

* Jaunizveidoto Service * - COMHOST
* Jaunizveidoto Service * - PROCEXP90
.
Saturs "Scheduled Tasks" mape
"2008/01/19 15:35:02 C: \ WINDOWS \ Uzdevumi \ AppleSoftwareUpdate.job"
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe
"2008/01/26 01:09:39 C: \ WINDOWS \ Uzdevumi \ Norton AntiVirus - Run Full System Scan - HP_Administrator.job"
- C: \ PROGRA ~ 1 \ NORTON ~ 1 \ NORTON ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net
Rootkit scan 2008/01/25 22:54:40
Windows 5.1.2600 Service Pack 2 NTFS

skenēšana slēptās procesi ...

skenēšana slēptās palaišana ieraksti ...

skenēšana slēptos failus ...

scan sekmīgi pabeigta
slēptos failus: 0

************************************************** ************************
.
Izpildes laiks: 2008-01-25 22:55:28
.
2008/01/09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [img] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ IMG]

[evilfantasy]

Vai drīz tas notiktu pēc lejupielādēšanas Winamp?

Lūdzu, apskatiet jauns HJT skenēšanas un pēc šo žurnālu.

[GMB]

Man bija Winamp uz ilgu laiku, līdz tas sāka notiek. Es tā ir atkārtoti instalēt awhile back, pirms kļūdas, bet es nevaru atcerēties, cik drīz pēc kļūdas.

Šeit ir HJT žurnāls:

Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 12:29:23, uz 1/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ Windows \ System \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Program Files \ InterMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ Encore \ Hoils Kāršu spēles 2005 \ HoyleCardGames2005.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
C: \ Program Files \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53.707.962-6F74-2D53-2.644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / / M " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Atgādinājums] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ Windows \ System \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Ātrais] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [SWG] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ Sonics ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Updates no HP.lnk = C: \ Program Files \ Atjauninājumi no HP \ 309.731 \ Program \ Updates no HP.exe
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: AIM - (AC9E2541-2.814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø12 - Spraudnis. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
Ø16 - DPF: (17.492.023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
Ø16 - DPF: (30.528.230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klase) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
Ø16 - DPF: (6A344D34-5.231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
Ø16 - DPF: (DBFF771D-3F92-4C70-9.978-508738536F38) (CSConn klase) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
Ø16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative dienests CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: Ewido Security Suite control - Ewido tīkli - C: \ Program Files \ Ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Marķēšanas dienests (LightScribeService) - Unknown īpašnieks - c: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8.582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: PML Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown īpašnieks - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of failu - 12.852 bytes