Rare System Config Feil - God Geek Challenge! X3

GMB · #1 25th 2008, 17:47

Så, i en tråd på et annet nettstedJeg prøvde å bli kvitt en runner feilen, og fikk noen råd å gå inn i Kjør og redigere oppstart ting og fjern klikke Oppdateringer fra HP alternativet. Jeg gjorde det, og det løste det problemet, men nå får jeg dette:

Jeg har prøvd en haug med forskjellige ting, men jeg vanligvis bare gjøre ting verre. Her er hva oppstart ting ser ut nå:

og

Noen andre antydet at det kan være virus-relaterte. Jeg har funnet en trojansk hest, men det var lett håndteres, men jeg er likevel får feil.

Jeg vet dette er mye, men det er virkelig begynner å avta ganske mye alt og er bare å gi meg helvete når jeg prøver å få noe gjort. Eventuelle hjelpe ville være verdsatt.

**evilfantasy** · #2 25th 2008, 18:29

Gå og endre den til Normal oppstart-modus.

Installer Oppstart Tool

Åpne verktøyet og høyreklikk noe du ikke lenger ønsker å kjøre ved oppstart og velg Fjern.

Hva er fqvcil?

GMB · #3 25th 2008, 18:45

Ærlig, har jeg ingen anelse. Jeg er virkelig ille med datamaskiner, slik at jeg ikke engang vet hva de fleste av at ting betyr. x3 Jeg hadde det på Normal før, og det var fortsatt gjør det, men la meg se ut som redskap og start og se om det hjelper.

Takk for råd, forresten. :) Jeg setter pris på det.

**evilfantasy** · #4 25th 2008, 18:50

Oppføringen som ikke ser ut til høyre. Kan ta en nærmere titt.

Last ned og endre navn HijackThis (HJT)

Dobbeltklikk på HJTInstall.
Klikk på Installer knappen.
Det vil automatisk plass HJT i C: \ Programfiler \ TrendMicro \ HijackThis \ HijackThis.exe.
Ved å installere, HijackThis skal åpne for deg.
- Lukk HijackThis og endre navnet.
- Gå til C: \ Programfiler \ Trend Micro \HijackThis.exe
- Høyreklikk på HijackThis.exe og velg Rename.
- Skriv inn sniper.exe og trykk Angi.
- Høyreklikk på sniper.exe og velg Send til > Desktop (opprette snarvei)
Fra skrivebordet åpner HiajckThis.
Hvis du bruker Windows Vista, må du Kjør som Administrator
Klikk på Gjør et system skanne og lagre en loggfil knappen
HijackThis skanner og deretter en logg åpnes i notepad.
Kopier og lim loggen i innlegget.
- Ikke har Hijackthis fikse noe ennå. Det meste av det de finner vil være harmløs eller kreves.

Selv om vi har omdøpt HijackThis til snikskytter, vi vil likevel se det som HijackThis eller HJT.

GMB · #5 25th 2008, 19:07

Wow ... dette var en masse ting.

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 9:05:38 PM, on 1/25/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Programfiler \ ewido \ security suite \ ewidoctrl.exe
c: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ Programfiler \ Google \ Gmail Notifier \ gnotify.exe
C: \ Programfiler \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Programfiler \ Microsoft IntelliType Pro \ itype.exe
C: \ Programfiler \ Microsoft IntelliPoint \ ipoint.exe
C: \ Programfiler \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ QuickTime \ QTTask.exe
C: \ Programfiler \ iTunes \ iTunesHelper.exe
C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Programfiler \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Programfiler \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Programfiler \ InterMute \ SpySubtract \ SpySub.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Programfiler \ AIM \ aim.exe
C: \ Programfiler \ BitLord \ BitLord.exe
C: \ Programfiler \ Winamp \ winamp.exe
C: \ Programfiler \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Programfiler \ Messenger \ msmsgs.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP-visning - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - c: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Programfiler \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec pif AlertEng] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "c: \ Program Files \ HP \ (AAC4FC36-8F89-4587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ WINDOWS \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Programfiler \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Programfiler \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Programfiler \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeperUI.exe / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [swg] "C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programfiler \ Messenger \ msmsgs.exe" / background
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ WINDOWS \ system32 \ fqvcil.exe reg_run (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [swg] "C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe" (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe (User '? ')
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Programfiler \ Messenger \ msmsgs.exe" / background (User '? ")
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe (User '? ")
O4 - Startup: Adobe Gamma.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Programfiler \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Programfiler \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Oppdateringer fra HP.lnk = C: \ Program Files \ Updates fra HP \ 309731 \ Programfiler \ Updates fra HP.exe
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Programfiler \ AIM \ aim.exe
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Programfiler \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klasse) - C: \ Programfiler \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / activex / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasse) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programfiler \ Fellesfiler \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatisk LiveUpdate Scheduler - Symantec Corporation - C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido nettverk - C: \ Programfiler \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Unknown owner - c: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c: \ progra ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of file - 14608 bytes

**evilfantasy** · #6 25th 2008, 19:33

Åpne HJT og velg Gjør et søk deretter plassere et merke ved siden:

F2 - REG: system.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe, hvtjsqo. exe

Lukk alle vinduer unntatt HJT deretter Fix kontrolleres.

----------

Laste ned ViewpointKiller

Unzip programmet og hele innholdet i ViewpointKiller.zip til et sted som for eksempel skrivebordet.
Dobbeltklikk ViewpointKiller ikonet for å kjøre ViewpointKiller.exe.
Velg Fil menyen, og velg Sjekk om du har Viewpoint installert.
Hvis ViewpointKiller indikerer at noen av Viewpoint variantene er installert, velger du riktig Drepe alternativ i Fil menyen.

Følg instruksjonene og instruksjonene svært nøye, svarer Ja eller Nei avhengig av hvilke valg du er mest komfortabel med.
Msconfig instruksjonene er svært viktig, så sørg for å lese dem nøye.

Merk: Når du er ferdig med ViewpointKiller høyreklikk og slette alle filer som ble unzipped.

----------

Last ned Combofix av ubåter fra én av de nedenfor koblinger.
(Prøv alle tre om nødvendig)

VIKTIG - Combofix.exe MÅ være lagret på din Desktop.

Lukk alle åpne weblesere. (Firefox, Internet Explorer, osv.)
Lukk / deaktiver alle anti-virus og anti malware-programmene slik at de ikke forstyrrer Combofix. <- VIKTIG
- Klikk på denne koblingen å se en liste over programmer som skal være deaktivert og hvordan du deaktiverer dem. Hvis din ikke er oppført og du ikke vet hvordan du deaktivere den, kan du spørre.
Dobbeltklikk combofix.exe og følg instruksjonene.
- Fra tastaturet velger 1 og trykk Angi
Når du er ferdig, vil den produsere en logg for deg.
Post denne loggen i din neste svaret.

Ikke mouseclick combofix's vinduet mens den kjører.
Skanningen vil midlertidig deaktivere skrivebordet.
Hvis avbrutt kan det forlater maskinen fryst.
Hvis dette skjer, kan du starte på nytt for å gjenopprette skrivebordet.

----------

Neste innlegg kan du legge
Combofix log

**evilfantasy** · #7 25th 2008, 19:37

Flyttet til virus, spionprogrammer og sikkerhet forum.

GMB · #8 25th 2008, 21:15

Vi har en delvis suksess! Noe jeg hadde jobbet med. Ikke sikker på hvem det var, men det er en begynnelse. JEG restarted etter ComboFix ble gjort, og nå er alle de andre feil er borte, bare nå jeg får dette:

Jeg har sett det før, men jeg kan ikke huske hvordan jeg fikset det.

Her er loggfilen fra ComboFix:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Running from: C: \ Documents and Settings \ HP_Administrator \ Skrivebord \ ComboFix.exe
.

((((((((((((((((((((((((( Files Created fra 2007-12-26 til 2008-01-26 ))))))))))) ))))))))))))))))))))
.

2008-01-25 22:48. 2000-08-31 08:00 51.200 - en ------ C: \ WINDOWS \ Nircmd.exe
2008-01-25 21:01. 2008-01-25 21:01 <DIR> d -------- C: \ Programfiler \ Trend Micro
2008-01-23 18:27. 2008-01-23 18:27 <DIR> d -------- C: \ Programfiler \ DivX
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ WINDOWS \ «aOz O'-o
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ Moon papegøye
2008-01-04 00:51. 2008-01-04 00:53 <DIR> d -------- C: \ Programfiler \ Winamp
2008-01-04 00:50. 2008-01-04 00:50 8.759.168 - en ------ C: \ Programfiler \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-26 03:38 --------- d ----- w C: \ Program Files \ Viewpoint
2008-01-26 03:06 --------- d ----- w C: \ Programfiler \ Hewlett-Packard
2008-01-25 16:55 --------- d ----- w C: \ Programfiler \ Norton Internet Security
2008-01-25 12:16 --------- d ----- w C: \ Programfiler \ Fellesfiler \ Symantec Shared
2008-01-22 03:23 --------- d ----- w C: \ Programfiler \ LimeWire
2008-01-19 23:36 164 ---- aw C: \ install.dat
2008-01-19 23:35 --------- d ----- w C: \ Programfiler \ Webroot
2008-01-05 01:56 1.526.640 ---- aw C: \ WINDOWS \ WRSetup.dll
2008-01-05 01:34 23.920 ---- aw C: \ WINDOWS \ system32 \ drivers \ sskbfd.sys
2008-01-05 01:34 21.872 ---- aw C: \ WINDOWS \ system32 \ drivers \ sshrmd.sys
2008-01-05 01:34 20.336 ---- aw C: \ WINDOWS \ system32 \ drivers \ SSFS0BB9.sys
2008-01-05 01:34 163.696 ---- aw C: \ WINDOWS \ system32 \ drivers \ ssidrv.sys
2007-12-26 04:47 --------- d ----- w C: \ Programfiler \ AIM
2007-12-17 00:44 --------- d ----- w C: \ Programfiler \ QuickTime
2007-12-16 18:36 805 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.INF
2007-12-16 18:36 60.800 ---- aw C: \ WINDOWS \ system32 \ S32EVNT1.DLL
2007-12-16 18:36 123.952 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.SYS
2007-12-16 18:36 10.740 ---- aw C: \ WINDOWS \ system32 \ drivers \ SYMEVENT.CAT
2007-12-16 18:36 --------- d ----- w C: \ Programfiler \ Symantec
2007-12-02 23:38 --------- d ----- w C: \ Programfiler \ Plant Tycoon
2007-11-29 22:30 200.704 ---- aw C: \ WINDOWS \ system32 \ ssldivx.dll
2007-11-29 22:30 1.044.480 ---- aw C: \ WINDOWS \ system32 \ libdivx.dll
2007-11-07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ Lsasrv.dll
2007-11-07 09:26 721.920 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Lsasrv.dll
2007-10-30 23:42 3.590.656 ---- aw C: \ WINDOWS \ system32 \ dllcache \ mshtml.dll
2007-10-30 17:20 360.064 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Tcpip.sys
2007-10-29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ Quartz.dll
2007-10-29 22:35 1.287.680 ---- aw C: \ WINDOWS \ system32 \ dllcache \ Quartz.dll
2007-10-27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ wmasf.dll
2007-10-27 22:40 222.720 ---- aw C: \ WINDOWS \ system32 \ dllcache \ wmasf.dll
2007-06-27 20:23 318.904-c - aw C: \ Programfiler \ wmpfirefoxplugin.exe
2007-02-19 21:57 12.887.872-c - aw C: \ Programfiler \ sspsetup1_.exe
2007-02-10 23:31 2.599.088-c - aw C: \ Programfiler \ Shockwave_Installer_Slim.exe
2007-02-10 23:26 12.711.440-c - aw C: \ Programfiler \ RealPlayer10-5GOLD.exe
2007-02-10 23:20 19.666.504-c - aw C: \ Programfiler \ QuickTimeInstaller.exe
2007-02-10 23:08 1.410.680-c - aw C: \ Programfiler \ install_flash_player.exe
2007-02-10 17:58 25.755.448-c - aw C: \ Programfiler \ WMP11-windowsxp-x86-enu.exe
2006-10-11 00:51 774.144-c - aw C: \ Programfiler \ RngInterstitial.dll
2006-09-16 02:12 811.584-c - aw C: \ Programfiler \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Note * empty entries & legit default entries ikke vises
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-09 23:00 15360]
"Creative Detector" = "C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe" [2004-12-02 17:23 102400]
"swg" = "C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.e XE" [2006-11-02 13:43 472632]
"MSMSGS" = "C: \ Programfiler \ Messenger \ msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"(0228e555-4f9c-4e35-a3ec-b109a192b4c2)" = "C: \ Programfiler \ Google \ Gmail Notifier \ gnotify.exe" [2005-07-15 16:48 479232]
"SunJavaUpdateSched" = "C: \ Programfiler \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005-03-15 13:37 32881]
"ccApp" = "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe" [2008-01-08 17:33 53096]
"Symantec pif AlertEng" = "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007-03-12 17:30 517768]
"SoundMan" = "SOUNDMAN.EXE" [2005-04-06 17:57 90112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Reminder" = "C: \ Windows \ Creator \ Remind_XP.exe" [2004-12-13 21:23 663552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004-04-14 08:43 233472]
"hpsysdrv" = "c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe" [1998-05-07 04:04 52736]
"HotKeysCmds" = "C: \ WINDOWS \ system32 \ hkcmd.exe" [2004-12-01 05:55 126976]
"High Definition Audio Property Page Shortcut" = "HDAudPropShortcut.exe" [2004-03-17 19:10 61952 C: \ WINDOWS \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ ehome \ ehtray.exe" [2005-08-05 13:56 64512]
"AlcWzrd" = "ALCWZRD.EXE" [2005-04-06 17:53 2805248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004-06-29 05:06 88363 C: \ WINDOWS \ AGRSMMSG.exe]
"itype" = "C: \ Programfiler \ Microsoft IntelliType Pro \ itype.exe" [2006-11-21 20:08 813912]
"IntelliPoint" = "C: \ Programfiler \ Microsoft IntelliPoint \ ipoint.exe" [2007-02-05 18:52 849280]
"WinampAgent" = "C: \ Programfiler \ Winamp \ winampa.exe" [2007-12-20 10:16 37376]
"KBD" = "C: \ HP \ KBD \ KBD.EXE" [2005-02-02 16:44 61440]
"SpySweeper" = "C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" [2008-01-04 20:56 5367664]
"AutoTBar" = "C: \ Programfiler \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Start-meny \ Programmer \ Startup
Adobe Gamma Loader.lnk - C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2004-10-04 00:12:18 113664]
Adobe Reader Speed Launch.lnk - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [2005-09-23 21:05:26 29696]
SpySubtract.lnk - C: \ Programfiler \ InterMute \ SpySubtract \ sslaunch.exe [2005-03-15 14:14:11 73728]
Oppdateringer fra HP.lnk - C: \ Program Files \ Updates fra HP \ 309731 \ Programfiler \ Updates fra HP.exe [2005-03-15 14:15:23 45056]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ policies \ system]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Themes \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Themes \ Royale.theme

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ curr entversion \ kjøretidsversjonen]
"QuickTime Task" = "C: \ Programfiler \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Programfiler \ iTunes \ iTunesHelper.exe"

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (749df047-9937-11db-9221-0013d408ae3c)]
\ Shell \ AutoRun \ command - L: \ wd_windows_tools \ setup.exe

* Newly Created Service * - COMHOST
* Newly Created Service * - PROCEXP90
.
Innholdet i "Scheduled Tasks"-mappen
"2008-01-19 15:35:02 C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job"
- C: \ Programfiler \ Apple Software Update \ SoftwareUpdate.exe
"2008-01-26 01:09:39 C: \ WINDOWS \ Tasks \ Norton AntiVirus - Run Full System Scan - HP_Administrator.job"
- C: \ progra ~ 1 \ Norton ~ 1 \ Norton ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

CatchMe 0.3.1344 W2K/XP/Vista - rootkit / skjulemodus malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 22:54:40
Windows 5.1.2600 Service Pack 2 NTFS

skanning skjulte prosesser ...

scanning hidden autostart entries ...

skanning skjulte filer ...

skanning er fullført
skjulte filer: 0

************************************************** ************************
.
Fullføringstidspunkt: 2008-01-25 22:55:28
.
2008-01-09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [IMG] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ IMG]

**evilfantasy** · #9 25 januar 2008, 21:48

Skjedde dette kort tid etter laste ned Winamp?

Kjør en ny HJT scan og post loggen.

GMB · #10 25th 2008, 22:32

Jeg har hatt Winamp for lang tid før dette begynte å skje. Jeg hadde å installere det på nytt en stund tilbake, før feil, men jeg kan ikke huske hvor snart etter feil oppstod.

Her er HJT loggen:

Logfile of Trend Micro HijackThis v2.0.2
Scan lagret 12:29:23 AM, on 1/26/2008
Plattform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Kjører prosesser:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ Lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programfiler \ Google \ Gmail Notifier \ gnotify.exe
C: \ Programfiler \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Programfiler \ Microsoft IntelliType Pro \ itype.exe
C: \ Programfiler \ Microsoft IntelliPoint \ ipoint.exe
C: \ Programfiler \ Winamp \ winampa.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeperUI.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Programfiler \ ewido \ security suite \ ewidoctrl.exe
c: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
C: \ Programfiler \ Fellesfiler \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ HPZipm12.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeper.exe
C: \ WINDOWS \ system32 \ Dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Programfiler \ Webroot \ Spy Sweeper \ SSU.EXE
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Programfiler \ InterMute \ SpySubtract \ SpySub.exe
C: \ Programfiler \ Mozilla Firefox \ firefox.exe
C: \ Programfiler \ AIM \ aim.exe
C: \ Programfiler \ Encore \ Hoyle Card Games 2005 \ HoyleCardGames2005.exe
C: \ Programfiler \ Trend Micro \ HijackThis \ sniper.exe
C: \ Programfiler \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programfiler \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ progra ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Programfiler \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Programfiler \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec pif AlertEng] "C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Reminder] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ WINDOWS \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Programfiler \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Programfiler \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Programfiler \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Programfiler \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Programfiler \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [swg] "C: \ Programfiler \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Go ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ progra ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Programfiler \ Messenger \ msmsgs.exe" / background
O4 - Startup: Adobe Gamma.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Programfiler \ Fellesfiler \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Programfiler \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Programfiler \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Oppdateringer fra HP.lnk = C: \ Program Files \ Updates fra HP \ 309731 \ Programfiler \ Updates fra HP.exe
O8 - Extra sammenheng menyelement: E & ksporter til Microsoft Excel - res: / / c: \ progra ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000
O9 - Extra knappen: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra "Verktøy" MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Programfiler \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra knappen: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ progra ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL
O9 - Extra knappen: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Programfiler \ AIM \ aim.exe
O9 - Extra knappen: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra "Verktøy" MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra knappen: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O9 - Extra "Verktøy" MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programfiler \ Messenger \ msmsgs.exe
O12 - Plugin for. Spop: C: \ Programfiler \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter klasse) - C: \ Programfiler \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / activex / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn klasse) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Programfiler \ Fellesfiler \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C: \ Programfiler \ Fellesfiler \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatisk LiveUpdate Scheduler - Symantec Corporation - C: \ Programfiler \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.exe
O23 - Service: ewido security suite control - ewido nettverk - C: \ Programfiler \ ewido \ security suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Programfiler \ Fellesfiler \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Programfiler \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Merking Service (LightScribeService) - Unknown owner - c: \ Programfiler \ Fellesfiler \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - c: \ progra ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ pif \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ WINDOWS \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Programfiler \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Programfiler \ Fellesfiler \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Programfiler \ Fellesfiler \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - C: \ Programfiler \ Webroot \ Spy Sweeper \ SpySweeper.exe

--
End of file - 12852 bytes

Lignende Tråder
Tråd	Tråd startet	Forum	Svar	Siste innlegg
RIS Problem "Windows \ system32 \ config \ system"	alfred01	Windows-operativsystemer	0	17 juni 2009 14:12
Kjøper ny datamaskin - kan noen fortelle meg om dette config er bra?	ahsanjee	General Hardware Chat	7	14 juni 2009 08:27
\ windows \ system32 \ config \ system mangler eller er skadet	fenderdude	Windows-operativsystemer	1	23 desember 2008 07:47
IS systemet godt nok?	MystikalDawn	General Hardware Chat	6	23 nov 2008 08:50
Systemet godt nok for å spille GTR?	Sandra	PC & Console Gaming	4	9 oktober 2008 10:37