Ciudat System Config Erori - Buna geek Challenge! X3

GMB · #1 25 ianuarie 2008, 17:47

Deci, într-un fir de pe un alt site, Am fost încercarea de a scăpa de un alergator de eroare, şi a fost dat câteva sfaturi pentru a merge într-Run şi edita de pornire lucru şi un clic pe Actualizări de la HP opţiune. Am făcut-o, şi care rezolvă această problemă, dar acum am luat asta:

Am incercat o gramada de lucruri diferite, dar eu de obicei, numai face lucrurile si mai rau. Aici este ceea ce de pornire lucru arata ca acum:

şi

Altcineva a sugerat că ar putea fi legate de virus. N-am găsi un troian, dar aceasta a fost tratată cu uşurinţă, dar sunt încă obtinerea erori.

Ştiu că este foarte mult, dar este foarte incepand de a încetini destul de mult şi totul este doar oferindu-mă dracu ', ori de câte ori Am incercat sa iau ceva de facut. Orice ajutor ar fi apreciat foarte mult.

**evilfantasy** · #2 25 ianuarie 2008, 18:29

Du-te si schimba-l la normal Startup Mode.

Instalaţi Instrumentul de pornire

Deschideţi instrumentul click dreapta nimic şi că nu mai aveţi nevoie pentru a rula la pornire apoi alege Eliminare.

Ce este fqvcil?

GMB · #3 25 ianuarie 2008, 18:45

Sincer, nu am nici o idee. Îmi pare foarte rău cu calculatoare, astfel încât nu ştiu chiar de cea mai mare parte a ceea ce înseamnă că lucrurile. x3 am avut-o la normal înainte, şi a fost încă o faci, dar lasă-mă să verific că instrumentul şi reporniţi şi să vedeţi dacă, care vă ajută.

Multumesc mult de sfat, de altfel. :) Apreciez asta.

**evilfantasy** · #4 25 ianuarie 2008, 18:50

Această intrare nu arata bine. Să ia o privire mai atentă.

Descărcaţi şi redenumiţi HijackThis (HJT)

Faceţi dublu-clic pe HJTInstall.
Click pe Instalaţi buton.
Se va transforma automat în loc HJT C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
După instalare, HijackThis ar trebui să se deschidă pentru tine.
- Inchide HijackThis şi redenumiţi-o.
- Du-te la C: \ Program Files \ Trend Micro \HijackThis.exe
- Click dreapta pe HijackThis.exe şi selectaţi Redenumire.
- Tip în sniper.exe şi apăsaţi Introduceţi.
- Clic-dreapta pe sniper.exe şi selectaţi Pentru a trimite > Spaţiul de lucru (crea shortcut)
De la spaţiul de lucru deschis HiajckThis.
Dacă utilizaţi Windows Vista, asiguraţi-vă că Executare ca administrator
Click pe Fă-un sistem de scanare şi salva un fişier de log buton
HijackThis va scana şi apoi un jurnal se va deschide în Notepad.
Copiaţi şi lipiţi apoi conectaţi-vă posta.
- Nu au Hijackthis repara nimic încă. Cea mai mare parte a ceea ce se constată va fi inofensiv sau chiar necesare.

Chiar dacă ne-am redenumit HijackThis la lunetist, ne vom referi în continuare să-l ca HijackThis sau HJT.

GMB · #5 25 ianuarie 2008, 19:07

Wow ... asta-i o mulţime de lucruri.

Logfile de Trend Micro HijackThis v2.0.2
Scan salvat de la 9:05:38, pe 1.25.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ Windows \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ ewido \ Security Suite \ ewidoctrl.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ Windows \ system32 \ HPZipm12.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy dragor \ SpySweeper.exe
C: \ Windows \ system32 \ dllhost.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ Windows \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ ALCMTR.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ kbd \ KBD.EXE
C: \ Program Files \ QuickTime \ QTTask.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Webroot \ Spy dragor \ SpySweeperUI.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ punct de vedere \ punct de vedere Manager \ ViewMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ InterMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ BitLord \ BitLord.exe
C: \ Program Files \ Winamp \ winamp.exe
C: \ Program Files \ Webroot \ Spy dragor \ SSU.EXE
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
F2 - REG: System.ini: Userinit = C: \ Windows \ system32 \ userinit.exe, hvtjsqo. exe
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: HP vedere - (B2847E28-5D7D-4DEB-8B67-05D28BCF79F5) - C: \ Program Files \ HP \ Digital Imaging \ bin \ HPDTLK02.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [fiasij] C: \ Windows \ system32 \ fqvcil.exe reg_run
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Memento] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HPHUPD06] "C: \ Program Files \ HP \ (AAC4FC36-8F89-4587-8DD3-EBC57C83374D) \ hphupd06.exe"
O4 - HKLM \ .. \ Run: [HPHmon06] C: \ Windows \ system32 \ hphmon06.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ kbd \ KBD.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] C: \ Program Files \ Webroot \ Spy dragor \ SpySweeperUI.exe / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [bfhuj] C: \ Windows \ system32 \ fqvcil.exe reg_run
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Du-te ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R (Utilizator "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [bfhuj] C: \ Windows \ system32 \ fqvcil.exe reg_run (User '? ")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ ogleToolbarNotifier.exe Du-te" (de utilizator "?")
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe (User '? ')
O4 - HKUS \ S-1-5-21-2639814213-3213438571-147013170-1008 \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background (User '? ")
O4 - S-1-5-21-2639814213-3213438571-147013170-1008 Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe (User '? ")
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C: \ Program Files \ HP \ Digital Imaging \ bin \ hpqtra08.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Actualizări de la HP.lnk = C: \ Program Files \ Actualizări de la HP \ 309731 \ Program \ Actualizări de la HP.exe
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin pentru. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn Class) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM-gazdă (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service pentru CDROM Access - Creative Technology Ltd - C: \ Windows \ system32 \ CTsvcCDA.exe
O23 - Service: ewido Security Suite de control - ewido reţele - C: \ Program Files \ ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Etichetarea Service (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protecţia Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ Windows \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: punct de vedere Manager Service - punct de vedere Corporation - C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy dragor Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy dragor \ SpySweeper.exe

--
Sfârşit de fişier - 14608 bytes

**evilfantasy** · #6 25 ianuarie 2008, 19:33

Deschideţi HJT şi selectaţi Fă-un sistem de scanare numai apoi puneţi un semn de selectare lângă:

F2 - REG: System.ini: Userinit = C: \ Windows \ system32 \ userinit.exe, hvtjsqo. exe

Închideţi toate ferestrele cu excepţia HJT apoi faceţi clic pe Fix verificate.

----------

Descărca ViewpointKiller

Dezarhiva program şi a întregului conţinut al ViewpointKiller.zip într-o locaţie, cum ar fi spaţiul de lucru.
Faceţi dublu clic pe icoana ViewpointKiller pentru a rula ViewpointKiller.exe.
Selectaţi Dosar meniul şi selectaţi Verificaţi pentru a vedea dacă aveţi instalat punct de vedere.
Dacă ViewpointKiller indică faptul că, din punct de vedere orice variante sunt instalate, selectaţi buna Omorî opţiune în Dosar meniu.

Urmaţi solicitările şi instrucţiuni foarte atent, raspunzand Da sau Nu în funcţie de opţiune, care vă sunt cele mai confortabile cu.
MSConfig de instrucţiuni sunt foarte importante, astfel încât să vă asiguraţi că aţi citit-le cu atenţie.

Notă: Când a terminat cu ViewpointKiller click dreapta şi şterge toate fişierele care au fost unzipped.

----------

Vă rugăm să descărcaţi Combofix de sUBs de la unul din link-urile de mai jos.
(Încearcă toate trei, dacă este necesar)

IMPORTANT - Combofix.exe TREBUIE SĂ fi salvate, pentru a-ţi-vă Spaţiul de lucru.

Închideţi orice deschide browsere. (Firefox, Internet Explorer, etc)
Inchide / dezactiva toate anti-virus si anti malware programe astfel încât acestea să nu interfereze cu Combofix. <- IMPORTANT
- Faceţi clic pe acest link pentru a vedea o lista de programe care ar trebui să fie cu handicap şi modul de dezactivare a lor. Dacă dumneavoastră nu este în listă şi nu ştiţi cum să dezactivaţi-l, vă rugăm să întrebaţi.
Faceţi dublu clic combofix.exe & urmăriţi solicitările.
- De la tastatura, selectaţi 1 şi apăsaţi Introduceţi
Când aţi terminat, se va produce un jurnal pentru tine.
Post-vă că intraţi în următorul răspuns.

Nu mouseclick combofix fereastra în timp ce se execută.
De scanare va dezactiva temporar pe desktop.
Dacă s-ar putea lăsa întreruptă pe computer congelate.
Dacă se întâmplă acest lucru, vă rugăm să reporniţi sistemul pentru a restaura spaţiul de lucru.

----------

Înainte posta, vă rugăm să adăugaţi
Combofix jurnal

**evilfantasy** · #7 25 ianuarie 2008, 19:37

Mutat la Virus, Spyware & Securitate forum.

GMB · #8 25 ianuarie 2008, 21:15

Avem un succes parţial! Ceva am lucrat. Nu sunteţi sigur care unul a fost, dar este un început. I restarted după ComboFix a fost făcut, iar acum, toate celelalte erori sunt plecat, abia acum am această achiziţie:

Am vazut ca înainte, dar eu nu amintesc cum am stabilit-o.

Iată fişierul jurnal ComboFix de la:

ComboFix 08-01-23.1C - HP_Administrator 2008-01-25 22:50:00.1 - NTFSx86

Rularea de la: C: \ Documents and Settings \ HP_Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Fişierele create de 2007-12-26 la 2008-01-26 ))))))))))) ))))))))))))))))))))
.

2008-01-25 22:48. 2000-08-31 08:00 51,200 - a ------ C: \ WINDOWS \ Nircmd.exe
2008-01-25 21:01. 2008-01-25 21:01 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-01-23 18:27. 2008-01-23 18:27 <DIR> d -------- C: \ Program Files \ DivX
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ WINDOWS \ «AøŽ O'-O
2008-01-21 01:48. 2008-01-21 01:48 <DIR> d -------- C: \ Moon Parrot
2008-01-04 00:51. 2008-01-04 00:53 <DIR> d -------- C: \ Program Files \ Winamp
2008-01-04 00:50. 2008-01-04 00:50 8,759,168 - a ------ C: \ Program Files \ winamp551_full_emusic-7plus_en-us.exe

.
(((((((((((((((((((((((((((((((((((((((( Find3M Raport )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-01-26 03:38 --------- d ----- w C: \ Program Files \ punct de vedere
2008-01-26 03:06 --------- d ----- w C: \ Program Files \ Hewlett-Packard
2008-01-25 16:55 --------- d ----- w C: \ Program Files \ Norton Internet Security
2008-01-25 12:16 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008-01-22 03:23 --------- d ----- w C: \ Program Files \ LimeWire
2008-01-19 23:36 164 Aw ---- C: \ install.dat
2008-01-19 23:35 --------- d ----- w C: \ Program Files \ Webroot
2008-01-05 01:56 1.526.640 ---- Aw C: \ WINDOWS \ WRSetup.dll
2008-01-05 01:34 23.920 ---- Aw C: \ Windows \ system32 \ drivers \ sskbfd.sys
2008-01-05 01:34 21.872 ---- Aw C: \ Windows \ system32 \ drivers \ sshrmd.sys
2008-01-05 01:34 20.336 ---- Aw C: \ Windows \ system32 \ drivers \ SSFS0BB9.sys
2008-01-05 01:34 163.696 ---- Aw C: \ Windows \ system32 \ drivers \ ssidrv.sys
2007-12-26 04:47 --------- d ----- w C: \ Program Files \ AIM
2007-12-17 00:44 --------- d ----- w C: \ Program Files \ QuickTime
2007-12-16 18:36 805 Aw ---- C: \ Windows \ system32 \ drivers \ SYMEVENT.INF
2007-12-16 18:36 60.800 ---- Aw C: \ Windows \ system32 \ S32EVNT1.DLL
2007-12-16 18:36 123.952 ---- Aw C: \ Windows \ system32 \ drivers \ SYMEVENT.SYS
2007-12-16 18:36 10.740 ---- Aw C: \ Windows \ system32 \ drivers \ SYMEVENT.CAT
2007-12-16 18:36 --------- d ----- w C: \ Program Files \ Symantec
2007-12-02 23:38 --------- d ----- w C: \ Program Files \ Plant Tycoon
2007-11-29 22:30 200.704 ---- Aw C: \ Windows \ system32 \ ssldivx.dll
2007-11-29 22:30 1.044.480 ---- Aw C: \ Windows \ system32 \ libdivx.dll
2007-11-07 09:26 721.920 ---- Aw C: \ Windows \ system32 \ lsasrv.dll
2007-11-07 09:26 721.920 ---- Aw C: \ Windows \ system32 \ dllcache \ lsasrv.dll
2007-10-30 23:42 3.590.656 ---- Aw C: \ Windows \ system32 \ dllcache \ Mshtml.dll
2007-10-30 17:20 360.064 ---- Aw C: \ Windows \ system32 \ dllcache \ tcpip.sys
2007-10-29 22:35 1.287.680 ---- Aw C: \ Windows \ system32 \ quartz.dll
2007-10-29 22:35 1.287.680 ---- Aw C: \ Windows \ system32 \ dllcache \ quartz.dll
2007-10-27 22:40 222.720 ---- Aw C: \ Windows \ system32 \ wmasf.dll
2007-10-27 22:40 222.720 ---- Aw C: \ Windows \ system32 \ dllcache \ wmasf.dll
2007-06-27 20:23 318.904-C - Aw C: \ Program Files \ wmpfirefoxplugin.exe
2007-02-19 21:57 12.887.872-C - Aw C: \ Program Files \ sspsetup1_.exe
2007-02-10 23:31 2.599.088-C - Aw C: \ Program Files \ Shockwave_Installer_Slim.exe
2007-02-10 23:26 12.711.440-C - Aw C: \ Program Files \ RealPlayer10-5GOLD.exe
2007-02-10 23:20 19.666.504-C - Aw C: \ Program Files \ QuickTimeInstaller.exe
2007-02-10 23:08 1.410.680-C - Aw C: \ Program Files \ install_flash_player.exe
2007-02-10 17:58 25.755.448-C - Aw C: \ Program Files \ wmp11-WindowsXP-x86-ENU.exe
2006-10-11 00:51 774.144-C - Aw C: \ Program Files \ RngInterstitial.dll
2006-09-16 02:12 811.584-C - Aw C: \ Program Files \ GoogleToolbarInstaller.exe
.

((((((((((((((((((((((((((((((((((((( Reg Se incarca Puncte )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Nota * gol intrări & legit default intrări nu sunt afişate
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ Windows \ system32 \ Ctfmon.exe" [2004-08-09 23:00 15360]
"Creative Detector" = "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" [2004-12-02 17:23 102400]
"swg" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Du-te ogleToolbarNotifier.exe" []
"SsAAD.exe" = "C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.e XE" [2006-11-02 13:43 472632]
"MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [2004-10-13 11:24 1694208]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"(0228e555-4f9c-4e35-a3ec-b109a192b4c2)" = "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe" [2005-07-15 16:48 479232]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe" [2005-03-15 13:37 32881]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" [2008-01-08 17:33 53096]
"Symantec PIF AlertEng" = "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" [2007-03-12 17:30 517768]
"SoundMan" = "SOUNDMAN.EXE" [2005-04-06 17:57 90112 C: \ WINDOWS \ SOUNDMAN.EXE]
"Memento" = "C: \ Windows \ Creator \ Remind_XP.exe" [2004-12-13 21:23 663552]
"Recguard" = "C: \ WINDOWS \ SMINST \ RECGUARD.EXE" [2004-04-14 08:43 233472]
"hpsysdrv" = "c: \ windows \ SYSTEM \ hpsysdrv.exe" [1998-05-07 04:04 52736]
"HotKeysCmds" = "C: \ Windows \ system32 \ hkcmd.exe" [2004-12-01 05:55 126976]
"High Definition Audio Property Page Shortcut" = "HDAudPropShortcut.exe" [2004-03-17 19:10 61952 C: \ Windows \ system32 \ Hdaudpropshortcut.exe]
"ehTray" = "C: \ WINDOWS \ ehome \ ehtray.exe" [2005-08-05 13:56 64512]
"AlcWzrd" = "ALCWZRD.EXE" [2005-04-06 17:53 2805248 C: \ WINDOWS \ ALCWZRD.EXE]
"AGRSMMSG" = "AGRSMMSG.exe" [2004-06-29 05:06 88363 C: \ WINDOWS \ AGRSMMSG.exe]
"itype" = "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe" [2006-11-21 20:08 813912]
"IntelliPoint" = "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe" [2007-02-05 18:52 849280]
"WinampAgent" = "C: \ Program Files \ Winamp \ winampa.exe" [2007-12-20 10:16 37376]
"Kbd" = "C: \ HP \ kbd \ KBD.EXE" [2005-02-02 16:44 61440]
"SpySweeper" = "C: \ Program Files \ Webroot \ Spy dragor \ SpySweeperUI.exe" [2008-01-04 20:56 5367664]
"AutoTBar" = "C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE" []

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Adobe Gamma Loader.lnk - C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe [2004-10-04 00:12:18 113664]
Adobe Reader Speed Launch.lnk - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe [2005-09-23 21:05:26 29696]
SpySubtract.lnk - C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe [2005-03-15 14:14:11 73728]
Actualizări de la HP.lnk - C: \ Program Files \ Actualizări de la HP \ 309731 \ Program \ Actualizări de la HP.exe [2005-03-15 14:15:23 45056]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ policies \ system]
"InstallVisualStyle" = C: \ WINDOWS \ Resources \ Teme \ Royale \ Royale.msstyles
"InstallTheme" = C: \ WINDOWS \ Resources \ Teme \ Royale.theme

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ Run-]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe"

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (749df047-11db-9937-9221-0013d408ae3c)]
\ Shell \ AutoRun \ command - L: \ wd_windows_tools \ setup.exe

* Newly Created Service * - COMHOST
* Newly Created Service * - PROCEXP90
.
Cuprins de la "Activităţi programate" dosar
"2008-01-19 15:35:02 C: \ WINDOWS \ Tasks \ AppleSoftwareUpdate.job"
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe
"2008-01-26 01:09:39 C: \ WINDOWS \ Tasks \ Norton AntiVirus - Run Full System Scan - HP_Administrator.job"
- C: \ PROGRA ~ 1 \ NORTON ~ 1 \ NORTON ~ 1 \ Navw32.exeh/TASK:
.
************************************************** ************************

catchme 0.3.1344 W2K/XP/Vista - rootkit / stealth malware detector de Gmer, http://www.gmer.net
Rootkit scan 2008-01-25 22:54:40
Windows 5.1.2600 Service Pack 2 NTFS

scanare ascuns procese ...

scanare ascuns autostart intrări ...

scanare fişiere ascunse ...

scanare sa finalizat cu succes
fişiere ascunse: 0

************************************************** ************************
.
Completion time: 2008-01-25 22:55:28
.
2008-01-09 13:11:47 --- EOF ---

[IMG] file: / / / C: / DOCUME% 7E1/HP_ADM% 7E1/LOCALS% 7E1/Temp/moz-screenshot.jpg [/ IMG] [IMG] file: / / / C: / DOCUME% 7E1/HP_ADM % 7E1/LOCALS% 7E1/Temp/moz-screenshot-1.jpg [/ IMG]

**evilfantasy** · #9 25 ianuarie 2008, 21:48

S-a întâmplat imediat după descărcarea de Winamp?

Vă rugăm să executaţi un nou HJT scanare şi post că jurnal.

GMB · #10 25 ianuarie 2008, 22:32

Am avut Winamp pentru o lungă perioadă de timp, înainte de acest început întâmplă. I-au făcut să-l instalaţi un timp înapoi, înainte de erori, dar nu pot să reamintească cât de curând după ce s-au produs erori.

Iată de HJT log:

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 12:29:23, pe 1.26.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16574)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe
C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ windows \ system \ hpsysdrv.exe
C: \ Windows \ system32 \ hkcmd.exe
C: \ WINDOWS \ ehome \ ehtray.exe
C: \ WINDOWS \ ALCWZRD.EXE
C: \ WINDOWS \ AGRSMMSG.exe
C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe
C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe
C: \ Program Files \ Winamp \ winampa.exe
C: \ HP \ kbd \ KBD.EXE
C: \ Program Files \ Webroot \ Spy dragor \ SpySweeperUI.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe
C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ Windows \ system32 \ CTsvcCDA.exe
C: \ WINDOWS \ eHome \ ehRecvr.exe
C: \ WINDOWS \ eHome \ ehSched.exe
C: \ Program Files \ ewido \ Security Suite \ ewidoctrl.exe
C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ Windows \ system32 \ HPZipm12.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ Spy dragor \ SpySweeper.exe
C: \ Windows \ system32 \ dllhost.exe
C: \ WINDOWS \ eHome \ ehmsas.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
C: \ Program Files \ Webroot \ Spy dragor \ SSU.EXE
C: \ Program Files \ punct de vedere \ punct de vedere Manager \ ViewMgr.exe
C: \ Program Files \ InterMute \ SpySubtract \ SpySub.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ AIM \ aim.exe
C: \ Program Files \ Encore \ Hoyle Card Games 2005 \ HoyleCardGames2005.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe
C: \ Program Files \ Messenger \ msmsgs.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://netscape.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Setări, ProxyOverride = localhost
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O2 - BHO: Norton Internet Security 2006 - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: NAV Helper - (A8F38D8D-E480-4D52-B7A2-731BB6995FDD) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security 2006 - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (C4069E3A-68F1-403E-B40E-20066696354B) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O4 - HKLM \ .. \ Run: [(0228e555-4f9c-4e35-a3ec-b109a192b4c2)] "C: \ Program Files \ Google \ Gmail Notifier \ gnotify.exe"
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ j2re1.4.2_03 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [Symantec PIF AlertEng] "C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe" / a / m " C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ AlertEng.dll "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [Memento] "C: \ Windows \ Creator \ Remind_XP.exe"
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ windows \ SYSTEM \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [HotKeysCmds] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM \ .. \ Run: [ehTray] C: \ WINDOWS \ ehome \ ehtray.exe
O4 - HKLM \ .. \ Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [itype] "C: \ Program Files \ Microsoft IntelliType Pro \ itype.exe"
O4 - HKLM \ .. \ Run: [IntelliPoint] "C: \ Program Files \ Microsoft IntelliPoint \ ipoint.exe"
O4 - HKLM \ .. \ Run: [WinampAgent] "C: \ Program Files \ Winamp \ winampa.exe"
O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ kbd \ KBD.EXE
O4 - HKLM \ .. \ Run: [AutoTBar] C: \ Program Files \ HP \ Digital Imaging \ bin \ AUTOTBAR.EXE
O4 - HKLM \ .. \ Run: [SpySweeper] "C: \ Program Files \ Webroot \ Spy dragor \ SpySweeperUI.exe" / startintray
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Creative Detector] "C: \ Program Files \ Creative \ MediaSource \ Detector \ CTDetect.exe" / R
O4 - HKCU \ .. \ Run: [swg] "C: \ Program Files \ Google \ GoogleToolbarNotifier \ 1.0.720.3640 \ Du-te ogleToolbarNotifier.exe"
O4 - HKCU \ .. \ Run: [SsAAD.exe] C: \ PROGRA ~ 1 \ Sony \ SONICS ~ 1 \ SsAAD.exe
O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Etalonare \ Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe
O4 - Global Startup: SpySubtract.lnk = C: \ Program Files \ InterMute \ SpySubtract \ sslaunch.exe
O4 - Global Startup: Actualizări de la HP.lnk = C: \ Program Files \ Actualizări de la HP \ 309731 \ Program \ Actualizări de la HP.exe
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_02 \ bin \ ssv.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O12 - Plugin pentru. Spop: C: \ Program Files \ Internet Explorer \ Plugins \ NPDocBox.dll
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (YInstStarter Class) - C: \ Program Files \ Yahoo! \ Common \ yinsthelper.dll
O16 - DPF: (6A344D34-5231-452A-8A57-D064AC9B7862) (Symantec Download Manager) -- https: / / webdl.symantec.com / ActiveX / symdlmgr.cab
O16 - DPF: (DBFF771D-3F92-4C70-9978-508738536F38) (CSConn Class) -- https: / / wtiwebopt.axaonline.com / fins...ts / csagent.cab
O16 - DPF: (DF780F87-FF2B-4DF8-92D0-73DB16A1543A) (PopCapLoader Object) -- http://www.popcap.com/games/popcaploader_v6.cab
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ccPwdSvc.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: COM-gazdă (comHost) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ comHost.exe
O23 - Service: Creative Service pentru CDROM Access - Creative Technology Ltd - C: \ Windows \ system32 \ CTsvcCDA.exe
O23 - Service: ewido Security Suite de control - ewido reţele - C: \ Program Files \ ewido \ Security Suite \ ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1150 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LightScribeService Direct Disc Etichetarea Service (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ PIF \ (B8E1DD85-8582-4c61-B58F-2F227FCA9A08) \ PIFSvc.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Norton Protecţia Center Service (NSCService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Console \ NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP - C: \ Windows \ system32 \ HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C: \ Program Files \ Common Files \ Sony Shared \ AVLib \ SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: punct de vedere Manager Service - punct de vedere Corporation - C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
O23 - Service: Webroot Spy dragor Engine (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy dragor \ SpySweeper.exe

--
Sfârşit de fişier - 12852 bytes