Just nu i M3-nätverket
Jump to content

Seg dator.. Virus?


Oscar_sthlm

Recommended Posts

Hej!

Jag upplever min dator mycket segare på sistonde samt att den hakar upp sig oftare! Den är även väldigt seg i starten då den står i ett läge där skärmen är helt svart i ca 10 sek och sedan startar den, så har den aldrig startar upp förrut.

Så jag undrar om någon snäll själ skulle kunna läsa denna log fil jag skickar med från Hijackthis o se vad det är för fel (om det nu är något)

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 20:07:01, on 2007-02-08

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\WINDOWS\system32\CTsvcCDA.exe

c:\program\pinnacle\mediac~1\epgspo~2.exe

C:\Program\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\Norman\Bin\Zanda.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\MsPMSPSv.exe

c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe

C:\Norman\bin\NJEEVES.EXE

C:\Norman\Nvc\bin\nvcoas.exe

C:\Norman\Nvc\BIN\nipsvc.exe

C:\Norman\Nvc\BIN\NVCSCHED.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\ALCWZRD.EXE

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

C:\WINDOWS\system32\CTHELPER.EXE

C:\Program\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe

C:\WINDOWS\system32\PRISMSTA.EXE

C:\Norman\bin\ZLH.EXE

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\Java\jre1.5.0_10\bin\jusched.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe

C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\WINDOWS\System32\svchost.exe

C:\Norman\Nvc\bin\cclaw.exe

C:\Norman\Nvc\BIN\NVCOD.EXE

C:\Norman\Nvc\BIN\NIP.EXE

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\WINDOWS\explorer.exe

C:\Norman\bin\niu.exe

C:\Program\LimeWire\LimeWire.exe

C:\Program\Windows Media Player\wmplayer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telia.se/privat/frame.do?mainFrame=/index.do

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O1 - Hosts: 193.111.68.150 l2authd.lineage2.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O4 - HKLM\..\Run: [Genväg till egenskapssida för High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [sBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [PMCS] C:\Program\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Service Manager.lnk = C:\Program\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program\Delade filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - c:\program\pinnacle\mediac~1\epgspo~2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

[/log]

 

Link to comment
Share on other sites

 

Scanna med Hijack bocka i följande rader stäng Web-läsaren och klicka Fix checked

 

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

 

sen kan du Googla dessa och stäng av via msconfig > Autostart dom som inte är viktiga för systemet

 

[log]O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [sBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r

O4 - HKLM\..\Run: [updReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [PMCS] C:\Program\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program\Java\jre1.5.0_10\bin\jusched.exe"

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"

O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Service Manager.lnk = [/log]

 

Link to comment
Share on other sites

jag bockade för den där raden som du sa och tryckte på fix checked.

Men jag förstår inte riktigt vad jag ska göra sen? googla fram vadå?

 

Link to comment
Share on other sites

 

Här kan du göra en sök på alla rader ex. första raden

 

http://www.bleepingcomputer.com/startups/

 

[log]O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

 

sök på = SOUNDMAN.EXE

 

så ser du att Status är N

så den kan man stänga av

sen nästa rad osv.....

Om nån av rader inte hittas där så använd Google.

 

Y - This status flag means that this entry should be left alone and be allowed to run as if it is unchecked it may break the functionality or use of a particular program.

N - This status flag means it is unnecessary to run this program automatically when Windows starts as you can run it manually when necessary.

U - This status flag means it is up to you whether or not you feel this program needs to run automatically. [/log]

 

Link to comment
Share on other sites

  • 2 weeks later...

Jag gjorde de du sa men sen har datan blivit lite konstig.. Idag kom det ett felmedelande som såg ut såhär:

 

[log]OS: Windows XP Home Edition, SP2

CPU: GenuineIntel, Intel Pentium 4, MMX @ 0 MHz

 

Application data:

VmVyc2lvbjogVVVKZFExQlRWbHRFVFVOSFF5c29PU2M1QndBNkpUOCt

MVzk3WjJOck1DRWpQeU1rTTBGeGVIQjBaWE01DQpJbWFnZUJhc2U6ID

A1OUQwMDAwDQotMQ0KQ29kZSA9IFsxMTRdDQotIDIyMQ0KLSAwDQotI

DIxNw0KLSAwDQotIFtdDQo+IEM6XFdJTkRPV1NcRXhwbG9yZXIuRVhF

DQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcbnRkbGwuZGxsDQo+IEM6XFd

JTkRPV1Ncc3lzdGVtMzJca2VybmVsMzIuZGxsDQo+IEM6XFdJTkRPV1

Ncc3lzdGVtMzJcQURWQVBJMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzd

GVtMzJcUlBDUlQ0LmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXEJS

T1dTRVVJLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXEdESTMyLmR

sbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFVTRVIzMi5kbGwNCj4gQz

pcV0lORE9XU1xzeXN0ZW0zMlxtc3ZjcnQuZGxsDQo+IEM6XFdJTkRPV

1Ncc3lzdGVtMzJcb2xlMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVt

MzJcU0hMV0FQSS5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxPTEV

BVVQzMi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxTSERPQ1ZXLm

RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXENSWVBUMzIuZGxsDQo+I

EM6XFdJTkRPV1Ncc3lzdGVtMzJcTVNBU04xLmRsbA0KPiBDOlxXSU5E

T1dTXHN5c3RlbTMyXENSWVBUVUkuZGxsDQo+IEM6XFdJTkRPV1Ncc3l

zdGVtMzJcV0lOVFJVU1QuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz

JcSU1BR0VITFAuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTkVUQ

VBJMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcV0lOSU5FVC5k

bGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxXTERBUDMyLmRsbA0KPiB

DOlxXSU5ET1dTXHN5c3RlbTMyXFZFUlNJT04uZGxsDQo+IEM6XFdJTk

RPV1Ncc3lzdGVtMzJcU0hFTEwzMi5kbGwNCj4gQzpcV0lORE9XU1xze

XN0ZW0zMlxVeFRoZW1lLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMy

XFNoaW1FbmcuZGxsDQo+IEM6XFdJTkRPV1NcQXBwUGF0Y2hcQWNHZW5

yYWwuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcV0lOTU0uZGxsDQ

o+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTVNBQ00zMi5kbGwNCj4gQzpcV

0lORE9XU1xzeXN0ZW0zMlxVU0VSRU5WLmRsbA0KPiBDOlxXSU5ET1dT

XFdpblN4U1x4ODZfTWljcm9zb2Z0LldpbmRvd3MuQ29tbW9uLUNvbnR

yb2xzXzY1OTViNjQxNDRjY2YxZGZfNi4wLjI2MDAuMjk4Ml94LXd3X2

FjM2Y5YzAzXGNvbWN0bDMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3Rlb

TMyXGNvbWN0bDMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGFw

cEhlbHAuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcQ0xCQ0FUUS5

ETEwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxDT01SZXMuZGxsDQo+IE

M6XFdJTkRPV1NcU3lzdGVtMzJcY3NjdWkuZGxsDQo+IEM6XFdJTkRPV

1NcU3lzdGVtMzJcQ1NDRExMLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3Rl

bTMyXHRoZW1ldWkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcU2V

jdXIzMi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxNU0lNRzMyLm

RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXHhwc3AycmVzLmRsbA0KP

iBDOlxXSU5ET1dTXHN5c3RlbTMyXGFjdHhwcnh5LmRsbA0KPiBDOlxX

SU5ET1dTXHN5c3RlbTMyXG50c2hydWkuZGxsDQo+IEM6XFdJTkRPV1N

cc3lzdGVtMzJcQVRMLkRMTA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXF

NFVFVQQVBJLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXE5FVFNIR

UxMLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGNyZWR1aS5kbGwN

Cj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxpcGhscGFwaS5kbGwNCj4gQzp

cV0lORE9XU1xzeXN0ZW0zMlxXUzJfMzIuZGxsDQo+IEM6XFdJTkRPV1

Ncc3lzdGVtMzJcV1MySEVMUC5kbGwNCj4gQzpcV0lORE9XU1xzeXN0Z

W0zMlxydHV0aWxzLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXHVy

bG1vbi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxMSU5LSU5GTy5

kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxicm93c2VsYy5kbGwNCj

4gQzpcV0lORE9XU1xzeXN0ZW0zMlxNU1ZDUjcxLmRsbA0KPiBDOlxXS

U5ET1dTXHN5c3RlbTMyXFNYUy5ETEwNCj4gQzpcV0lORE9XU1xzeXN0

ZW0zMlxBQ1RJVkVEUy5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlx

hZHNsZHBjLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXERVU0VSLm

RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdJTlNUQS5kbGwNCj4gQ

zpcV0lORE9XU1xzeXN0ZW0zMlx3ZWJjaGVjay5kbGwNCj4gQzpcV0lO

RE9XU1xzeXN0ZW0zMlxXU09DSzMyLmRsbA0KPiBDOlxXSU5ET1dTXHN

5c3RlbTMyXHN0b2JqZWN0LmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbT

MyXEJhdE1ldGVyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFBPV

1JQUk9GLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFdUU0FQSTMy

LmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXE1MQU5HLmRsbA0KPiB

DOlxXSU5ET1dTXHN5c3RlbTMyXGN0YWdlbnQuZGxsDQoNCkNyZWF0aX

ZlIFRlY2hub2xvZ3kgTHRkDQpjdGFnZW50DQoxLCAwLCAwLCA4DQpjd

GFnZW50DQpDb3B5cmlnaHQgqSAyMDAyLTAzDQpjdGFnZW50LmRsbA0K

MSwgMCwgMCwgOA0KICBjdGFnZW50DQoNCj4gQzpcV0lORE9XU1xzeXN

0ZW0zMlxyc2FlbmguZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcY2

9tZGxnMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTXNpLmRsb

A0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFJBU0FQSTMyLmRsbA0KPiBD

OlxXSU5ET1dTXHN5c3RlbTMyXHJhc21hbi5kbGwNCj4gQzpcV0lORE9

XU1xzeXN0ZW0zMlxUQVBJMzIuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdG

VtMzJcbXN2MV8wLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXE1QU

i5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW0zMlxORVRSQVAuZGxsDQo+

IEM6XFdJTkRPV1NcU3lzdGVtMzJcZHJwcm92LmRsbA0KPiBDOlxXSU5

ET1dTXFN5c3RlbTMyXG50bGFubWFuLmRsbA0KPiBDOlxXSU5ET1dTXF

N5c3RlbTMyXE5FVFVJMC5kbGwNCj4gQzpcV0lORE9XU1xTeXN0ZW0zM

lxORVRVSTEuZGxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcU0FNTElC

LmRsbA0KPiBDOlxXSU5ET1dTXFN5c3RlbTMyXGRhdmNsbnQuZGxsDQo

+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTVNHSU5BLmRsbA0KPiBDOlxXSU

5ET1dTXHN5c3RlbTMyXE9EQkMzMi5kbGwNCj4gQzpcV0lORE9XU1xze

XN0ZW0zMlxvZGJjaW50LmRsbA0KPiBDOlxXSU5ET1dTXFdpblN4U1x4

ODZfTWljcm9zb2Z0LldpbmRvd3MuR2RpUGx1c182NTk1YjY0MTQ0Y2N

mMWRmXzEuMC4yNjAwLjIxODBfeC13d181MjJmOWY4MlxnZGlwbHVzLm

RsbA0KPiBDOlxOb3JtYW5cTnZjXEJJTlxOaXBoay5kbGwNCg0KTm9yb

WFuIEFTQQ0KTlZDIEludGVybmV0IFByb3RlY3Rpb24NCjUsIDgsIDIs

IDINCk5JUA0KQ29weXJpZ2h0IKkgMjAwMC0yMDA2DQpOSVBISy5ETEw

NCk5WQyB2NS44Mg0KTm9ybWFuIFZpcnVzIENvbnRyb2wNCg0KPiBDOl

xXSU5ET1dTXHN5c3RlbTMyXHdkbWF1ZC5kcnYNCj4gQzpcV0lORE9XU

1xzeXN0ZW0zMlxtc2FjbTMyLmRydg0KPiBDOlxXSU5ET1dTXHN5c3Rl

bTMyXG1pZGltYXAuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcc2h

kb2NsYy5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxtc3dzb2NrLm

RsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGhuZXRjZmcuZGxsDQo+I

EM6XFdJTkRPV1NcU3lzdGVtMzJcd3NodGNwaXAuZGxsDQo+IEM6XFdJ

TkRPV1Ncc3lzdGVtMzJcc2Vuc2FwaS5kbGwNCj4gQzpcV0lORE9XU1x

zeXN0ZW0zMlxETlNBUEkuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz

JccmFzYWRobHAuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcbXNod

G1sLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXG1zbHMzMS5kbGwN

Cj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxQU0FQSS5ETEwNCj4gQzpcV0l

ORE9XU1xzeXN0ZW0zMlxJTU0zMi5ETEwNCj4gQzpcV0lORE9XU1xzeX

N0ZW0zMlxtc2Ntcy5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxXS

U5TUE9PTC5EUlYNCj4gQzpcUHJvZ3JhbVxEZWxhZGUgZmlsZXJcQWhl

YWRcTGliXE5lcm9EaWdpdGFsRXh0LmRsbA0KDQpOZXJvIEFHDQpOZXJ

vIERpZ2l0YWwgU2hlbGwgRXh0ZW5zaW9uDQoxLjEuMC42DQpOZXJvRG

lnaXRhbEV4dC5kbGwNCkNvcHlyaWdodCAoYykgMTk5NS0yMDA1IE5lc

m8gQUcgYW5kIGl0cyBsaWNlbnNvcnMuDQpOZXJvRGlnaXRhbEV4dC5k

bGwNCjEuMS4wLjYNCk5lcm8gRGlnaXRhbCBUb29scw0KDQo+IEM6XFB

yb2dyYW1cRGVsYWRlIGZpbGVyXEFoZWFkXExpYlxNRkM3MS5ETEwNCj

4gQzpcUHJvZ3JhbVxEZWxhZGUgZmlsZXJcQWhlYWRcTGliXE1TVkNQN

zEuZGxsDQo+IEM6XFByb2dyYW1cQWRvYmVcQWNyb2JhdCA3LjBcQWN0

aXZlWFxQREZTaGVsbC5kbGwNCg0KQWRvYmUgU3lzdGVtcywgSW5jLg0

KUERGIFNoZWxsIEV4dGVuc2lvbg0KNy4wLjAuMA0KUERGU2hlbGwNCk

NvcHlyaWdodCAyMDAwLTIwMDQgQWRvYmUgU3lzdGVtcywgSW5jLg0KU

ERGU2hlbGwuZGxsDQo3LjAuMC4wDQpBZG9iZSBQREYgU2hlbGwgRXh0

ZW5zaW9uDQoNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxmeHNzdC5kbGw

NCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxGWFNBUEkuZGxsDQo+IEM6XF

dJTkRPV1Ncc3lzdGVtMzJcTlRNQVJUQS5ETEwNCj4gQzpcV0lORE9XU

1xzeXN0ZW0zMlxNU1ZGVzMyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3Rl

bTMyXGpzY3JpcHQuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcZGR

yYXdleC5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxERFJBVy5kbG

wNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxEQ0lNQU4zMi5kbGwNCj4gQ

zpcV0lORE9XU1xzeXN0ZW0zMlxJbWdVdGlsLmRsbA0KPiBDOlxXSU5E

T1dTXHN5c3RlbTMyXHNjaGFubmVsLmRsbA0KPiBDOlxXSU5ET1dTXHN

5c3RlbTMyXFdNVkNvcmUuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz

JcV01BU0YuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcd21wZHhtL

mRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXHdtcC5kbGwNCj4gQzpc

V0lORE9XU1xzeXN0ZW0zMlx3bXBsb2MuZGxsDQo+IEM6XFdJTkRPV1N

cc3lzdGVtMzJcd21uZXRtZ3IuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdG

VtMzJceHBzcDNyZXMuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcd

2RpZ2VzdC5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxNUFJBUEku

ZGxsDQo+IEM6XFdJTkRPV1NcU3lzdGVtMzJcd2lucm5yLmRsbA0KPiB

DOlxXSU5ET1dTXHN5c3RlbTMyXG1zZG1vLmRsbA0KDQo2LjUuMjYwMC

4yMTgwDQo2LjUuMjYwMC4yMTgwDQoNCj4gQzpcV0lORE9XU1xzeXN0Z

W0zMlxEU09VTkQuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcS3NV

c2VyLmRsbA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXEQzRElNNzAwLkR

MTA0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXGljbTMyLmRsbA0KDQpNaW

Nyb3NvZnQgQ29ycG9yYXRpb24NCk1pY3Jvc29mdCBG5HJnbWF0Y2hua

W5nc21vZHVsIChDTU0pDQo1LjEuMjYwMC4yNzA5ICh4cHNwX3NwMl9n

ZHIuMDUwNjI4LTE1MTgpDQpJQ00zMi5ETEwNCkNvcHlyaWdodCCpMTk

5NS0xOTk3IEhlaWRlbGJlcmdlciBEcnVja21hc2NoaW5lbiBBRw0KSU

NNMzIuRExMDQo1LjEuMjYwMC4yNzA5DQpPcGVyYXRpdnN5c3RlbWV0I

E1pY3Jvc29mdK4gV2luZG93c64NCg0KPiBDOlxXSU5ET1dTXHN5c3Rl

bTMyXHN0aS5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxDRkdNR1I

zMi5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxteWRvY3MuZGxsDQ

o+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcZGZzaGltLmRsbA0KPiBDOlxXS

U5ET1dTXHN5c3RlbTMyXG1zY29yZWUuZGxsDQo+IEM6XFdJTkRPV1Nc

c3lzdGVtMzJcUFJJTlRVSS5kbGwNCj4gQzpcV0lORE9XU1xNaWNyb3N

vZnQuTkVUXEZyYW1ld29ya1x2Mi4wLjUwNzI3XFNoZnVzaW9uLmRsbA

0KPiBDOlxXSU5ET1dTXFdpblN4U1x4ODZfTWljcm9zb2Z0LlZDODAuQ

1JUXzFmYzhiM2I5YTFlMThlM2JfOC4wLjUwNzI3LjQyX3gtd3dfMGRl

MDZhY2RcTVNWQ1I4MC5kbGwNCj4gQzpcV0lORE9XU1xNaWNyb3NvZnQ

uTkVUXEZyYW1ld29ya1x2Mi4wLjUwNzI3XEZ1c2lvbi5kbGwNCj4gQz

pcV0lORE9XU1xNaWNyb3NvZnQuTkVUXEZyYW1ld29ya1x2Mi4wLjUwN

zI3XGN1bHR1cmUuZGxsDQo+IEM6XFdJTkRPV1NcTWljcm9zb2Z0Lk5F

VFxGcmFtZXdvcmtcdjIuMC41MDcyN1xTaEZ1c1Jlcy5kbGwNCj4gQzp

cUHJvZ3JhbVxEZWxhZGUgZmlsZXJcQWhlYWRcTGliXEFkdnJDbnRyLm

RsbA0KDQpBaGVhZCBTb2Z0d2FyZSBBRw0KQWR2ckNudHIgTW9kdWxlD

QoxLDIsMSwgMjI3OA0KQWR2ckNudHINCkNvcHlyaWdodCAoYykgMTk5

NS0yMDAzIEFoZWFkIFNvZnR3YXJlIGFuZCBpdHMgbGljZW5zb3JzDQp

BZHZyQ250ci5ETEwNCjEsMiwxLCAyMjc4DQpBZHZyQ250ciBNb2R1bG

UNCg0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyXFNIRk9MREVSLmRsbA0KP

iBDOlxQcm9ncmFtXFBpbm5hY2xlXFNoYXJlZCBGaWxlc1xQaXhpZVxQ

aXhpZS5kbGwNCg0KUGlubmFjbGUgU3lzdGVtcywgSW5jLg0KUGl4aWU

gRHluYW1pYyBMaW5rIExpYnJhcnkNCjUsIDMsIDAsIDk4DQpQaXhpZU

RMTA0KQ29weXJpZ2h0IChDKSAyMDAzIFBpbm5hY2xlIFN5c3RlbXMsI

EluYy4NClBpeGllLmRsbA0KNSwgMywgMCwgOTgNClBpeGllNVNESw0K

DQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcTDNDT0RFQ0EuQUNNDQoNCkZ

yYXVuaG9mZXIgSW5zdGl0dXQgSW50ZWdyaWVydGUgU2NoYWx0dW5nZW

4gSUlTDQpNUEVHIExheWVyLTMgQXVkaW8gQ29kZWMgZm9yIE1TQUNND

QoxLCA5LCAwLCAwMzA1DQpsM2NvZGVjLmFjbQ0KQ29weXJpZ2h0IKkg

MTk5Ni0xOTk5IEZyYXVuaG9mZXIgSW5zdGl0dXQgSW50ZWdyaWVydGU

gU2NoYWx0dW5nZW4gSUlTDQpsM2NvZGVjLmFjbQ0KMSwgMCwgMCwgMA

0KTVBFRyBMYXllci0zIEF1ZGlvIENvZGVjIGZvciBNU0FDTQ0KDQo+I

EM6XFByb2dyYW1cQWRvYmVcQWNyb2JhdCA3LjBcQWN0aXZlWFxBY3Jv

SUVIZWxwZXIuZGxsDQoNCkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGV

kDQpBZG9iZSBBY3JvYmF0IElFIEhlbHBlciBWZXJzaW9uIDcuMCBmb3

IgQWN0aXZlWA0KNy4wLjcuMjAwNjAxMTIwMA0KQWNyb0lFSGVscGVyD

QpDb3B5cmlnaHQgMTk4NC0yMDA2IEFkb2JlIFN5c3RlbXMgSW5jb3Jw

b3JhdGVkIGFuZCBpdHMgbGljZW5zb3JzLiBBbGwgcmlnaHRzIHJlc2V

ydmVkLg0KQWNyb0lFSGVscGVyLkRMTA0KNywgMCwgMCwgMA0KQWNyb0

lFSGVscGVyIExpYnJhcnkNCg0KPiBDOlxXSU5ET1dTXHN5c3RlbTMyX

HNoaW1ndncuZGxsDQo+IEM6XFByb2dyYW1cTWljcm9zb2Z0IE9mZmlj

ZVxPRkZJQ0UxMVxtc29oZXYuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGV

tMzJcd21wc2hlbGwuZGxsDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcc2

htZWRpYS5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxBVklGSUwzM

i5kbGwNCj4gQzpcV0lORE9XU1xzeXN0ZW0zMlxxZWRpdC5kbGwNCj4g

QzpcV0lORE9XU1xzeXN0ZW0zMlxxdWFydHouZGxsDQo+IEM6XFdJTkR

PV1Ncc3lzdGVtMzJcZGV2ZW51bS5kbGwNCj4gQzpcV0lORE9XU1xzeX

N0ZW0zMlxEVm9iU3ViLmF4DQpWaXNpdCBodHRwOi8vdm9ic3ViLmVkZ

W5zcmlzaW5nLmNvbSBmb3IgdXBkYXRlcy4NCkdhYmVzdA0KRGlyZWN0

Vm9iU3ViDQoyLCAwLCAyMywgMA0KRGlyZWN0Vm9iU3ViDQpDb3B5cml

naHQgKEMpIDIwMDEtMjAwMiBHYWJlc3QNCkRpcmVjdFZvYlN1Yi5ETE

wNCjIsIDAsIDIzLCAwDQpEaXJlY3RWb2JTdWINCg0KPiBDOlxXSU5ET

1dTXHN5c3RlbTMyXHZvYnN1Yi5kbGwNClZpc2l0IGh0dHA6Ly92b2Jz

dWIuZWRlbnNyaXNpbmcuY29tIGZvciB1cGRhdGVzDQpHYWJlc3QNCnZ

vYnN1Yg0KMiwgMCwgMjMsIDANCnZvYnN1Yg0KQ29weXJpZ2h0IChDKS

AyMDAwLTIwMDIgR2FiZXN0DQp2b2JzdWIuRExMDQoyLCAwLCAyMywgM

A0Kdm9ic3ViIER5bmFtaWMgTGluayBMaWJyYXJ5DQoNCj4gQzpcV0lO

RE9XU1xzeXN0ZW0zMlxNRkM0MnUuRExMDQo+IEM6XFdJTkRPV1Ncc3l

zdGVtMzJcT0xFUFJPMzIuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMz

JcTUZDNDJMT0MuRExMDQo+IEM6XFdJTkRPV1Ncc3lzdGVtMzJcUmVhb

E1lZGlhU3BsaXR0ZXIuYXgNCmh0dHA6Ly9nYWJlc3Qub3JnLw0KR2Fi

ZXN0DQpSZWFsTWVkaWEgU3BsaXR0ZXINCjEsIDAsIDEsIDENClJlYWx

NZWRpYSBTcGxpdHRlcg0KQ29weXJpZ2h0IChDKSAyMDAzLTIwMDUNCl

JlYWxNZWRpYVNwbGl0dGVyLmF4DQoxLCAwLCAxLCAxDQpSZWFsTWVka

WEgU3BsaXR0ZXINCg0KPiBDOlxQcm9ncmFtXERlbGFkZSBmaWxlclxB

aGVhZFxEU0ZpbHRlclxOZVZpZGVvLmF4DQoNCk5lcm8gQUcNCk1QRUc

tMS8yLzQgJiBBVkMgdmlkZW8gZGVjb2RlciB3LyBEeFZBDQozLCAyLC

AwLCAwDQpDb3B5cmlnaHQgKGMpIDE5OTUtMjAwNSBOZXJvIEFHIGFuZ

CBpdHMgbGljZW5zb3JzDQpOZVZpZGVvLmF4DQoyLCAwLCAyLCAzMw0K

TmVybyBTaG93VGltZQ0KDQo+IEM6XFByb2dyYW1cUGlubmFjbGVcU2h

hcmVkIEZpbGVzXEZpbHRlclxQQ0xFTVBFR1ZpZGVvRGVjb2RlcjIuYX

gNCg0KUGlubmFjbGUgU3lzdGVtcyBHbWJIDQpEaXJlY3RTaG93IE1QR

UcgMS8yIFZpZGVvIERlY29kZXIgRmlsdGVyDQoxLCA3LCAwLCAyMg0K

KGMpIDE5OTktMjAwNCBieSBQaW5uYWNsZSBTeXN0ZW1zIEdtYkgNClB

jbGVNcGVnRGVjLmF4DQoxLCA3LCAwLCAyMg0KUGlubmFjbGUgTVBFRy

BWaWRlbyBEZWNvZGVyDQo=

[/log]

 

jag vet inte om de har med de ändringarna jag gjorde eller vad det kan vara?

 

sen så har jag även gjort en ny Hijackthis log:

 

[log]Logfile of HijackThis v1.99.1

Scan saved at 19:58:17, on 2007-02-17

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

C:\WINDOWS\system32\CTsvcCDA.exe

c:\program\pinnacle\mediac~1\epgspo~2.exe

C:\Program\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe

C:\Norman\Bin\Zanda.exe

C:\Program\PC Auto Shutdown\ShutdownService.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wdfmgr.exe

C:\WINDOWS\system32\MsPMSPSv.exe

c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe

C:\Norman\bin\NJEEVES.EXE

C:\Norman\Nvc\bin\nvcoas.exe

C:\Norman\Nvc\BIN\nipsvc.exe

C:\Norman\Nvc\BIN\NVCSCHED.EXE

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe

C:\WINDOWS\system32\CTHELPER.EXE

C:\WINDOWS\system32\PRISMSTA.EXE

C:\Norman\bin\ZLH.EXE

C:\Program\HP\HP Software Update\HPWuSchd2.exe

C:\Program\D-Tools\daemon.exe

C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

C:\Program\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

C:\Norman\Nvc\BIN\NIP.EXE

C:\Norman\Nvc\bin\cclaw.exe

C:\Program\HP\Digital Imaging\bin\hpqSTE08.exe

C:\Program\Azureus\Azureus.exe

C:\Program\MSN Messenger\msnmsgr.exe

C:\Norman\Nvc\BIN\NVCOD.EXE

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\system32\drwtsn32.exe

C:\WINDOWS\explorer.exe

C:\Program\Internet Explorer\iexplore.exe

C:\Program\Hijackthis\HijackThis.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telia.se/privat/frame.do?mainFrame=/index.do

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar

O1 - Hosts: 193.111.68.150 l2authd.lineage2.com

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O4 - HKLM\..\Run: [Genväg till egenskapssida för High Definition Audio] HDAShCut.exe

O4 - HKLM\..\Run: [ATIPTA] C:\Program\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r

O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg

O4 - HKLM\..\Run: [PRISMSTA.EXE] PRISMSTA.EXE START

O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH

O4 - HKLM\..\Run: [HP Software Update] C:\Program\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE

O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [updateMgr] "C:\Program\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1

O4 - Startup: Adobe Gamma.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program\Delade filer\Adobe\Calibration\Adobe Gamma Loader.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: Service Manager.lnk = C:\Program\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_10\bin\ssv.dll

O9 - Extra button: Referensinformation - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program\Delade filer\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL

O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.3.102.cab

O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\Program\MSNMES~1\msgrapp.dll" (file missing)

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program\Delade filer\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe

O23 - Service: Pinnacle Systems tvtv Spooler (EpgSpooler) - - c:\program\pinnacle\mediac~1\epgspo~2.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\1050\Intel 32\IDriverT.exe

O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE

O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe

O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE

O23 - Service: PCAutoShutdown_Service - Unknown owner - C:\Program\PC Auto Shutdown\ShutdownService.exe

O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program\pinnacle\shared files\programs\mediaserver\pmshost.exe

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

 

[/log]

 

Link to comment
Share on other sites

 

> felmedelande som såg ut såhär: <

 

Ingen aning vad detta är.

 

> jag vet inte om de har med de ändringarna jag gjorde eller vad det kan vara? <

 

Ser inget som du har stoppat som skulle skapa problem,men pröva att återställa detta i autostart.

 

O4 - HKLM\..\Run: [PMCS] C:\Program\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe -host -clearDebug

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.



×
×
  • Create New...