Clean Up ;)

Having software/hardware problems? Get help here!

Clean Up ;)

Postby [Aliens]Falconer » Thu Dec 13, 2007 11:04 pm

Thanx mate! Here's my log file as requested:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:01:40, on 2007-12-14
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program\Razer\Diamondback\razerhid.exe
C:\Program\Ideazon\ZEngine\Zboard.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\Norton Internet Security\ISSVC.exe
C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program\Razer\Diamondback\razertra.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Razer\Diamondback\razerofa.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Delade filer\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.se/0SESVSE/SAOS02
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tradera.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [Zboard] C:\Program\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 7841 bytes
Image
Image
---------------------------------------------------------------
"Son, how would you like to play for Man United?"
"No thanks sir. I've had a better offer."
"What could be better than Man United?"
"Man City!"
---------------------------------------------------------------
User avatar
[Aliens]Falconer
WoW FTW!
WoW FTW!
 
Posts: 1600
Joined: Thu Oct 19, 2006 6:02 pm
Location: Jämshög, Sweden

Postby [Aliens]kronenbourg » Fri Dec 14, 2007 6:59 pm

Okay, there are some entries that could be legit/malware, but have a feeling they're okay. However, lets make sure.


Download ComboFix from Here or Here to your Desktop.
  • Double click combofix.exe and follow the prompts.
  • When finished, it shall produce a log for you. Post that log and a HiJackthis log in your next reply
Note: Do not mouseclick combofix's window while its running. That may cause it to stall
Image

Image
User avatar
[Aliens]kronenbourg
Lieutenant General
Lieutenant General
 
Posts: 4665
Joined: Thu Oct 19, 2006 7:20 am
Location: Bradford, England

Postby [Aliens]Falconer » Thu Dec 20, 2007 10:27 pm

Here's Combofix's log file:

ComboFix 07-12-21.4 - Everlonn 2007-12-20 23:21:17.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1053.18.1414 [GMT 1:00]
Running from: C:\Documents and Settings\Everlonn\Skrivbord\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2007-11-21 to 2007-12-21 )))))))))))))))))))))))))))))))
.

2007-12-14 00:01 . 2007-12-14 00:01 <KAT> d-------- C:\Program\Trend Micro
2007-12-09 22:17 . 2007-12-09 22:17 17,094 --a------ C:\WINDOWS\system32\ealregsnapshot1.reg
2007-12-09 21:43 . 2007-12-09 21:43 <KAT> d-------- C:\Program\Apple Software Update
2007-12-09 21:43 . 2007-12-09 21:43 <KAT> d-------- C:\Documents and Settings\All Users\Application Data\Apple
2007-12-08 02:59 . 2007-12-18 21:57 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2007-12-08 02:59 . 2007-12-08 02:59 1,409 --a------ C:\WINDOWS\QTFont.for
2007-12-02 00:30 . 2007-12-09 21:34 <KAT> d-------- C:\WINDOWS\system32\QuickTime
2007-12-02 00:30 . 2004-11-08 20:01 360,504 --a------ C:\WINDOWS\system32\qtplugin.ocx
2007-11-30 22:43 . 2007-11-30 22:43 <KAT> d-------- C:\Program\SymNetDrv

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2007-12-21 22:22 --------- d-----w C:\Program\Delade filer\Symantec Shared
2007-12-20 22:10 --------- d--h--w C:\Program\InstallShield Installation Information
2007-12-20 22:10 --------- d-----w C:\Documents and Settings\Everlonn\Application Data\Ice Age 2
2007-12-20 12:55 22,328 ----a-w C:\WINDOWS\system32\drivers\PnkBstrK.sys
2007-12-20 12:53 107,832 ----a-w C:\WINDOWS\system32\PnkBstrB.exe
2007-12-19 14:00 --------- d-----w C:\Documents and Settings\Everlonn\Application Data\uTorrent
2007-12-17 16:59 43,520 ----a-w C:\WINDOWS\system32\CmdLineExt03.dll
2007-12-09 20:48 --------- d-----w C:\Program\QuickTime
2007-12-04 18:21 --------- d-----w C:\Program\M3 GAME Manager
2007-11-30 21:43 --------- d-----w C:\Program\Symantec
2007-11-16 21:41 66,872 ----a-w C:\WINDOWS\system32\PnkBstrA.exe
2007-11-15 23:09 22,328 ----a-w C:\Documents and Settings\Everlonn\Application Data\PnkBstrK.sys
2007-11-15 22:09 --------- d-----w C:\Program\Ventrilo
2007-11-15 22:08 --------- d-----w C:\Program\Delade filer\Wise Installation Wizard
2007-11-01 22:27 --------- d-----w C:\Documents and Settings\Everlonn\Application Data\Ideazon
2007-11-01 22:26 --------- d-----w C:\Program\Ideazon
2004-03-11 11:27 40,960 ----a-w C:\Program\Uninstall_CDS.exe
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 09:34]
"RemoteCenter"="C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE" [2003-10-08 15:35]
"MsnMsgr"="C:\Program\MSN Messenger\MsnMsgr.exe" [2007-01-19 11:55]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="RUNDLL32.exe" [2004-08-04 09:34 C:\WINDOWS\system32\rundll32.exe]
"nwiz"="nwiz.exe" [2005-07-20 20:07 C:\WINDOWS\system32\nwiz.exe]
"CTSysVol"="C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe" [2003-09-17 09:43]
"CTDVDDET"="C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE" [2003-06-18 00:00]
"CTHelper"="CTHELPER.EXE" [2003-10-06 07:57 C:\WINDOWS\system32\CTHELPER.EXE]
"SBDrvDet"="C:\Program\Creative\SB Drive Det\SBDrvDet.exe" [2002-12-03 17:06]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 00:00]
"CTRegRun"="C:\WINDOWS\CTRegRun.EXE" [1999-10-11 02:00]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 10:50]
"ccApp"="C:\Program\Delade filer\Symantec Shared\ccApp.exe" [2007-01-08 17:03]
"RemoteControl"="C:\Program\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 19:24]
"NvMediaCenter"="RUNDLL32.exe" [2004-08-04 09:34 C:\WINDOWS\system32\rundll32.exe]
"SunJavaUpdateSched"="C:\Program\Java\j2re1.4.2_03\bin\jusched.exe" [2003-11-19 16:48]
"Diamondback"="C:\Program\Razer\Diamondback\razerhid.exe" [2007-02-14 10:15]
"Zboard"="C:\Program\Ideazon\ZEngine\Zboard.exe" [2007-07-25 13:25]
"Symantec NetDriver Monitor"="C:\Program\SYMNET~1\SNDMon.exe" [2007-11-30 22:43]
"QuickTime Task"="C:\Program\QuickTime\qttask.exe" [2007-02-16 10:54]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-08-04 09:34]

R2 PfDetNT;PfDetNT;C:\WINDOWS\System32\drivers\PfModNT.sys [2003-03-05 11:19]
R3 Alpham1;Ideazon ZBoard USB Human Interface Device;C:\WINDOWS\system32\DRIVERS\Alpham1.sys [2007-07-23 10:56]
R3 Alpham2;Ideazon ZBoard MM USB Human Interface Device;C:\WINDOWS\system32\DRIVERS\Alpham2.sys [2007-03-20 12:49]
R3 Razerlow;Razerlow USB Filter Driver;C:\WINDOWS\system32\Drivers\Razerlow.sys [2005-04-24 21:43]
S2 SFC4;SFC4;C:\WINDOWS\system32\drivers\SFC4.sys []
S3 StMp3Rec;%SvcDesc%;C:\WINDOWS\system32\Drivers\StMp3Rec.sys [2005-05-13 07:00]

*Newly Created Service* - CATCHME
*Newly Created Service* - PNKBSTRK
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder
"2007-12-17 21:45:02 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job"
- C:\Program\Apple Software Update\SoftwareUpdate.exe
"2007-12-14 20:54:17 C:\WINDOWS\Tasks\Norton AntiVirus - Scan my computer - Everlonn.job"
- C:\Program\NORTON~1\NORTON~1\Navw32.exeh/task:
.
**************************************************************************

catchme 0.3.1333 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-12-21 23:22:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2007-12-21 23:23:21
.
2007-07-20 00:41:13 --- E O F ---


And here's HijackThis's log file:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:26:53, on 2007-12-21
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program\Razer\Diamondback\razerhid.exe
C:\Program\Ideazon\ZEngine\Zboard.exe
C:\Program\QuickTime\qttask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
C:\Program\MSN Messenger\MsnMsgr.Exe
C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program\Delade filer\Symantec Shared\ccProxy.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program\Norton Internet Security\ISSVC.exe
C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Razer\Diamondback\razertra.exe
C:\Program\Razer\Diamondback\razerofa.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\notepad.exe
C:\Program\internet explorer\iexplore.exe
C:\Program\Delade filer\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Program\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tradera.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program\Delade filer\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [CTSysVol] C:\Program\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] C:\Program\Creative\SBAudigy2ZS\DVDAudio\CTDVDDet.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [SBDrvDet] C:\Program\Creative\SB Drive Det\SBDrvDet.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] C:\Program\CyberLink\PowerDVD\PDVDServ.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [Diamondback] C:\Program\Razer\Diamondback\razerhid.exe
O4 - HKLM\..\Run: [Zboard] C:\Program\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RemoteCenter] C:\Program\Creative\MediaSource\RemoteControl\RCMan.EXE
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOKAL TJÄNST')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program\Delade filer\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program\Norton Internet Security\ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: WinFast(R) Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 7773 bytes


Thanx a million, mate!!! :o :o :o
Image
Image
---------------------------------------------------------------
"Son, how would you like to play for Man United?"
"No thanks sir. I've had a better offer."
"What could be better than Man United?"
"Man City!"
---------------------------------------------------------------
User avatar
[Aliens]Falconer
WoW FTW!
WoW FTW!
 
Posts: 1600
Joined: Thu Oct 19, 2006 6:02 pm
Location: Jämshög, Sweden

Postby [Aliens]kronenbourg » Sat Jan 12, 2008 7:42 pm

Just to let you know, I'll look at this fully tomorrow 8)
Image

Image
User avatar
[Aliens]kronenbourg
Lieutenant General
Lieutenant General
 
Posts: 4665
Joined: Thu Oct 19, 2006 7:20 am
Location: Bradford, England

Postby [Aliens]Falconer » Sun Jan 13, 2008 7:55 pm

[Aliens]kronenbourg wrote:Just to let you know, I'll look at this fully tomorrow 8)

8)
Image
Image
---------------------------------------------------------------
"Son, how would you like to play for Man United?"
"No thanks sir. I've had a better offer."
"What could be better than Man United?"
"Man City!"
---------------------------------------------------------------
User avatar
[Aliens]Falconer
WoW FTW!
WoW FTW!
 
Posts: 1600
Joined: Thu Oct 19, 2006 6:02 pm
Location: Jämshög, Sweden

Postby [Aliens]kronenbourg » Sun Jan 13, 2008 11:27 pm

Well, that's clean. So, lets do something else, for the old cleanup:

Open HijackThis and click on "Config" and then on the "Misc Tools" button. Click on the "Open Uninstall Manager" button. Click the "Save List" botton. Copy and paste that list here please.

Then, we'll see what you don't need, as that can help. Also, we'll clean up the starting programs, and do some other bits of cleaning.

After that, we'll look at the Quicktime problem.
Image

Image
User avatar
[Aliens]kronenbourg
Lieutenant General
Lieutenant General
 
Posts: 4665
Joined: Thu Oct 19, 2006 7:20 am
Location: Bradford, England

Postby [Aliens]kronenbourg » Sun Feb 03, 2008 2:59 pm

Hi mate

Further to what I posted above, lets also look at the graphics card.

Control Panel | System | Device Manager. Under Display will be the name of your video card. Then, rightclick and choose Properties, Driver tab. Whats the version?

Is this the system that is also having problems with BF2?

If so, I know you've re-installed it already, so lets look at the DirectX.

Go to Start | Run, and type DXDIAG. In the first tab will be the version number.

Then, click on the DirectX Files tab. Anything in the bottom box?

Same with the other tabs, and test the Display, Sound, Music, as well as looking in the boxes.

Also, lets see a list of your IRQ's.

Go to Start | Run and type MSINFO32

In there, click on the left to expand Hardware Rescources, and then IRQ. Click Edit | Select All, Edit | Copy, and Paste in your reply here.

Also, do the same for the Conflicts folder.

Kro
Image

Image
User avatar
[Aliens]kronenbourg
Lieutenant General
Lieutenant General
 
Posts: 4665
Joined: Thu Oct 19, 2006 7:20 am
Location: Bradford, England

Postby Fusion » Sun Feb 03, 2008 5:09 pm

Frig me Kro, Speak English will ya! :lol: :lol: :rofl:
Image
User avatar
Fusion
Staff Sergeant
Staff Sergeant
 
Posts: 157
Joined: Wed Oct 18, 2006 5:16 pm


Return to Tech-support

Who is online

Users browsing this forum: No registered users and 1 guest

cron