Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

impossible to delete (1.exe +++)

Started by peakperformance , Mar 23 2005 08:56 AM

  • Please log in to reply

#1
peakperformance
Posted 23 March 2005 - 08:56 AM

peakperformance

    New Member

  • Member
  • Pip
  • 5 posts
Hi!

I really hope you'll be able to help, it would be very much appreciated.

It started a few days ago.

Explorer is running slow, when a site is loaded it seems to freeze for a few seconds and then loaded again...

There are links created in the textfields. ie. if there are words like computer, money etc in a email this becomes a link...

The homepage is set to quicksearch. (this has been fixed now)

Pop ups are appearing every now and then, seems to be on random.

Some links are created on the desktop (this was fixed but then appeared again and now it might be fixed)...


The system is slower, this may also be due to the programs I have downloaded to help with the problem. I have used adaware and spybot, but as they did not get rid of the problem, I uninstalled them. Now I'm running webroot spysweeper, cwshredder & spysubtracter. They have detected and deleted some problems.

Here is the log of Hijackthis:

Logfile of HijackThis v1.99.1
Scan saved at 15:36:12, on 23.03.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Programfiler\Apoint2K\Apoint.exe
C:\WINDOWS\System32\TPWRTRAY.EXE
C:\Programfiler\TOSHIBA\TOSHIBA-kontroller\TFncKy.exe
C:\Programfiler\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\Programfiler\Microsoft Works\WksSb.exe
C:\WINDOWS\System32\SXCPL.EXE
C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\Java\j2re1.4.2_05\bin\jusched.exe
C:\Norman\bin\ZLH.EXE
C:\Programfiler\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programfiler\Fellesfiler\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Programfiler\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Programfiler\Apoint2K\Apntex.exe
C:\Norman\Bin\Zanda.exe
C:\WINDOWS\System32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\WINDOWS\system32\ZONELABS\minilog.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\nipsvc.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Programfiler\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Documents and Settings\Christine\Mine dokumenter\download\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\System32\rtneg2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Programfiler\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programfiler\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Programfiler\Microsoft Works\WksSb.exe /AllUsers
O4 - HKLM\..\Run: [SXCPL] SXCPL.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Programfiler\Fellesfiler\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programfiler\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [NavRegReminder] "C:\WINDOWS\temp\NavBrowser.exe" /r /i "C:\WINDOWS\temp\NavLoad.ini"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] "C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Works Calendar Reminders.lnk = ?
O4 - Global Startup: Påminnelser for Microsoft Works Kalender.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Programfiler\Zone Labs\ZoneAlarm\zonealarm.exe
O4 - Global Startup: formZ Render Server.lnk = C:\formz\formZ\formZ\formZ Render Server v4.0.0\formZ Render Server.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: LotusMenu - https://www.ria.sas....nu/menudisp.cab
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://www.skandiab....0/xenrlinf.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1111530393318
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\minilog.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe



Thanks for helpful inputs!
håvard
  • 0

Advertisements

#2
peakperformance
Posted 23 March 2005 - 09:03 AM

peakperformance

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
I forgot to add that I have installed security updates etc. from microsoft. With the exceptoin of sp2, as this was not adviced to do before all spyware were romoved.


system info:

Toshiba Satellite laptop
windows xp sp1

harddrive 18gb, 8 free

256 Ram

Internet connection: adsl, 1500kb/s, fixed ip adresse...
  • 0

#3
amunra
Posted 23 March 2005 - 09:05 AM

amunra

    Member

  • Member
  • PipPipPip
  • 112 posts
have you scaned your computer with spybot and adaware yet?
  • 0

#4
peakperformance
Posted 23 March 2005 - 09:19 AM

peakperformance

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
Yes I did. they found some issues and deleted them, but the problems continued.

I ran a scan with them yesterday without any results, I then uninstalled them thinking that spysubtracter and spysweeper were more capable of fixing it. They fixed some more thing that spybot/adaware overlooked. However the problem goes on... !

Håvard
  • 0

#5
peakperformance
Posted 23 March 2005 - 11:48 AM

peakperformance

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
update:
Today it seems to get worse. Several times it blocks explorer to access sites on the internet.

I've tried various anti programs but nothing works.

I've also tried deleting files manually, but a few minutes later they seem to resurrect...


Strangest thing!


Patiently awaiting the white knight in armor!
  • 0

#6
amunra
Posted 23 March 2005 - 05:13 PM

amunra

    Member

  • Member
  • PipPipPip
  • 112 posts
Do you have the free version of spysweeper? If so they tell you that you have spyware in your computer even if you don't, then they want you to purchase thier product to be able to remove those.
  • 0

#7
peakperformance
Posted 24 March 2005 - 12:00 PM

peakperformance

    New Member

  • Topic Starter
  • Member
  • Pip
  • 5 posts
:tazz:


I do have the trial version of Spy Sweeper.

Yesterday I ran a scan with it and found shopathomeselect adware...

After deleting this everything seemed fine.

Everything was running smoothly on the pc. I also downloaded firefox which actualy made surfing the internet a dream..

Then, for some curious reason I wanted to try explorer, just to see that everything were ok. So I started it. It seemed better at first. Among other things all the links in the textfields were completely gone, but... After running explorer Shopathomeselect were again installed, and also a link on my desktop with a title like "nospyware".

I deleted them.

Afterwards everything has been slow. It takes forever to do anything, including starting firefox.(40 sec..) A sweep with spysweeper has gone from 50 min to 80 min...

I have not used explorer since.

I've been running scans with spysweeper, spysubtracter, adaware and spybot with the latest updates. Nothing is found...

Actually adaware does not have the latest detection update, because when this is downloaded there is an error message saying adaware cannot read the file...

I've also tried winpatrol, and although I've managed to free some resources I cannot detect any adaware... It is a mystery...

;)
It should proove to be an interesting crimescene for any curious detective


Here is the new Hijackthis log: ;)

Logfile of HijackThis v1.99.1
Scan saved at 18:37:21, on 24.03.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Programfiler\Apoint2K\Apoint.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Programfiler\TOSHIBA\TOSHIBA-kontroller\TFncKy.exe
C:\Programfiler\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\SXCPL.EXE
C:\Programfiler\QuickTime\qttask.exe
C:\Programfiler\Java\j2re1.4.2_05\bin\jusched.exe
C:\Norman\bin\ZLH.EXE
C:\Programfiler\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
C:\Programfiler\Apoint2K\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Programfiler\Messenger\msmsgs.exe
C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe
C:\WINDOWS\System32\ATMsrvc.exe
C:\Programfiler\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Norman\Bin\Zanda.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\Tablet.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\WINDOWS\system32\ZONELABS\minilog.exe
C:\Norman\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\BIN\nipsvc.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\Documents and Settings\Christine\Mine dokumenter\download\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.no/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koblinger
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programfiler\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Programfiler\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: (no name) - {82315A18-6CFB-44a7-BDFD-90E36537C252} - (no file)
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} - C:\WINDOWS\System32\rtneg2.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [Apoint] C:\Programfiler\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 10
O4 - HKLM\..\Run: [TosHKCW.exe] C:\Programfiler\TOSHIBA\Wireless Hotkey\TosHKCW.exe
O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Programfiler\Microsoft Works\WkDetect.exe
O4 - HKLM\..\Run: [SXCPL] SXCPL.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programfiler\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Programfiler\Java\j2re1.4.2_05\bin\jusched.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Programfiler\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [NavRegReminder] "C:\WINDOWS\temp\NavBrowser.exe" /r /i "C:\WINDOWS\temp\NavLoad.ini"
O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BILLPS~1\WINPAT~1\winpatrol.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programfiler\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [SpySweeper] "C:\Programfiler\Webroot\Spy Sweeper\SpySweeper.exe" /0
O4 - Global Startup: Microsoft Office.lnk = C:\Programfiler\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:\Programfiler\Zone Labs\ZoneAlarm\zonealarm.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programfiler\Fellesfiler\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Programfiler\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programfiler\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Programfiler\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: LotusMenu - https://www.ria.sas....nu/menudisp.cab
O16 - DPF: {127698E4-E730-4E5C-A2B1-21490A70C8A1} (CEnroll Class) - https://www.skandiab....0/xenrlinf.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....738&clcid=0x409
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupd...b?1111530393318
O23 - Service: Adobe LM Service - Adobe Systems - C:\Programfiler\Fellesfiler\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ATM Service (ATMsrvc) - Adobe Systems Incorporated - C:\WINDOWS\System32\ATMsrvc.exe
O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\minilog.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\System32\Tablet.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZONELABS\vsmon.exe
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP