AVG päivitys ongelma (taas)

Tätä tullu jo pitkään.

 

Sekä toinen outo juttu oon huomannu:

Miksi SYSTEM on noin kovaa menossa koko ajan?? :OO
Yleensä SYSTEM on alimpana viemäs vähiten koneen resursseja mutta nyt eilen tai 2 päivää sitte huomasin et se on alkanu olemaa TÄYSISSÄ ekana tuolla listassa. Mistähän johtuu??




(Mozillan avasin just samaa aikaa ko otin kuvan ni siks näyttää että se rasittas hirveesti )

 

Tosta system on hankala sanoa mitään, mutta miten olisi Avast ?

 

Tuo Systemin muistinkäyttö on ihan normaali. Itsellänikin 61 megaa tällä hetkellä. Ja tuon AVG:n kanssa on useinkin noita update ongelmia. Yritä huomenna uudestaan niin eiköhän toimi.

 

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

============

Lataa TÄSTÄ HJTInstall.exe

* Tallenna HJTInstall.exe työpöydällesi.
* Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
* Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
* Klikkaa Install.
* Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
* Kun asennus on valmis, se käynnistää HijackThisin.
* Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
* Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
* Liitä lokin sisältö seuraavaan vastaukseesi.
* ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
* ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.

============

Luo poistolista:
• Avaa HiJackThis
• Klikkaa "Configure" valintaa oikealla alhaalla
• Klikkaa "Misc Tools"
• Klikkaa boxia joka sanoo "Uninstall Manager"
• Klikkaa valintaa "Save list"
• Kopioi ja liitä kyseinen lista muistiosta ketjuusi

 

HiJack:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:18:18, on 11.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Janin\ZoneAlarm\zlclient.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Janin\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Janin\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\Windows Live\Messenger\usnsvc.exe
c:\windows\system\hpsysdrv.exe
E:\Janin\Hyöty\BSplayer\bsplayer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\ZoneAlarmSB\bar\1.bin\SPYBLOCK.DLL
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Janin\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CurseClient] C:\Janin\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Janin\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Janin\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Janin\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Unknown owner - C:\Documents and Settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Documents and Settings\HP_Administrator\Desktop\xampp-win32-1.6.6a\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSCService - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 10960 bytes



Malwarella oon tarkistanu jokunen aika sit koneen ja kaveri sano sillo et ei oo ainaka mitn. (se on joku datanomi / jotn muuta eli osaa kyl hommansa )

 

laita se poistolista

 

Uninstall_list.txt



7-Zip 4.57
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 7.0 - Suomi
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced WindowsCare 2.57 Personal
Air Shark 2
AruaROSE
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Free 8.0
BS.Player FREE powered by AdVantage
Canon MP Navigator EX 1.0
Canon MP210 series
Canon MP210 series -käyttäjän rekisteröinti
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
CDBurnerXP
CDDRV_Installer
Command & Conquer Red Alert 2
Creative PC-CAM Center
Creative WebCam Monitor
Creative WebCam NX Pro Driver (1.00.06.0512)
Curse Client
Diablo II
Dofus 1.25.0
Dofus-Arena
erLT
FEAR
GemMaster Mystic
Google Toolbar for Internet Explorer
Guild Wars
Half-Life 2: Deathmatch
Half-Life(R) 2
Hero Editor V0.96
Heroes of Might and Magic IV: Winds of War
Heroes of Might and Magic V
Heroes of Might and Magic® III Complete
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP DVD Play 1.0
HP Imaging Device Functions 6.0
HP Multimedia Keyboard Software
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart for Media Center PC
HP Photosmart -kamerat 5.0
HP Photosmart Premier Software 6.0
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HyperCam 2
J2SE Runtime Environment 5.0 Update 5
Java DB 10.3.1.4
Java(TM) 6 Update 11
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Java(TM) SE Development Kit 6 Update 6
KhalInstallWrapper
Left 4 Dead
Localization Pack for Microsoft Windows XP Media Center Edition
Logitech Desktop Messenger
Logitech SetPoint
Magic Video Converter Trial Version (English) 8.0.2.18
MainConcept for Software Encoder
Malwarebytes' Anti-Malware
Memory and CPU Observer 2.3 Alpha
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Word 2000 SR-1
Mozilla Firefox (3.0.5)
MSRedist
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
MUI Help Package - FIN
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton Internet Security 2006 (Symantec Corporation)
Oblivion
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00
Otto
Pando Media Booster
PC Connectivity Solution
PDF Settings
Populous: The Beginning
PoxNora 1.4.7.0
PS2
PSP Video Converter 3
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960714)
SelfImage 1.2.1
Skype™ 3.6
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SonicStage 3.4
SPBBC
SPORE™
Steam
SymNet
System Requirements Lab
TeamSpeak 2 RC2
TeamViewer 3
THE SETTLERS - Rise of an Empire (All products)
Titan Quest
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Wakfu
VC 9.0 Runtime
VideoLAN VLC media player 0.8.6f
Winamp
Windows Live installer
Windows Live Messenger
Windows Liven kirjautumisavustaja
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
Windowsin ohjainpaketti - Nokia Modem (08/03/2007 6.84.0.2)
Windowsin ohjainpaketti - Nokia Modem (10/12/2007 3.6)
WinRAR archiver
World of Warcraft
World of Warcraft FREE Trial
Worms World Party
XVID MPEG-4 CODEC
Zombie Shooter (Òîëüêî Óäàëåíèå)
ZoneAlarm
ZoneAlarm Spy Blocker

 

Poista lisää poista sovelutuksesta

J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Logitech Desktop Messenge
Norton Internet Security 2006 (Symantec Corporation)
ZoneAlarm Spy Blocker

Poista vikasiedossa kansiot

C:\Program Files\ZoneAlarmSB
C:\Janin\Logitech\Desktop Messenger
c:\Program Files\Common Files\Symantec Shared

Scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding

==================

sammuta käynnistä

==================

 

scannaanko Hjt:llä vikasietotilassa vai normi tilassa? vai ihan sama ? :E

 

scannaanko Hjt:llä vikasietotilassa vai normi tilassa? vai ihan sama ? :E

Nortonin poistamisessa:



Apua?

(pääsikö vikasieto tilaan kun koneen käynnistää ja painaa f8 tai jtn sillo? )

 

Okei eli tämä mulle kerrottiin:
Poista lisää poista sovelutuksesta

J2SE Runtime Environment 5.0 Update 5
Java(TM) 6 Update 5
Java(TM) 6 Update 6
Java(TM) 6 Update 7
Logitech Desktop Messenge
Norton Internet Security 2006 (Symantec Corporation)
ZoneAlarm Spy Blocker

Poista vikasiedossa kansiot

C:\Program Files\ZoneAlarmSB
C:\Janin\Logitech\Desktop Messenger
c:\Program Files\Common Files\Symantec Shared

Scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding




Kaikki tehty paitsi

C:\Program Files\ZoneAlarmSB
C:\Janin\Logitech\Desktop Messenger

EI LÖYDY vikasietotilassa tuosta osotteesta :E outo juttu.

Sekä tämän poistaminen ei onnistu kutenka ylempää kuvasta näkyy. otan hijack login tähän nyt viel ko "korjaan" noi sillä.
Norton Internet Security 2006 (Symantec Corporation)

 

Hijack log



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:06:12, on 11.2.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\arservice.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\ARPWRMSG.EXE
C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe
C:\Janin\ZoneAlarm\zlclient.exe
C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\taskmgr.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Janin\Logitech\SetPoint\SetPoint.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Documents and Settings\HP_Administrator\Desktop\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dufpy.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode
O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE
O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe
O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Janin\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CanonSolutionMenu] C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon
O4 - HKLM\..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon
O4 - HKLM\..\Run: [OpwareSE4] "C:\Program Files\ScanSoft\OmniPageSE4\OpwareSE4.exe"
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [CurseClient] C:\Janin\Curse\CurseClient.exe -silent
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Janin\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\ssv.dll
O9 - Extra button: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra 'Tools' menuitem: Yhteysohje - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Apache2.2 - Unknown owner - C:\Documents and Settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - C:\Documents and Settings\HP_Administrator\Desktop\xampp-win32-1.6.6a\xampp\filezillaftp\filezillaserver.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: NSCService - Unknown owner - c:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe (file missing)
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 9877 bytes

Hijack Uninstal_list
7-Zip 4.57
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe ExtendScript Toolkit 2
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Reader 7.0 - Suomi
Adobe Setup
Adobe Setup
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Advanced WindowsCare 2.57 Personal
Air Shark 2
AruaROSE
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
AVG Free 8.0
BS.Player FREE powered by AdVantage
Canon MP Navigator EX 1.0
Canon MP210 series
Canon MP210 series -käyttäjän rekisteröinti
Canon My Printer
Canon Utilities Easy-PhotoPrint EX
Canon Utilities Solution Menu
Catalyst Control Center - Branding
CC_ccProxyExt
ccCommon
CCleaner (remove only)
ccPxyCore
CDBurnerXP
CDDRV_Installer
Command & Conquer Red Alert 2
Creative PC-CAM Center
Creative WebCam Monitor
Creative WebCam NX Pro Driver (1.00.06.0512)
Curse Client
Diablo II
Dofus 1.25.0
Dofus-Arena
erLT
FEAR
GemMaster Mystic
Google Toolbar for Internet Explorer
Guild Wars
Half-Life 2: Deathmatch
Half-Life(R) 2
Hero Editor V0.96
Heroes of Might and Magic IV: Winds of War
Heroes of Might and Magic V
Heroes of Might and Magic® III Complete
High Definition Audio Driver Package - KB888111
HijackThis 2.0.2
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows Media Player 10 (KB910393)
Hotfix for Windows Media Player 11 (KB939683)
Hotfix for Windows XP (KB952287)
HP Boot Optimizer
HP Deskjet Printer Preload
HP DigitalMedia Archive
HP Document Viewer 5.3
HP DVD Play 1.0
HP Imaging Device Functions 6.0
HP Multimedia Keyboard Software
HP Photosmart 330,380,420,470,7800,8000,8200 Series
HP Photosmart for Media Center PC
HP Photosmart -kamerat 5.0
HP Photosmart Premier Software 6.0
HP PSC & OfficeJet 5.3.A
HP PSC & OfficeJet 5.3.B
HP Software Update
HP Solution Center & Imaging Support Tools 5.3
HyperCam 2
Java DB 10.3.1.4
Java(TM) 6 Update 11
Java(TM) SE Development Kit 6 Update 6
KhalInstallWrapper
Left 4 Dead
Localization Pack for Microsoft Windows XP Media Center Edition
Logitech SetPoint
Magic Video Converter Trial Version (English) 8.0.2.18
MainConcept for Software Encoder
Malwarebytes' Anti-Malware
Memory and CPU Observer 2.3 Alpha
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable
Microsoft Word 2000 SR-1
Mozilla Firefox (3.0.5)
MSRedist
MSVC80_x86
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB954430)
MSXML 6.0 Parser (KB933579)
MUI Help Package - FIN
Nokia Connectivity Cable Driver
Nokia PC Suite
Nokia PC Suite
Norton Internet Security 2006 (Symantec Corporation)
Oblivion
OpenMG Limited Patch 4.4-06-13-19-01
OpenMG Secure Module 4.4.00
Otto
Pando Media Booster
PC Connectivity Solution
PDF Settings
Populous: The Beginning
PoxNora 1.4.7.0
PS2
PSP Video Converter 3
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
ScanSoft OmniPage SE 4
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 10 (KB936782)
Security Update for Windows Media Player 11 (KB936782)
Security Update for Windows Media Player 11 (KB954154)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950759)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954459)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956390)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958215)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB960714)
Security Update for Windows XP (KB960715)
SelfImage 1.2.1
Skype™ 3.6
Sonic Express Labeler
Sonic MyDVD Plus
Sonic RecordNow Audio
Sonic RecordNow Copy
Sonic RecordNow Data
Sonic Update Manager
SonicStage 3.4
SPBBC
SPORE™
Steam
SymNet
System Requirements Lab
TeamSpeak 2 RC2
TeamViewer 3
THE SETTLERS - Rise of an Empire (All products)
Titan Quest
Update for Windows Media Player 10 (KB913800)
Update for Windows Media Player 10 (KB926251)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Update for Windows XP (KB953356)
Update for Windows XP (KB955839)
Wakfu
VC 9.0 Runtime
VideoLAN VLC media player 0.8.6f
Winamp
Windows Live installer
Windows Live Messenger
Windows Liven kirjautumisavustaja
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows XP Media Center Edition 2005 KB925766
Windows XP Service Pack 3
Windowsin ohjainpaketti - Nokia Modem (08/03/2007 6.84.0.2)
Windowsin ohjainpaketti - Nokia Modem (10/12/2007 3.6)
WinRAR archiver
World of Warcraft
World of Warcraft FREE Trial
Worms World Party
XVID MPEG-4 CODEC
Zombie Shooter (Òîëüêî Óäàëåíèå)
ZoneAlarm

 

Lataa ja suorita Norton-poistotyökalu

================

Kopioi / liitä seuraava teksti alapuolella tyhjään muistioFiluun
Varmista että tiedoston tyyppi on "all Files" ja tallenna se Poisto.bat. nimisenä
työpöydällesi.

@echo off
sc stop SNDSrvc
sc delete SNDSrvc
sc stop SPBBCSvc
sc delete SPBBCSvc
sc stop "Symantec Core LC"
sc delete "Symantec Core LC"

Tupla-klikkaa Poisto.bat. filua työpöydälläsi , ikkuna avautuu ja Sulkeutuu tämä on normaalia.

 

en pysty poistamaa jos ei oo nortonin CD juttuja? ko se tuli koneen mukana joku puolen vuoden ilmanen kokeilu juttu nortonin palomuuri tai jtn.
Mul ei oo mitn CD siit

 

Ei nortonin poisto mitään cd:tä tarvii


1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

Älä asenna palautus consolia
2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

Nortoni jutut on nyt poistettu Kiitän!.

ComboFix 09-02-10.03 - HP_Administrator 2009-02-11 19:28:34.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.578 [GMT 2:00]
Sijainti: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *enabled*
* Uusi palautuspiste luotu
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-11 to 2009-02-11 )))))))))))))))))
.

2009-02-11 19:26 . 2009-02-11 19:27 <DIR> d-------- C:\32788R22FWJFW
2009-02-11 19:22 . 2009-02-11 19:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-02-10 11:11 . 2009-02-10 11:11 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2009-02-10 11:11 . 2009-02-10 11:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-10 11:11 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-10 11:11 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-10 10:51 . 2009-02-11 18:47 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-10 10:51 . 2009-02-10 10:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-10 10:51 . 2009-02-10 10:51 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-10 10:51 . 2009-02-10 10:51 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-10 10:51 . 2009-02-10 10:51 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-01 15:25 . 2009-02-01 15:24 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-30 08:19 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2009-01-28 10:40 . 2009-01-28 10:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-01-28 10:32 . 2009-01-28 10:40 <DIR> d-------- c:\program files\ATI
2009-01-27 18:49 . 2009-01-27 18:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2009-01-26 11:56 . 2009-01-26 11:56 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Canneverbe_Limited
2009-01-19 08:03 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2009-01-19 08:03 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2009-01-19 08:03 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2009-01-19 08:01 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-01-19 08:01 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-01-19 07:59 . 2009-01-19 07:59 <DIR> d-------- c:\windows\Logs
2009-01-11 16:09 . 2009-01-11 16:09 <DIR> d-------- c:\program files\Electronic Arts
2009-01-11 16:09 . 1998-10-01 12:50 33,792 --a------ c:\windows\system32\NPSExec.exe
2009-01-11 16:07 . 1998-08-10 22:21 132,096 --a------ c:\windows\system32\eaexec.exe
2009-01-11 16:07 . 1998-08-10 22:20 24,576 --a------ c:\windows\system32\ealtest.exe

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-11 13:20 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\uTorrent
2009-02-11 11:35 --------- d-----w c:\program files\Java
2009-02-10 19:23 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Skype
2009-02-10 19:21 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\skypePM
2009-02-07 13:29 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\InstallShield Installation Information
2009-02-07 13:28 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\My Games
2009-01-29 17:25 2,764,800 ----a-w c:\windows\Internet Logs\xDB1.tmp
2009-01-28 08:40 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\ATI
2009-01-28 08:31 --------- d-----w c:\program files\ATI Technologies
2009-01-27 16:36 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2009-01-05 12:54 278,984 ----a-w c:\windows\system32\drivers\atksgt.sys
2009-01-05 12:51 25,416 ----a-w c:\windows\system32\drivers\lirsgt.sys
2009-01-05 12:49 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-03 17:33 --------- d-----w c:\documents and settings\All Users\Application Data\PMB Files
2009-01-03 17:31 --------- d-----w c:\program files\Pando Networks
2009-01-01 15:52 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-01 10:19 --------- d-----w c:\program files\Common Files\3DO Shared
2008-12-23 13:43 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Sony Corporation
2008-12-23 13:23 --------- d-----w c:\program files\Sony Corporation
2008-12-23 13:23 --------- d-----w c:\program files\Sony
2008-12-23 13:23 --------- d-----w c:\program files\Common Files\Sony Shared
2008-12-23 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Sony Corporation
2008-12-22 17:28 --------- d-----w c:\program files\TryMedia
2008-12-12 17:01 3,067,904 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-01 22:13 3,452,928 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
2008-12-01 20:52 425,984 ----a-w c:\windows\system32\ATIDEMGX.dll
2008-12-01 20:51 318,464 ----a-w c:\windows\system32\ati2dvag.dll
2008-12-01 20:46 11,304,960 ----a-w c:\windows\system32\atioglxx.dll
2008-12-01 20:41 188,416 ----a-w c:\windows\system32\atipdlxx.dll
2008-12-01 20:40 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2008-12-01 20:40 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2008-12-01 20:40 147,456 ----a-w c:\windows\system32\Oemdspif.dll
2008-12-01 20:40 143,360 ----a-w c:\windows\system32\ati2evxx.dll
2008-12-01 20:38 598,016 ----a-w c:\windows\system32\ati2evxx.exe
2008-12-01 20:37 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2008-12-01 20:27 4,120,384 ----a-w c:\windows\system32\ati3duag.dll
2008-12-01 20:19 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2008-12-01 20:11 2,495,360 ----a-w c:\windows\system32\ativvaxx.dll
2008-12-01 19:57 48,640 ----a-w c:\windows\system32\amdpcom32.dll
2008-12-01 19:53 45,056 ----a-w c:\windows\system32\amdcalrt.dll
2008-12-01 19:53 45,056 ----a-w c:\windows\system32\amdcalcl.dll
2008-12-01 19:53 401,408 ----a-w c:\windows\system32\atikvmag.dll
2008-12-01 19:52 86,016 ----a-w c:\windows\system32\atiadlxx.dll
2008-12-01 19:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2008-12-01 19:50 3,252,224 ----a-w c:\windows\system32\Amdcaldd.dll
2008-12-01 19:50 286,720 ----a-w c:\windows\system32\atiok3x2.dll
2008-12-01 19:45 577,536 ----a-w c:\windows\system32\ati2cqag.dll
2008-12-01 12:35 593,920 ------w c:\windows\system32\ati2sgag.exe
2008-11-19 05:11 2,774,916 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-04-05 20:02 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-02-10_11.05.42,18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 00:11:54 38,912 ----a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-04-14 00:11:54 61,440 ----a-w c:\windows\system32\dllcache\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ----a-w c:\windows\system32\dllcache\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ----a-w c:\windows\system32\dllcache\icwconn2.exe
+ 2008-04-14 00:11:54 32,768 ----a-w c:\windows\system32\dllcache\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ----a-w c:\windows\system32\dllcache\icwhelp.dll
+ 2008-04-14 00:12:22 24,576 ----a-w c:\windows\system32\dllcache\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ----a-w c:\windows\system32\dllcache\icwutil.dll
+ 2008-04-14 00:12:22 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2008-04-14 00:12:22 93,184 ----a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 00:12:22 20,480 ----a-w c:\windows\system32\dllcache\inetwiz.exe
- 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe
- 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
+ 2009-02-11 12:03:30 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_2d0.dat
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-06 21898024]
"CurseClient"="c:\janin\Curse\CurseClient.exe" [2008-10-10 4789760]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]
"ZoneAlarm Client"="c:\janin\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-10 1601304]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
Logitech SetPoint.lnk - c:\janin\Logitech\SetPoint\SetPoint.exe [2008-08-07 805392]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-10 10:51 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Janin\\Pelit\\TitanQuest\\Titan Quest.exe"=
"c:\\Janin\\Pelit\\F.E.A.R\\FEAR.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Janin\\Pelit\\Settlers 3\\base\\bin\\Settlers6.exe"=
"c:\\Janin\\Pelit\\Settlers 3\\extra1\\bin\\Settlers6.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Janin\\Curse\\CurseClient.exe"=
"c:\\Janin\\Pelit\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59011:TCP"= 59011:TCPando Media Booster
"59011:UDP"= 59011:UDPando Media Booster

R0 dontgo;Promise Removable Disk Control Driver;c:\windows\system32\drivers\dontgo.sys [2004-06-29 7680]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-10 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-10 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-10 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-10 298264]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2005-01-02 2799488]
R3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\drivers\P1130Vid.sys [2008-04-05 90357]
S2 Apache2.2;Apache2.2;"c:\documents and settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe" -k runservice --> c:\documents and settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe [?]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2005-01-02 468768]
S3 XDva120;XDva120;\??\c:\windows\system32\XDva120.sys --> c:\windows\system32\XDva120.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\XDva136.sys --> c:\windows\system32\XDva136.sys [?]
S3 XDva195;XDva195;\??\c:\windows\system32\XDva195.sys --> c:\windows\system32\XDva195.sys [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{070ba48a-0305-11dd-916d-0013d3f890f5}]
\Shell\AutoRun\command - USBNB.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{500aeda0-d716-11dd-89f8-0013d3f890f5}]
\Shell\AutoRun\command - K:\setup.exe
\Shell\install\command - K:\setup.exe
\Shell\install1\command - k:\support\DirectX\DXSETUP.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6a4ab2b-8e0d-11dd-8979-0013d3f890f5}]
\Shell\1\Command - k:\runaut~1\autorun.pif
\Shell\2\Command - k:\runaut~1\autorun.pif
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNAUT~1\autorun.pif
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.dufpy.com
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\f7evcvde.default\
FF - prefs.js: browser.startup.homepage - hxxp://irc-galleria.net/
FF - component: c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\f7evcvde.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-11 19:32:16
Windows 5.1.2600 Service Pack 3 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-3813225501-495103178-2351656239-1007\Software\SecuROM\License information*]
"datasecu"=hex:04,d3,7c,c0,e9,fb,e4,e9,c5,ef,00,b8,3b,94,be,2c,1e,07,73,16,be,
c9,2f,b8,93,06,75,3e,62,3f,fd,a6,c5,2a,ee,95,5b,a5,83,3f,0b,18,43,b4,8b,18,\
"rkeysecu"=hex:45,26,fb,3e,9c,c2,85,cc,b7,67,f2,a9,eb,a6,e5,05
.
--------------------- Prosesseihin ladatut DLLt ---------------------

- - - - - - - > 'winlogon.exe'(752)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Valmistumisajankohta: 2009-02-11 19:33:45
ComboFix-quarantined-files.txt 2009-02-11 17:33:40

Ennen ajoa: 18 611 863 552 bytes free
Ajon jälkeen: 18,613,452,800 tavua vapaana

253 --- E O F --- 2009-02-11 11:23:40


Tuossa on logi tosta Combofix jutusta.

Onko tietoa miten saan Internet Explorer selaimen "kokonaan" pois koneelta? vai pystyykö? hehe. Mut mul on nyt kunnossa asiat , päivitys onnistu kans AVG

 

Millä saan tonne sen kaiuttimen kuvan näkymää?



Ohjauspaneelista se on laitettu kyllä näkymään.




Netissä (esim youtube.com) kun katsoo videota ÄÄNET EIVÄT KUULU, mistä tämä voi johtua?? oon yrittäny saada kuntoon mut ei toimi mikää (

 

Nyt tuon alla olevan lainauksen sisällön Kopioit / liität Tyhjään muistioon
käynnistä nappi >apuohjelmat > muistio

Tallenna se nimellä CFScript.txt työpöydälle

Sitten raahaa CFScript ComboFix.exeen kuten alla.



combofix työstää tulee sininen taulu paina numeroa 1 ja enter

Laita tuleva loki tänne.

Sammutat ja käynnistät koneen

 

Tehty: Combofix alotti tekemää päivityksen ja ei tarvinu painaa numeroa 1 / enter mun mielestäni ^^ se teki itestää kaiken. (Päivitti ohjelman?)

Combofix Log
ComboFix 09-02-11.02 - HP_Administrator 2009-02-12 6:08:58.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.517 [GMT 2:00]
Sijainti: c:\documents and settings\HP_Administrator\Desktop\ComboFix.exe
Käytetyt komentorivivalitsimet :: c:\documents and settings\HP_Administrator\Desktop\CFScript.txt
AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated)
FW: ZoneAlarm Firewall *enabled*
* Uusi palautuspiste luotu
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-01-12 to 2009-02-12 )))))))))))))))))
.

2009-02-11 19:22 . 2009-02-11 19:22 <DIR> d-------- c:\documents and settings\All Users\Application Data\NortonInstaller
2009-02-10 11:11 . 2009-02-10 11:11 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Malwarebytes
2009-02-10 11:11 . 2009-02-10 11:11 <DIR> d-------- c:\documents and settings\All Users\Application Data\Malwarebytes
2009-02-10 11:11 . 2009-01-14 16:11 38,496 --a------ c:\windows\system32\drivers\mbamswissarmy.sys
2009-02-10 11:11 . 2009-01-14 16:11 15,504 --a------ c:\windows\system32\drivers\mbam.sys
2009-02-10 10:51 . 2009-02-11 18:47 <DIR> d-------- c:\windows\system32\drivers\Avg
2009-02-10 10:51 . 2009-02-10 10:51 <DIR> d-------- c:\documents and settings\All Users\Application Data\avg8
2009-02-10 10:51 . 2009-02-10 10:51 325,128 --a------ c:\windows\system32\drivers\avgldx86.sys
2009-02-10 10:51 . 2009-02-10 10:51 107,272 --a------ c:\windows\system32\drivers\avgtdix.sys
2009-02-10 10:51 . 2009-02-10 10:51 10,520 --a------ c:\windows\system32\avgrsstx.dll
2009-02-01 15:25 . 2009-02-01 15:24 410,984 --a------ c:\windows\system32\deploytk.dll
2009-01-30 08:19 . 2008-11-13 15:18 1,221,008 --a------ c:\windows\system32\zpeng25.dll
2009-01-28 10:40 . 2009-01-28 10:40 <DIR> d-------- c:\documents and settings\All Users\Application Data\ATI
2009-01-28 10:32 . 2009-01-28 10:40 <DIR> d-------- c:\program files\ATI
2009-01-27 18:49 . 2009-01-27 18:49 <DIR> d-------- c:\documents and settings\All Users\Application Data\Blizzard
2009-01-26 11:56 . 2009-01-26 11:56 <DIR> d-------- c:\documents and settings\HP_Administrator\Application Data\Canneverbe_Limited
2009-01-19 08:03 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2009-01-19 08:03 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2009-01-19 08:03 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2009-01-19 08:01 . 2007-05-16 16:45 1,124,720 --a------ c:\windows\system32\D3DCompiler_34.dll
2009-01-19 08:01 . 2007-05-16 16:45 443,752 --a------ c:\windows\system32\d3dx10_34.dll
2009-01-19 07:59 . 2009-01-19 07:59 <DIR> d-------- c:\windows\Logs

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-12 04:03 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Skype
2009-02-12 04:02 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\skypePM
2009-02-11 13:20 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\uTorrent
2009-02-11 11:35 --------- d-----w c:\program files\Java
2009-02-07 13:29 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\InstallShield Installation Information
2009-02-07 13:28 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\My Games
2009-01-29 17:25 2,764,800 ----a-w c:\windows\Internet Logs\xDB1.tmp
2009-01-28 08:40 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\ATI
2009-01-28 08:31 --------- d-----w c:\program files\ATI Technologies
2009-01-27 16:36 --------- d-----w c:\program files\Common Files\Blizzard Entertainment
2009-01-11 14:09 --------- d-----w c:\program files\Electronic Arts
2009-01-05 12:54 278,984 ----a-w c:\windows\system32\drivers\atksgt.sys
2009-01-05 12:51 25,416 ----a-w c:\windows\system32\drivers\lirsgt.sys
2009-01-05 12:49 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-03 17:33 --------- d-----w c:\documents and settings\All Users\Application Data\PMB Files
2009-01-03 17:31 --------- d-----w c:\program files\Pando Networks
2009-01-01 15:52 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-01-01 10:19 --------- d-----w c:\program files\Common Files\3DO Shared
2008-12-23 13:43 --------- d-----w c:\documents and settings\HP_Administrator\Application Data\Sony Corporation
2008-12-23 13:23 --------- d-----w c:\program files\Sony Corporation
2008-12-23 13:23 --------- d-----w c:\program files\Sony
2008-12-23 13:23 --------- d-----w c:\program files\Common Files\Sony Shared
2008-12-23 13:22 --------- d-----w c:\documents and settings\All Users\Application Data\Sony Corporation
2008-12-22 17:28 --------- d-----w c:\program files\TryMedia
2008-12-12 17:01 3,067,904 ------w c:\windows\system32\dllcache\mshtml.dll
2008-12-11 10:57 333,952 ------w c:\windows\system32\dllcache\srv.sys
2008-12-01 22:13 3,452,928 ----a-w c:\windows\system32\dllcache\ati2mtag.sys
2008-12-01 20:52 425,984 ----a-w c:\windows\system32\ATIDEMGX.dll
2008-12-01 20:51 318,464 ----a-w c:\windows\system32\ati2dvag.dll
2008-12-01 20:46 11,304,960 ----a-w c:\windows\system32\atioglxx.dll
2008-12-01 20:41 188,416 ----a-w c:\windows\system32\atipdlxx.dll
2008-12-01 20:40 43,520 ----a-w c:\windows\system32\ati2edxx.dll
2008-12-01 20:40 26,112 ----a-w c:\windows\system32\Ati2mdxx.exe
2008-12-01 20:40 147,456 ----a-w c:\windows\system32\Oemdspif.dll
2008-12-01 20:40 143,360 ----a-w c:\windows\system32\ati2evxx.dll
2008-12-01 20:38 598,016 ----a-w c:\windows\system32\ati2evxx.exe
2008-12-01 20:37 53,248 ----a-w c:\windows\system32\ATIDDC.DLL
2008-12-01 20:27 4,120,384 ----a-w c:\windows\system32\ati3duag.dll
2008-12-01 20:19 307,200 ----a-w c:\windows\system32\atiiiexx.dll
2008-12-01 20:11 2,495,360 ----a-w c:\windows\system32\ativvaxx.dll
2008-12-01 19:57 48,640 ----a-w c:\windows\system32\amdpcom32.dll
2008-12-01 19:53 45,056 ----a-w c:\windows\system32\amdcalrt.dll
2008-12-01 19:53 45,056 ----a-w c:\windows\system32\amdcalcl.dll
2008-12-01 19:53 401,408 ----a-w c:\windows\system32\atikvmag.dll
2008-12-01 19:52 86,016 ----a-w c:\windows\system32\atiadlxx.dll
2008-12-01 19:52 17,408 ----a-w c:\windows\system32\atitvo32.dll
2008-12-01 19:50 3,252,224 ----a-w c:\windows\system32\Amdcaldd.dll
2008-12-01 19:50 286,720 ----a-w c:\windows\system32\atiok3x2.dll
2008-12-01 19:45 577,536 ----a-w c:\windows\system32\ati2cqag.dll
2008-12-01 12:35 593,920 ------w c:\windows\system32\ati2sgag.exe
2008-11-19 05:11 2,774,916 ----a-w c:\windows\Internet Logs\tvDebug.zip
2008-04-05 20:02 32 ----a-w c:\documents and settings\All Users\Application Data\ezsid.dat
.

((((((((((((((((((((((((((((( SnapShot@2009-02-10_11.05.42,18 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-04-14 00:11:54 38,912 ----a-w c:\windows\system32\dllcache\hmmapi.dll
+ 2008-04-14 00:11:54 61,440 ----a-w c:\windows\system32\dllcache\icwconn.dll
+ 2008-04-14 00:12:22 214,528 ----a-w c:\windows\system32\dllcache\icwconn1.exe
+ 2008-04-14 00:12:22 86,016 ----a-w c:\windows\system32\dllcache\icwconn2.exe
+ 2008-04-14 00:11:54 32,768 ----a-w c:\windows\system32\dllcache\icwdl.dll
+ 2008-04-14 00:11:54 172,032 ----a-w c:\windows\system32\dllcache\icwhelp.dll
+ 2008-04-14 00:12:22 24,576 ----a-w c:\windows\system32\dllcache\icwrmind.exe
+ 2008-04-14 00:11:54 49,152 ----a-w c:\windows\system32\dllcache\icwutil.dll
+ 2008-04-14 00:12:22 18,432 ----a-w c:\windows\system32\dllcache\iedw.exe
+ 2008-04-14 00:12:22 93,184 ----a-w c:\windows\system32\dllcache\iexplore.exe
+ 2008-04-14 00:12:22 20,480 ----a-w c:\windows\system32\dllcache\inetwiz.exe
- 2009-01-10 01:35:28 20,853,704 ----a-w c:\windows\system32\MRT.exe
+ 2009-02-03 23:21:12 21,244,864 ----a-w c:\windows\system32\MRT.exe
- 2007-11-30 12:39:22 17,272 ------w c:\windows\system32\spmsg.dll
+ 2008-07-09 07:38:24 17,272 ------w c:\windows\system32\spmsg.dll
+ 2009-02-12 04:00:05 16,384 ----atw c:\windows\Temp\Perflib_Perfdata_40c.dat
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-06 21898024]
"CurseClient"="c:\janin\Curse\CurseClient.exe" [2008-10-10 4789760]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2007-12-10 695808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-06 64512]
"HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152]
"DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112]
"Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568]
"HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856]
"ZoneAlarm Client"="c:\janin\ZoneAlarm\zlclient.exe" [2008-11-13 981904]
"CanonSolutionMenu"="c:\program files\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-14 644696]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2007-04-03 1603152]
"OpwareSE4"="c:\program files\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]
"SsAAD.exe"="c:\progra~1\Sony\SONICS~1\SsAAD.exe" [2006-01-07 81920]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-02-10 1601304]
"ftutil2"="ftutil2.dll" [2004-06-07 c:\windows\system32\ftutil2.dll]
"AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 c:\windows\arpwrmsg.exe]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2008-02-29 c:\windows\KHALMNPR.Exe]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 1294336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-05-12 282624]
Logitech SetPoint.lnk - c:\janin\Logitech\SetPoint\SetPoint.exe [2008-08-07 805392]
Microsoft Office.lnk - c:\program files\Microsoft Office\Office\OSA9.EXE [2000-01-21 65588]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 01:42 72208 c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter]
2009-02-10 10:51 10520 c:\windows\system32\avgrsstx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"=
"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\uTorrent\\uTorrent.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Janin\\Pelit\\TitanQuest\\Titan Quest.exe"=
"c:\\Janin\\Pelit\\F.E.A.R\\FEAR.exe"=
"c:\\Program Files\\Pando Networks\\Media Booster\\PMB.exe"=
"c:\\Janin\\Pelit\\Settlers 3\\base\\bin\\Settlers6.exe"=
"c:\\Janin\\Pelit\\Settlers 3\\extra1\\bin\\Settlers6.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Janin\\Curse\\CurseClient.exe"=
"c:\\Janin\\Pelit\\Steam\\steamapps\\common\\left 4 dead\\left4dead.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgemc.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgnsx.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"59011:TCP"= 59011:TCPando Media Booster
"59011:UDP"= 59011:UDPando Media Booster

R0 dontgo;Promise Removable Disk Control Driver;c:\windows\system32\drivers\dontgo.sys [2004-06-29 7680]
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-02-10 325128]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-02-10 107272]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [2009-02-10 903960]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2009-02-10 298264]
R3 3xHybrid;3xHybrid service;c:\windows\system32\drivers\3xHybrid.sys [2005-01-02 2799488]
R3 P1130VID;Creative WebCam NX Pro;c:\windows\system32\drivers\P1130Vid.sys [2008-04-05 90357]
S2 Apache2.2;Apache2.2;"c:\documents and settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe" -k runservice --> c:\documents and settings\HP_Administrator\Desktop\xampp\apache\bin\apache.exe [?]
S3 WN5301;LIteon Wireless PCI Network Adapter Service;c:\windows\system32\drivers\wn5301.sys [2005-01-02 468768]
S3 XDva120;XDva120;\??\c:\windows\system32\XDva120.sys --> c:\windows\system32\XDva120.sys [?]
S3 XDva136;XDva136;\??\c:\windows\system32\XDva136.sys --> c:\windows\system32\XDva136.sys [?]
S3 XDva195;XDva195;\??\c:\windows\system32\XDva195.sys --> c:\windows\system32\XDva195.sys [?]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{070ba48a-0305-11dd-916d-0013d3f890f5}]
\Shell\AutoRun\command - USBNB.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{500aeda0-d716-11dd-89f8-0013d3f890f5}]
\Shell\AutoRun\command - K:\setup.exe
\Shell\install\command - K:\setup.exe
\Shell\install1\command - k:\support\DirectX\DXSETUP.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e6a4ab2b-8e0d-11dd-8979-0013d3f890f5}]
\Shell\1\Command - k:\runaut~1\autorun.pif
\Shell\2\Command - k:\runaut~1\autorun.pif
\Shell\AutoRun\command - c:\windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL RUNAUT~1\autorun.pif
.
.
------- Täydentävä tarkistus -------
.
uStart Page = hxxp://www.dufpy.com
uInternet Settings,ProxyOverride = *.local
FF - ProfilePath - c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\f7evcvde.default\
FF - prefs.js: browser.startup.homepage - hxxp://irc-galleria.net/
FF - component: c:\documents and settings\HP_Administrator\Application Data\Mozilla\Firefox\Profiles\f7evcvde.default\extensions\{7378B8C2-FC38-41b8-A8C9-875D1F5B0A24}\components\NativeComponent.dll
FF - component: c:\program files\AVG\AVG8\Firefox\components\avgssff.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\npPandoWebInst.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-12 06:12:43
Windows 5.1.2600 Service Pack 3 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
--------------------- LUKITUT REKISTERIAVAIMET ---------------------

[HKEY_USERS\S-1-5-21-3813225501-495103178-2351656239-1007\Software\SecuROM\License information*]
"datasecu"=hex:04,d3,7c,c0,e9,fb,e4,e9,c5,ef,00,b8,3b,94,be,2c,1e,07,73,16,be,
c9,2f,b8,93,06,75,3e,62,3f,fd,a6,c5,2a,ee,95,5b,a5,83,3f,0b,18,43,b4,8b,18,\
"rkeysecu"=hex:45,26,fb,3e,9c,c2,85,cc,b7,67,f2,a9,eb,a6,e5,05
.
--------------------- Prosesseihin ladatut DLLt ---------------------

- - - - - - - > 'winlogon.exe'(756)
c:\windows\system32\Ati2evxx.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
.
Valmistumisajankohta: 2009-02-12 6:14:13
ComboFix-quarantined-files.txt 2009-02-12 04:14:07

Ennen ajoa: 18 567 823 360 bytes free
Ajon jälkeen: 18,556,874,752 tavua vapaana

249 --- E O F --- 2009-02-11 11:23:40