Hjt-Loki analyysiin!

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by vikkke, Sep 1, 2009.

  1. vikkke

    vikkke Guest

    Ongelmana on se että koneen suoritinkäyttö on poikkeuksetta kokoajan 100%, ja kone on ihan v*itun hidas. Myöskään norman ei toimi vaikka sen prosessit onkin päällä. Epäilempä(toivon)että sieltä joki mato löytyy. Tässä Hjt loki.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 22:34:56, on 1.9.2009
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18294)
    Boot mode: Normal

    Running processes:
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe
    C:\Program Files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe
    C:\Program Files\CyberLink\Shared Files\brs.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    C:\Windows\PixArt\Pac207\Monitor.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Java\jre6\bin\jusched.exe
    C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
    C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\uTorrent\uTorrent.exe
    D:\DAEMON Tools Lite\daemon.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Logitech\SetPoint\SetPoint.exe
    C:\Program Files\Logitech\GamePanel Software\LCD Manager\lcdmon.exe
    C:\Program Files\Brother\ControlCenter3\brccMCtl.exe
    C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
    C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    N:\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O1 - Hosts: ::1 localhost
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: AskBar BHO - {201f27d4-3704-41d6-89c1-aa35e39143ed} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O3 - Toolbar: Ask Toolbar - {3041d03e-fd4b-44e0-b742-2d9b88305f98} - C:\Program Files\AskBarDis\bar\bin\askBar.dll (file missing)
    O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
    O4 - HKLM\..\Run: [EnergySettings] C:\Program Files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe
    O4 - HKLM\..\Run: [FSCRecovery] c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe
    O4 - HKLM\..\Run: [KeyConfiguration] C:\Program Files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe /silent
    O4 - HKLM\..\Run: [BDRegion] C:\Program Files\Cyberlink\Shared Files\brs.exe
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NPCTray] C:\Program Files\Norman\npc\bin\npc_tray.exe /LOAD
    O4 - HKLM\..\Run: [BrMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
    O4 - HKLM\..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH
    O4 - HKLM\..\Run: [Monitor] C:\Windows\PixArt\PAC207\Monitor.exe
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Launch LgDeviceAgent] "C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe"
    O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
    O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [fsc-reg] C:\fsc-reg\fscreg.exe 20090830
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [PC Suite Tray] "D:\sälää\Nokia PC Suite 7\PCSuite.exe" -onlytray
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
    O4 - HKCU\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe
    O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\DAEMON Tools Lite\daemon.exe" -autorun
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-18\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [fsc-reg] c:\fsc-reg\fscreg.exe (User 'Default user')
    O4 - Startup: Ilta-Sanomat377818161.lnk = D:\Downloads\Ilta-Sanomat.exe
    O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
    O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: Lisää tämä blogiin - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Lisää tämä blogiin tuotteessa Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O10 - Unknown file in Winsock LSP: c:\program files\norman\npc\bin\nlf.dll
    O13 - Gopher Prefix:
    O23 - Service: ASKService - Unknown owner - C:\Program Files\AskBarDis\bar\bin\AskService.exe (file missing)
    O23 - Service: ASKUpgrade - Unknown owner - C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe (file missing)
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\Windows\system32\brsvc01a.exe
    O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\Elogsvc.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
    O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe
    O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    O23 - Service: Norman NJeeves - Norman ASA - C:\Program Files\Norman\Npm\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe
    O23 - Service: Norman Parental Control (NPC) - Norman ASA - C:\Program Files\Norman\npc\bin\npcsvc32.exe
    O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe
    O23 - Service: Norman Security service (NPROSECSVC) - Norman ASA - C:\Program Files\Norman\Ngs\bin\NPROSEC.EXE
    O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE
    O23 - Service: Norman User Activity Agent (NUAA) - Norman ASA - C:\Program Files\Norman\npc\bin\nuaa.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Unknown owner - C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE (file missing)
    O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: PCLEPCI - Pinnacle Systems GmbH - C:\Windows\system32\drivers\pclepci.sys
    O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe
    O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
    O23 - Service: Fujitsu Siemens Computers Diagnostic Testhandler (TestHandler) - Fujitsu Siemens Computers - C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe

    --
    End of file - 11853 bytes


    Kiitos jo etu käteen.
     
    Last edited by a moderator: Sep 2, 2009
    vikkke, Sep 1, 2009
    #1
  2. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Tämä uTorrent on sinulla
    kokoaika käynnissä. Varmasti hidastaa.

    Poista Ask Toolbar

    ----------------------------------------------------------------

    Lataa Malwarebytes' Anti-Malware työpöydällesi.

    Jos linkki ei toimi, voit ladata myös seuraavista linkeistä:
    Linkki1
    Linkki2

    * Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
    * Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
    * Jos päivitys löytyy, ohjelma lataa ja asentaa uusimman version. Jos päivityksien lataaminen ei onnistu, voit ladata päivitykset tästä. Tuplaklikkaa mbam-rules.exe asentaaksesi päivitykset.
    * Kun ohjelma on latautunut ja päivitykset tehty, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
    * Kun tarkistus on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
    * Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
    * Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    * Lähetä lokin sisältö seuraavassa viestissäsi.[/list]

    Huom. Jos Mbam ei pystynyt poistamaan tiedostoa, se pyytää sinua käynnistämään koneesi uudelleen. Käynnistä koneesi silloin uudelleen heti. Mbam voi tehdä muutoksia rekisteriisi osana puhdistusta. Jos käytät suojausohjelmaa, joka havaitsee rekisterin muutokset, salli Mbamin tehdä muutokset.

    ----------------------------------------------------------------------------------

    * Lataa TÄSTÄ random's system information tool (RSIT) by random/random ja tallenna se työpöydälle
    * Tuplaklikkaa RSIT.exeä ajaaksesi RSITin.
    * Klikkaa Continue.
    * Kun RSIT on valmis, kaksi lokia avautuu muistioon. Lähetä sekä

    log.txt:n (<<avautuu suurennettuna) että
    info.txt:n (<<avautuu pienennettynä) sisältö seuraavassa viestissäsi.

    Loki: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
    .
     
    kalminen, Sep 2, 2009
    #2
  3. vikkke

    vikkke Guest

    'Tollaset tuli. Tuo luultu mörkö ei anna koneen connectata nettiin. Ja norman ei käynnisty.

    Logfile of random's system information tool 1.06 (written by random/random)
    Run by Teija at 2009-09-02 17:36:50
    Microsoft® Windows Vista™ Home Premium Service Pack 1
    System drive C: has 8 GB (8%) free of 100 GB
    Total RAM: 3327 MB (67% free)

    HijackThis download failed

    ======Scheduled tasks folder======

    C:\Windows\tasks\Ad-Aware Update (Weekly).job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader -linkkiavustaja - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{201f27d4-3704-41d6-89c1-aa35e39143ed}]
    AskBar BHO - C:\Program Files\AskBarDis\bar\bin\askBar.dll []

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-02-20 304736]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Liven kirjautumisapuohjelma - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C333CF63-767F-4831-94AC-E683D962C63C}]
    CoTGT_BHO Class

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
    Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {3041d03e-fd4b-44e0-b742-2d9b88305f98} - Ask Toolbar - C:\Program Files\AskBarDis\bar\bin\askBar.dll []
    {32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-12-10 929224]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
    "RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-08-27 6281760]
    "EnergySettings"=C:\Program Files\Fujitsu Siemens Computers\Energy Settings\EnergySettings.exe [2008-09-19 113664]
    "FSCRecovery"=c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe [2008-06-18 268096]
    "KeyConfiguration"=C:\Program Files\Fujitsu Siemens Computers\Key Configuration Tool\KeyConfigurationTool.exe [2008-09-04 413184]
    "BDRegion"=C:\Program Files\Cyberlink\Shared Files\brs.exe [2007-11-16 91432]
    "RemoteControl"=C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-10-28 72736]
    "LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-10-11 62760]
    "NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2008-09-18 13580832]
    "NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2008-09-18 92704]
    "NPCTray"=C:\Program Files\Norman\npc\bin\npc_tray.exe [2007-09-17 126008]
    "BrMfcWnd"=C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe [2007-02-15 622592]
    "ControlCenter3"=C:\Program Files\Brother\ControlCenter3\brctrcen.exe [2006-07-19 65536]
    "Norman ZANDA"=C:\Program Files\Norman\Npm\Bin\ZLH.EXE [2009-02-11 187504]
    "Monitor"=C:\Windows\PixArt\PAC207\Monitor.exe [2006-11-03 319488]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2009-02-20 185872]
    "Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-02-29 76304]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
    "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
    "Launch LgDeviceAgent"=C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [2009-05-04 354312]
    "Launch LCDMon"=C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2009-05-04 1572872]
    "Launch LGDCore"=C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [2009-05-04 2817544]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2008-01-21 1233920]
    "fsc-reg"=C:\fsc-reg\fscreg.exe [2008-08-01 380688]
    "MsnMsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-03-12 3885408]
    "ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-21 125952]
    "PC Suite Tray"=D:\sälää\Nokia PC Suite 7\PCSuite.exe [2008-12-03 1205760]
    "uTorrent"=C:\Program Files\uTorrent\uTorrent.exe [2009-07-09 288048]
    "LaunchList"=C:\Program Files\Pinnacle\Studio 11\LaunchList2.exe [2007-03-21 145496]
    "DAEMON Tools Lite"=D:\DAEMON Tools Lite\daemon.exe [2008-12-29 687560]
    "WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

    C:\Users\Teija\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    Ilta-Sanomat377818161.lnk - D:\Downloads\Ilta-Sanomat.exe

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Lavasoft Ad-Aware Service]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1
    "EnableUIADesktopToggle"=0

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{27aaae6f-e2f5-11dd-9524-0021859dc69a}]
    shell\AutoRun\command - L:\install.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5cb4bdb4-2cdd-11de-a15b-0021859dc69a}]
    shell\AutoRun\command - K:\setup.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{637ddeb1-0f7b-11de-a86e-0021859dc69a}]
    shell\AutoRun\command - F:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{93749f7e-dfbe-11dd-815b-0021859dc69a}]
    shell\AutoRun\command - K:\Autorun.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{947aaedb-a42a-11dd-961f-806e6f6e6963}]
    shell\AutoRun\command - E:\launcher.exe


    ======List of files/folders created in the last 1 months======

    2009-09-02 16:49:55 ----D---- C:\Program Files\trend micro
    2009-09-02 16:49:53 ----D---- C:\rsit
    2009-09-02 14:47:44 ----D---- C:\Users\Teija\AppData\Roaming\Malwarebytes
    2009-09-02 14:47:37 ----D---- C:\ProgramData\Malwarebytes
    2009-09-01 20:20:02 ----A---- C:\Windows\system32\lsdelete.exe
    2009-09-01 16:08:45 ----HDC---- C:\ProgramData\{EF63305C-BAD7-4144-9208-D65528260864}
    2009-09-01 16:07:47 ----D---- C:\ProgramData\Lavasoft
    2009-09-01 16:07:47 ----D---- C:\Program Files\Lavasoft
    2009-08-30 15:48:26 ----A---- C:\Windows\system32\tzres.dll
    2009-08-30 15:24:21 ----A---- C:\Windows\ntbtlog.txt
    2009-08-26 15:35:18 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2009-08-26 15:35:18 ----A---- C:\Windows\system32\Apphlpdm.dll
    2009-08-22 17:44:51 ----D---- C:\Windows\system32\URTTEMP
    2009-08-22 17:41:23 ----D---- C:\Windows\San Andreas Mod Installer
    2009-08-16 20:45:20 ----D---- C:\Users\Teija\AppData\Roaming\Deckadance
    2009-08-16 11:12:40 ----D---- C:\ProgramData\wanted_demo
    2009-08-16 11:03:55 ----D---- C:\Windows\8AAB4176A747493AA42CB63CFADFD8E3.TMP
    2009-08-16 11:02:13 ----D---- C:\Program Files\OpenAL
    2009-08-16 11:02:12 ----A---- C:\Windows\system32\wrap_oal.dll
    2009-08-16 11:02:12 ----A---- C:\Windows\system32\OpenAL32.dll
    2009-08-16 01:33:08 ----AT---- C:\Windows\system32\SIntfNT.dll
    2009-08-16 01:33:08 ----AT---- C:\Windows\system32\SIntf32.dll
    2009-08-16 01:33:08 ----AT---- C:\Windows\system32\SIntf16.dll
    2009-08-15 13:53:51 ----A---- C:\Windows\system32\PresentationHostProxy.dll
    2009-08-15 13:53:51 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
    2009-08-15 13:53:51 ----A---- C:\Windows\system32\infocardapi.dll
    2009-08-15 13:53:51 ----A---- C:\Windows\system32\icardres.dll
    2009-08-15 13:53:51 ----A---- C:\Windows\system32\icardagt.exe
    2009-08-15 13:53:50 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
    2009-08-15 13:53:49 ----A---- C:\Windows\system32\PresentationHost.exe
    2009-08-15 13:48:03 ----A---- C:\Windows\system32\mscoree.dll
    2009-08-15 13:48:03 ----A---- C:\Windows\system32\dfshim.dll
    2009-08-15 13:48:02 ----A---- C:\Windows\system32\netfxperf.dll
    2009-08-15 13:47:53 ----A---- C:\Windows\system32\mscorier.dll
    2009-08-15 13:47:50 ----A---- C:\Windows\system32\mscories.dll
    2009-08-14 16:44:43 ----A---- C:\Windows\system32\wdigest.dll
    2009-08-14 16:44:43 ----A---- C:\Windows\system32\schannel.dll
    2009-08-14 16:44:43 ----A---- C:\Windows\system32\msv1_0.dll
    2009-08-14 16:44:43 ----A---- C:\Windows\system32\lsasrv.dll
    2009-08-14 16:44:43 ----A---- C:\Windows\system32\kerberos.dll
    2009-08-14 16:44:42 ----A---- C:\Windows\system32\secur32.dll
    2009-08-14 16:44:42 ----A---- C:\Windows\system32\lsass.exe
    2009-08-13 07:28:06 ----A---- C:\Windows\system32\atl.dll
    2009-08-13 07:28:05 ----A---- C:\Windows\system32\wkssvc.dll
    2009-08-13 07:28:04 ----A---- C:\Windows\system32\mstscax.dll
    2009-08-13 07:28:02 ----A---- C:\Windows\system32\avifil32.dll
    2009-08-13 07:27:58 ----A---- C:\Windows\system32\wmp.dll
    2009-08-13 07:27:57 ----A---- C:\Windows\system32\wmpdxm.dll
    2009-08-13 07:27:57 ----A---- C:\Windows\system32\spwmp.dll
    2009-08-13 07:27:57 ----A---- C:\Windows\system32\dxmasf.dll
    2009-08-13 07:27:56 ----A---- C:\Windows\system32\wmploc.DLL
    2009-08-10 00:38:12 ----D---- C:\Program Files\Microsoft Games for Windows - LIVE

    ======List of files/folders modified in the last 1 months======

    2009-09-02 17:36:35 ----D---- C:\Windows\Temp
    2009-09-02 16:49:56 ----D---- C:\Windows\tracing
    2009-09-02 16:49:55 ----RD---- C:\Program Files
    2009-09-02 16:49:50 ----D---- C:\Users\Teija\AppData\Roaming\uTorrent
    2009-09-02 15:39:56 ----D---- C:\Windows\System32
    2009-09-02 15:39:56 ----D---- C:\Windows\inf
    2009-09-02 15:39:56 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2009-09-02 15:35:21 ----D---- C:\Windows
    2009-09-02 14:47:39 ----D---- C:\Windows\system32\drivers
    2009-09-02 14:47:37 ----HD---- C:\ProgramData
    2009-09-02 07:24:32 ----D---- C:\Windows\system32\WDI
    2009-09-01 18:57:12 ----D---- C:\Windows\Minidump
    2009-09-01 18:24:53 ----HD---- C:\Program Files\InstallShield Installation Information
    2009-09-01 18:24:39 ----SHD---- C:\System Volume Information
    2009-09-01 16:10:01 ----D---- C:\Windows\Tasks
    2009-09-01 16:10:01 ----D---- C:\Windows\system32\Tasks
    2009-09-01 16:09:31 ----D---- C:\Windows\system32\catroot
    2009-09-01 16:09:30 ----DC---- C:\Windows\system32\DRVSTORE
    2009-09-01 16:08:37 ----SHD---- C:\Windows\Installer
    2009-09-01 16:06:59 ----D---- C:\Windows\winsxs
    2009-08-30 19:57:55 ----D---- C:\Windows\system32\catroot2
    2009-08-30 17:35:28 ----D---- C:\Windows\rescache
    2009-08-30 17:27:39 ----D---- C:\Users\Teija\AppData\Roaming\Ubisoft
    2009-08-30 15:55:14 ----D---- C:\Windows\system32\fi-FI
    2009-08-30 15:55:13 ----D---- C:\Windows\AppPatch
    2009-08-30 15:31:36 ----D---- C:\Windows\Prefetch
    2009-08-30 15:18:20 ----D---- C:\Program Files\Norman
    2009-08-25 17:40:35 ----RSD---- C:\Windows\Fonts
    2009-08-23 11:32:49 ----D---- C:\Windows\Registration
    2009-08-23 11:32:23 ----D---- C:\Program Files\Internet Explorer
    2009-08-22 17:46:05 ----RSD---- C:\Windows\assembly
    2009-08-19 21:28:56 ----D---- C:\Users\Teija\AppData\Roaming\gtk-2.0
    2009-08-18 13:14:03 ----D---- C:\Program Files\Mozilla Firefox
    2009-08-16 20:22:48 ----D---- C:\Program Files\Image-Line
    2009-08-16 11:03:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2009-08-15 18:15:35 ----D---- C:\Program Files\Flock
    2009-08-15 18:13:21 ----D---- C:\Program Files\Paint.NET
    2009-08-15 18:08:12 ----D---- C:\Users\Teija\AppData\Roaming\Any Video Converter Professional
    2009-08-15 16:54:29 ----D---- C:\Windows\Microsoft.NET
    2009-08-15 16:21:30 ----D---- C:\Windows\system32\nb-NO
    2009-08-15 16:21:29 ----D---- C:\Windows\system32\sv-SE
    2009-08-15 16:21:29 ----D---- C:\Windows\system32\da-DK
    2009-08-15 16:21:24 ----D---- C:\Windows\system32\XPSViewer
    2009-08-15 16:21:24 ----D---- C:\Windows\system32\wbem
    2009-08-15 16:21:24 ----D---- C:\Windows\system32\en-US
    2009-08-14 15:02:28 ----D---- C:\ProgramData\Logitech
    2009-08-14 15:02:27 ----D---- C:\Program Files\Logitech
    2009-08-13 07:48:33 ----D---- C:\Program Files\Windows Media Player
    2009-08-13 07:48:22 ----D---- C:\Program Files\Windows Mail

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 ALE_NF;Norman Firewall ALE driver; \??\C:\Windows\system32\drivers\ale_nf.sys [2008-04-16 42552]
    R1 NGS;Norman General Security Driver; \??\c:\program files\norman\ngs\bin\ngs.sys [2009-02-11 22712]
    R1 NPROSEC;Norman Security driver; \??\C:\Program Files\Norman\Ngs\bin\nprosec.sys [2009-04-21 53816]
    R2 {95808DC4-FA4A-4C74-92FE-5B863F82066B};{95808DC4-FA4A-4C74-92FE-5B863F82066B}; \??\C:\Program Files\CyberLink\PowerDVD\000.fcl [2007-11-03 41456]
    R2 LBeepKE;LBeepKE; C:\Windows\System32\Drivers\LBeepKE.sys [2006-06-30 3712]
    R2 Ndiskio;Ndiskio; \??\C:\Program Files\Norman\Nse\Bin\NDISKIO.SYS [2007-01-02 20448]
    R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2008-06-01 34064]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-08-27 2163032]
    R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
    R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
    R3 MarvinBus;Pinnacle Marvin Bus; C:\Windows\system32\DRIVERS\MarvinBus.sys [2007-01-04 171520]
    R3 NVENETFD;NVIDIA nForce 10/100/1000 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-07-08 1050656]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-09-18 7379872]
    R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2008-07-22 15872]
    R3 PAC207;SoC PC-Camera; C:\Windows\system32\DRIVERS\PFC027.SYS [2006-12-05 507136]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
    R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
    S3 61883;61883 Unit Device; C:\Windows\system32\DRIVERS\61883.sys [2008-01-21 45696]
    S3 a2vfen7u;a2vfen7u; C:\Windows\system32\drivers\a2vfen7u.sys []
    S3 Avc;AVC-laite; C:\Windows\system32\DRIVERS\avc.sys [2008-01-21 40448]
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
    S3 EagleNT;EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys []
    S3 grmnusb;grmnusb; C:\Windows\system32\drivers\grmnusb.sys [2007-03-09 8320]
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\Windows\system32\DRIVERS\LHidKE.Sys [2006-05-10 27264]
    S3 LHidUsbK;Logitech SetPoint USB Receiver device driver; C:\Windows\System32\Drivers\LHidUsbK.Sys [2006-05-10 36736]
    S3 LMouKE;Logitech SetPoint Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouKE.Sys [2006-05-10 71680]
    S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2008-02-29 28944]
    S3 MSDV;Microsoft DV Camera and VCR; C:\Windows\system32\DRIVERS\msdv.sys [2008-01-21 52608]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
    S3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista; C:\Windows\system32\DRIVERS\netr28u.sys [2008-07-31 641024]
    S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2008-09-15 17664]
    S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2008-09-15 22016]
    S3 NvcMFlt;NvcMFlt; C:\Windows\system32\DRIVERS\nvcv32mf.sys [2009-01-22 19512]
    S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
    S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2008-09-15 8064]
    S3 usbaudio;USB-ääniohjain (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-21 73088]
    S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
    S3 usbser;USB Modem Driver; C:\Windows\system32\drivers\usbser.sys [2008-01-21 28160]
    S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2008-09-15 8064]
    S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
    S4 ahcix86s;ahcix86s; C:\Windows\system32\drivers\ahcix86s.sys [2008-05-27 173576]
    S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
    S4 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iastor.sys [2007-09-30 308248]
    S4 JRAID;JRAID; C:\Windows\system32\drivers\jraid.sys [2008-04-03 76688]
    S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 eLoggerSvc6;Norman eLogger service 6; C:\Program Files\Norman\Npm\Bin\Elogsvc.exe [2007-11-21 150584]
    R2 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe [2009-07-03 1029456]
    R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-04-29 877864]
    R2 Norman ZANDA;Norman ZANDA; C:\Program Files\Norman\Npm\Bin\Zanda.exe [2009-02-25 408696]
    R2 NPROSECSVC;Norman Security service; C:\Program Files\Norman\Ngs\bin\NPROSEC.EXE [2009-02-25 121912]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-09-18 196608]
    R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
    R2 TestHandler;Fujitsu Siemens Computers Diagnostic Testhandler; C:\Program Files\Fujitsu Siemens Computers\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe [2008-04-25 303104]
    S2 ASKService;ASKService; C:\Program Files\AskBarDis\bar\bin\AskService.exe []
    S2 ASKUpgrade;ASKUpgrade; C:\Program Files\AskBarDis\bar\bin\ASKUpgrade.exe []
    S2 Brother XP spl Service;BrSplService; C:\Windows\system32\brsvc01a.exe [2002-04-12 57344]
    S2 NPFSvc32;Norman Personal Firewall Service; C:\Program Files\Norman\npf\bin\npfsvc32.exe [2009-04-21 597104]
    S2 NVOY;Norman Resource Provider; C:\Program Files\Norman\npm\bin\nvoy.exe [2009-01-20 126008]
    S2 PCLEPCI;PCLEPCI; C:\Windows\system32\drivers\pclepci.sys [2005-02-09 14165]
    S3 aspnet_state;ASP.NET-tilapalvelu; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-27 34312]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logitech\Bluetooth\LBTServ.exe [2008-05-02 121360]
    S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-02-28 529704]
    S3 Norman NJeeves;Norman NJeeves; C:\Program Files\Norman\Npm\bin\NJEEVES.EXE [2009-04-17 274392]
    S3 NPC;Norman Parental Control; C:\Program Files\Norman\npc\bin\npcsvc32.exe [2008-04-17 416880]
    S3 nsesvc;Norman Scanner Engine Service; C:\Program Files\Norman\Nse\Bin\NSESVC.EXE [2009-05-19 310328]
    S3 NUAA;Norman User Activity Agent; C:\Program Files\Norman\npc\bin\nuaa.exe [2009-03-24 121912]
    S3 nvcoas;Norman Virus Control on-access component; C:\Program Files\Norman\Nvc\Bin\nvcoas.exe [2009-04-28 195640]
    S3 NVCScheduler;Norman Virus Control Scheduler; C:\Program Files\Norman\Npm\bin\NVCSCHED.EXE []
    S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 Scheduler;Norman Scheduler Service; C:\Program Files\Norman\Npm\Bin\scheduler.exe [2009-03-17 130104]
    S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-11-11 620544]
    S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-02-25 316664]
    S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-21 21504]

    -----------------EOF-----------------



    Ja




    Malwarebytes' Anti-Malware 1.40
    Tietokantaversio: 2725
    Windows 6.0.6001 Service Pack 1

    2.9.2009 16:40:04
    mbam-log-2009-09-02 (16-39-59).txt

    Tarkistustyyppi: Täysi tarkistus (C:\|D:\|J:\|)
    Tarkistetut kohteet: 377712
    Kulunut aika: 1 hour(s), 31 minute(s), 6 second(s)

    Saastuneita muistiprosesseja: 0
    Saastuneita muistimoduuleja: 0
    Saastuneita rekisteriavaimia: 0
    Saastuneita rekisteriarvoja: 0
    Saastuneita rekisterikohteita: 1
    Saastuneita hakemistoja: 0
    Saastuneita tiedostoja: 0

    Saastuneita muistiprosesseja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita muistimoduuleja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriavaimia:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisteriarvoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita rekisterikohteita:
    HKEY_CLASSES_ROOT\regfile\shell\open\command\(default) (Broken.OpenCommand) -> Bad: ("regedit.exe" "%1") Good: (regedit.exe "%1") -> No action taken.

    Saastuneita hakemistoja:
    (Haitallisia kohteita ei löydetty)

    Saastuneita tiedostoja:
    (Haitallisia kohteita ei löydetty)
     
    vikkke, Sep 2, 2009
    #3
  4. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    "Tuo luultu mörkö ei anna koneen connectata nettiin. Ja norman ei käynnisty. "

    Emme ole vielä löytäneet yhtään Virusta !!!
    Mikä ohjelma ei anna koneen connectata nettiin. ????

    Minä kun en ole selvännäkijä, niin kerro tarkemmin tuosta normannista.
    Tai asenna se uudelleen.
    Onko Lisenssissä päiviä jäljellä ???

    --------------------------------------------------------------------------

    Pyysin RSIT logeja, jotta löytyis vastauksia.

    Lähetit vain puolikkaan toisesta logista ????

    (HijackThis download failed ) <= asenna tuo niinkuin se kuuluukin olla.

    Jos et löydä logeja työpöydältä niin => C:\rsit

    log.txt:n (<<avautuu suurennettuna) että
    info.txt:n (<<avautuu pienennettynä) sisältö seuraavassa viestissäsi.
    .
     
    kalminen, Sep 3, 2009
    #4
  5. vikkke

    vikkke Guest

    Joo Tuntuu että tuo norman on jotenkin sekasin.
    Oon yrittänyt asentaa uudelleen ja se sanoo et poista vanhempi norman ensin,
    ja kun yritän poistaa (lisää/poista sovellu ja normanin oma poisto ohjelma) niin ei tapahdu mitään. Normanin oma ohjelma käynnistyy mutta ei suoritu (ajattelin että 8h odottelu riittää). Olen yrittänyt poistaa ohjelmaa myös vikasietotilassa.
    Mikään ohjelma ei suoraan kiellä nettiyhteyttä mutta läheverkkoyhteys (joka toimi ennen) on: Vain paikallinen. Netti ja norman lakkasivat toimimastakin yhtä aikaa. Annoin koneen olla 4päivää KIINNI, ja käynnistyksen yhteydessä norman ei käynnistynyt ja netti jäi :vain paikalliseksi. Tässä selvitykset ongelmista.
    Norman ja netti ongelman yhteydessä myös suoritinkäyttö pomppasi 100.
     
    vikkke, Sep 8, 2009
    #5
  6. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Lähiverkoissa kannattaa käyttää Kiinteitä IP:itä
    joka koneen verkkoyhteydessä.

    Kaikkiin palomuureihin näille ipeille
    sallittu Trusted Zone.

    Muuta en näillä tiedoilla osaa sanoa.
    :D
     
    kalminen, Sep 8, 2009
    #6

Share This Page