Netti hidas ja hjt logi outo.

Ynvi · May 2, 2006

Netti ei jaksa kauan pysyä vireänä ja vauhdit hiipuu aika kovasti.
Formatoin koneen n. 2 viikkoa sitten. Avastilmainen antivirus ilmoitti muutama päivä sitten, että koneella on käynnissä "win32.dialer" modeeminkaappaus ohjelma. Lieneekö syynä hitaaseen nettiin? Voisikohan joku viisaampi vilkaista tätä hjt:n logia, että mitä siinä sanotaan? Danke!

Logfile of HijackThis v1.99.1
Scan saved at 22:07:37, on 2.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\aswUpdSv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashServ.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\GEARSec.exe
D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\navapsvc.exe
D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\PQV2iSvc.exe
D:\PROGRA~1\ALL_AR~1\NORTON~1\NPROTECT.EXE
D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcIp.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\PROGRA~1\ALL_AR~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashMaiSv.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru.exe
D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru_Event_Receiver.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasServ.exe
D:\Program Files\Virtuaali_Asemat\DaemonTool\daemon.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nTrayFw.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasDtServ.exe
D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\GhostTray.exe
C:\WINDOWS\system32\CTHELPER.EXE
H:\Program Files\The Cleaner\The Cleaner\tca.exe
H:\Program Files\The Cleaner\The Cleaner\tcm.exe
D:\PROGRA~1\TIETOT~1\Avast\ashDisp.exe
H:\Program Files\WinAmp_508\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Pakkaus\WinZip\WZQKPICK.EXE
D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Distillr\acrotray.exe
D:\Program Files\Emolevyn_Yms_Softat\Abit\OCGuru.exe
D:\Program Files\Selaimet\Firefox\firefox.exe
D:\Program Files\All_Around_Fixailuun\Process Viewer\PrcView.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.finbytes.org/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\TIETOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GuruClock] D:\Program Files\Emolevyn_Yms_Softat\Abit\GuruClock.exe
O4 - HKLM\..\Run: [ABIT uGuru] D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\Emolevyn_Yms_Softat\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\Virtuaali_Asemat\DaemonTool\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [nTrayFw] D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nTrayFw.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] D:\Program Files\Tietoturva_Suojaus_Judanssi\NoInSe_2004\UrlLstCk.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Ajurit\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [tcactive] H:\Program Files\The Cleaner\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] H:\Program Files\The Cleaner\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\TIETOT~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] H:\Program Files\WinAmp_508\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Omppu_QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "D:\Program Files\All_Around_Fixailuun\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\Pakkaus\WinZip\WZQKPICK.EXE
O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Distillr\acrotray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\PROGRA~1\ALL_AR~1\NORTON~1\NPROTECT.EXE
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\PROGRA~1\ALL_AR~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

blade81 · May 2, 2006

Käynnistä hjt, klikkaa do a system scan only, merkkaa:
O20 - Winlogon Notify: winexz32 - winexz32.dll (file missing)

Sulje muut ikkunat ja klikkaa fix checked.

Etsi winexz32.dll tiedostoa ja poista, jos löytyy.

Lähetä uusi hjt-loki.

Onko Norton palomuurillinen versio? Jos on, poista Nvidian muuri. Poista myös Avast. Ei kahta virustorjuntaa/palomuuria samaan työasemaan.

Ynvi · May 2, 2006

Logfile of HijackThis v1.99.1
Scan saved at 23:43:12, on 2.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\aswUpdSv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashServ.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe
C:\WINDOWS\System32\GEARSec.exe
D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\navapsvc.exe
D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\PQV2iSvc.exe
D:\PROGRA~1\ALL_AR~1\NORTON~1\NPROTECT.EXE
D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcIp.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcLog.exe
C:\WINDOWS\system32\nvsvc32.exe
D:\PROGRA~1\ALL_AR~1\NORTON~1\SPEEDD~1\NOPDB.EXE
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcAppFlt.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashMaiSv.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru.exe
D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru_Event_Receiver.exe
C:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasServ.exe
D:\Program Files\Virtuaali_Asemat\DaemonTool\daemon.exe
D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nTrayFw.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasDtServ.exe
D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\GhostTray.exe
H:\Program Files\The Cleaner\The Cleaner\tca.exe
H:\Program Files\The Cleaner\The Cleaner\tcm.exe
D:\PROGRA~1\TIETOT~1\Avast\ashDisp.exe
H:\Program Files\WinAmp_508\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Pakkaus\WinZip\WZQKPICK.EXE
D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Distillr\acrotray.exe
D:\Program Files\Emolevyn_Yms_Softat\Abit\OCGuru.exe
D:\Program Files\Selaimet\Firefox\firefox.exe
D:\Program Files\All_Around_Fixailuun\Process Viewer\PrcView.exe
C:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.finbytes.org/
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRA~1\TIETOT~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: Web assistant - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Web assistant - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [GuruClock] D:\Program Files\Emolevyn_Yms_Softat\Abit\GuruClock.exe
O4 - HKLM\..\Run: [ABIT uGuru] D:\Program Files\Emolevyn_Yms_Softat\Abit\uGuru.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVIDIA nTune] "D:\Program Files\Emolevyn_Yms_Softat\nTune\\nTune.exe" clear
O4 - HKLM\..\Run: [gcasServ] "D:\Program Files\Tietoturva_Suojaus_Judanssi\GIANT_AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "D:\Program Files\Virtuaali_Asemat\DaemonTool\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [nTrayFw] D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nTrayFw.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [URLLSTCK.exe] D:\Program Files\Tietoturva_Suojaus_Judanssi\NoInSe_2004\UrlLstCk.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "D:\Program Files\Ajurit\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [tcactive] H:\Program Files\The Cleaner\The Cleaner\tca.exe
O4 - HKLM\..\Run: [tcmonitor] H:\Program Files\The Cleaner\The Cleaner\tcm.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\TIETOT~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] H:\Program Files\WinAmp_508\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\Omppu_QuickTime\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Norton SystemWorks] "D:\Program Files\All_Around_Fixailuun\cfgwiz.exe" /GUID {05858CFD-5CC4-4ceb-AAAF-CF00BF39736A} /MODE CfgWiz
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\Pakkaus\WinZip\WZQKPICK.EXE
O4 - Global Startup: Acrobat Assistant.lnk = D:\Program Files\Kirjoitus_Teksti_Sonta\Adobe Acrobat 6.0\Distillr\acrotray.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nvappfilter.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\aswUpdSv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Tietoturva_Suojaus_Judanssi\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcAppFlt.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - D:\PROGRA~1\TIETOT~1\NVID_F~1\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: GEARSecurity - GEAR Software - C:\WINDOWS\System32\GEARSec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Ghost - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton Ghost\Agent\PQV2iSvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\PROGRA~1\ALL_AR~1\NORTON~1\NPROTECT.EXE
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcIp.exe
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - D:\PROGRA~1\TIETOT~1\NVID_F~1\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: SAVScan - Symantec Corporation - D:\Program Files\All_Around_Fixailuun\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Speed Disk service - Symantec Corporation - D:\PROGRA~1\ALL_AR~1\NORTON~1\SPEEDD~1\NOPDB.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

Nortonin softat: Interner Security 2004 + Antivirus 2005
Tuo Avast on löytänyt muutaman sellaisen troijalaisen, joista Norton ei oo sanonut mitään. Avast on ainakin tähän asti vaikuttanut ihan hyvältä softalta.

blade81 · May 2, 2006

Useampi virustorjunta ja palomuuri samalla koneella vain aiheuttavat kaikenlaista yhteensopimattomuutta. Voi johtua tuo netin hitauskin osittain tästä.

aaxxeell · May 3, 2006

Tässä ketjussä on vielä lisää Nortonista -> http://keskustelu.afterdawn.com/thread_view.cfm/338435
Saatat huomata kuinka raskas sovellus se todella on.

Log in or Sign up

Netti hidas ja hjt logi outo.

Ynvi Member

blade81 Active member

Ynvi Member

blade81 Active member

aaxxeell Regular member

Share This Page

Log in or Sign up

Netti hidas ja hjt logi outo.

Ynvi Member

blade81 Active member

Ynvi Member

blade81 Active member

aaxxeell Regular member

Share This Page

Useful Searches