Проблем с windows и контролния център на ATI

[i4o.1976]

Здравейте,имам следният проблем ,когато искам да инсталирам zazz.exe или да вляза в контролния център на ATI ми излиза ето това,моля ако някой знае на какво се дължи това,и как мога да го премахна да ми каже.Благодаря ви за вниманието

[Night_Raven]

Какви грешки има в Event Viewer (Start -> Run -> eventvwr -> OK) в секции Application и/или System относно ATI и zazz.

[i4o.1976]

ето две снимки за грешките в system и в application

[Night_Raven]

Двоен клик въврху някоя от Application Error грешките и снимай прозореца.

[i4o.1976]

заповядай,

[Night_Raven]

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

Изтегли Autoruns, след това стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft Entries;

2) кликни File -> Refresh;

3) кликни File -> Export...;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

[i4o.1976]

ето ,заповядай

Logfile of HijackThis v1.99.1

Scan saved at 18:20:17, on 24.8.2008 г.

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16705)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

C:\PROGRA~1\AVG\AVG8\avgtray.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

C:\WINDOWS\system32\ctfmon.exe

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

C:\PROGRA~1\AVG\AVG8\avgfws8.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\PROGRA~1\AVG\AVG8\avgrsx.exe

C:\PROGRA~1\AVG\AVG8\avgnsx.exe

C:\WINDOWS\system32\svchost.exe

C:\PROGRA~1\AVG\AVG8\avgemc.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\Documents and Settings\leopoldin\Desktop\alabala.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dobrich.net/

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:\Program Files\programi\jccatch.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe

O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHEALTH\HELPCTR\Binaries\msconfig.exe /auto

O8 - Extra context menu item: &Сваляне на всички с FlashGet - D:\Program Files\programi\jc_all.htm

O8 - Extra context menu item: &Сваляне с FlashGet - D:\Program Files\programi\jc_link.htm

O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\programi\FlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\Program Files\programi\FlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204

O16 - DPF: {3EA4FA88-E0BE-419A-A732-9B79B87A6ED0} (CTVUAxCtrl Object) - http://dl.tvunetworks.com/TVUAx.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{17549BA3-1B9A-4DC1-83B0-92EF1AAC980B}: NameServer = 217.79.68.4 217.79.68.6

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: avgrsstx.dll

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll

O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe

O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe

O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe

O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: COM Host (comHost) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

O23 - Service: Norton Ghost - Symantec Corporation - D:\Program Files\programi\Norton Ghost\Agent\VProSvc.exe

 

 

 

ето и от auto runs резултата

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AVG8_TRAY AVG Tray Monitor AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgtray.exe

+ avgnt Antivirus System Tray Tool Avira GmbH c:\program files\avira\antivir personaledition classic\avgnt.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ linkscanner Safe Search pluggable protocol AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgpp.dll

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\avira\antivir personaledition classic\shlext.dll

+ V2iContextMenu Class VProShellExt Module Symantec Corporation d:\program files\programi\norton ghost\browser\vproshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Shellex\DragDropHandlers

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\avira\antivir personaledition classic\shlext.dll

+ V2iContextMenu Class VProShellExt Module Symantec Corporation d:\program files\programi\norton ghost\browser\vproshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ ACE ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ Catalyst Context Menu extension ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ GMail Drive GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Context Menu GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Drop Handler GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Property Sheet GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ Shell Extension for Malware scanning ShlExt.dll Avira GmbH c:\program files\avira\antivir personaledition classic\shlext.dll

+ WinRAR shell extension c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AVG Safe Search Safe Search for Internet Explorer AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgssie.dll

+ FGCatchUrl Flashget CatchUrl Module www.flashget.com d:\program files\programi\jccatch.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ FlashGet FlashGet FlashGet.com d:\program files\programi\flashget.exe

Task Scheduler

+ Norton Internet Security - Run Full System Scan - leopoldin.job File not found: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"

+ Uniblue SpeedUpMyPC Nag.job SpeedUpMyPC Uniblue Software d:\program files\programi\speedupmypc 3\speedupmypc.exe

HKLM\System\CurrentControlSet\Services

+ AntiVirScheduler Service to schedule Avira AntiVir Personal - Free Antivirus jobs and updates. Avira GmbH c:\program files\avira\antivir personaledition classic\sched.exe

+ AntiVirService Offers permanent protection against viruses and malware with the AntiVir search engine. Avira GmbH c:\program files\avira\antivir personaledition classic\avguard.exe

+ Ati HotKey Poller ATI External Event Utility EXE Module ATI Technologies Inc. c:\windows\system32\ati2evxx.exe

+ ATI Smart ATI Smart c:\windows\system32\ati2sgag.exe

+ Automatic LiveUpdate Scheduler Manages the scheduling of Automatic LiveUpdate sessions Symantec Corporation c:\program files\symantec\liveupdate\aluschedulersvc.exe

+ avg8emc AVG E-Mail Scanner AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgemc.exe

+ avg8wd AVG Watchdog Service AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgwdsvc.exe

+ avgfws8 AVG Firewall Service AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgfws8.exe

+ BlueSoleil Hid Service c:\program files\ivt corporation\bluesoleil\btntservice.exe

+ ccEvtMgr Event propagation and logging service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ ccSetMgr Settings storage and management service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ CLTNetCnService Symantec Lic NetConnect Service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ Norton Ghost Administrative service for scheduling and disk imaging. Symantec Corporation d:\program files\programi\norton ghost\agent\vprosvc.exe

HKLM\System\CurrentControlSet\Services

+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys

+ ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys

+ Avgfwdx AVG Firewall intermediate miniport driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgfwdx.sys

+ Avgfwfd AVG Firewall intermediate miniport driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgfwdx.sys

+ avgio Avira AntiVir Support for Minifilter Avira GmbH c:\program files\avira\antivir personaledition classic\avgio.sys

+ AvgLdx86 AVG AVI Loader Driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgldx86.sys

+ AvgMfx86 AVG Resident Shield Minifilter Driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgmfx86.sys

+ avgntflt Avira AntiVir Personal - Free Antivirus mini-filter used for on-access scan to provide real-time antivirus security. Avira GmbH c:\program files\avira\antivir personaledition classic\avgntflt.sys

+ AvgTdiX AVG Network connection watcher AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgtdix.sys

+ avipbb Avira's Driver for RootKit Detection Avira GmbH c:\windows\system32\drivers\avipbb.sys

+ BlueletAudio Bluelet Audio Driver IVT Corporation c:\windows\system32\drivers\blueletaudio.sys

+ BT Bluetooth PAN Network Adapter Driver IVT Corporation c:\windows\system32\drivers\btnetdrv.sys

+ Btcsrusb Bluetooth USB Device Driver IVT Corporation c:\windows\system32\drivers\btcusb.sys

+ BTHidEnum c:\windows\system32\drivers\vbtenum.sys

+ BTHidMgr Bluetooth HID Manager driver IVT Corporation c:\windows\system32\drivers\bthidmgr.sys

+ BTNetFilter c:\windows\system32\drivers\btnetfilter.sys

+ CA561 Universal Serial Bus Camera Driver SP c:\windows\system32\drivers\spca561.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ CO_Mon Behavior Blocker v2007.1 WDM driver (2007.1.1.99) Symantec Corporation c:\windows\system32\drivers\co_mon.sys

+ eeCtrl File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

+ EraserUtilRebootDrv File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

+ filter FILTER.sys Walter Oney Software c:\windows\system32\drivers\filter.sys

+ GEARAspiWDM GEAR CD/DVD Filter Driver GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ NAVENG File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVENG.SYS

+ NAVEX15 File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVEX15.SYS

+ NVENETFD NVIDIA Networking Function Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus NVIDIA Networking Bus Driver. NVIDIA Corporation c:\windows\system32\drivers\nvnetbus.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ SPBBCDrv File not found: C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

+ sptd c:\windows\system32\drivers\sptd.sys

+ SRTSP Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtsp.sys

+ SRTSPL Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtspl.sys

+ SRTSPX Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtspx.sys

+ ssmdrv Avira Snapshot Driver Avira GmbH c:\windows\system32\drivers\ssmdrv.sys

+ SunkFilt6 File not found: C:\WINDOWS\System32\Drivers\sunkfilt6.sys

+ SunkFilt62 File not found: C:\WINDOWS\System32\Drivers\sunkfilt62.sys

+ Sunkfiltp File not found: C:\WINDOWS\System32\Drivers\sunkfiltp.sys

+ SYMDNS DNS Filter Driver Symantec Corporation c:\windows\system32\drivers\symdns.sys

+ SymEvent Symantec Event Library Symantec Corporation c:\windows\system32\drivers\symevent.sys

+ SYMFW Firewall Filter Driver Symantec Corporation c:\windows\system32\drivers\symfw.sys

+ SYMIDS IDS Filter Driver Symantec Corporation c:\windows\system32\drivers\symids.sys

+ SymIM NDIS Intermediate Driver Symantec Corporation c:\windows\system32\drivers\symim.sys

+ SymIMMP NDIS Intermediate Driver Symantec Corporation c:\windows\system32\drivers\symim.sys

+ SYMNDIS NDIS Filter Driver Symantec Corporation c:\windows\system32\drivers\symndis.sys

+ SYMREDRV Redirector Filter Driver Symantec Corporation c:\windows\system32\drivers\symredrv.sys

+ symsnap StorageCraft Volume Snap-Shot StorageCraft c:\windows\system32\drivers\symsnap.sys

+ SYMTDI Network Dispatch Driver Symantec Corporation c:\windows\system32\drivers\symtdi.sys

+ USB28xxBGA USB 28xx BDA Driver eMPIA Technology, Inc. c:\windows\system32\drivers\embda.sys

+ USB28xxOEM USB 28xx BDA Lower filter eMPIA Technology, Inc. c:\windows\system32\drivers\emoem.sys

+ v2imount V2iMount.sys - Image Mounting Device Driver Symantec Corporation c:\windows\system32\drivers\v2imount.sys

+ VComm Bluetooth Serial Port Driver IVT Corporation c:\windows\system32\drivers\vcomm.sys

+ VcommMgr Bluetooth VcommMgr driver IVT Corporation c:\windows\system32\drivers\vcommmgr.sys

+ VProEventMonitor VProEventMonitor.Sys - Event Monitoring driver Symantec Corporation c:\windows\system32\drivers\vproeventmonitor.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

+ taskmgr.exe Sysinternals Process Explorer Sysinternals d:\instal\procexp.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls

+ avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. c:\windows\system32\avgrsstx.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. c:\windows\system32\ati2evxx.dll

[Night_Raven]

Като за начало деинсталирай едната антивирусна. Наличието на 2 антивирусни едновременно е КРАЙНО НЕПРЕПОРЪЧИТЕЛНО.

Дай и лог на Autoruns за всеки случай.

 

Преди да продължим, кажи какви точно продукти имаш на Symantec и какви си имал, но деинсталирал?

[i4o.1976]

направих това коет ми казахте,ето и резултатите от втори лог файл на auto puns

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ AVG8_TRAY AVG Tray Monitor AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgtray.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ linkscanner Safe Search pluggable protocol AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgpp.dll

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ V2iContextMenu Class VProShellExt Module Symantec Corporation d:\program files\programi\norton ghost\browser\vproshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Shellex\DragDropHandlers

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ MBAMShlExt Malwarebytes' Anti-Malware Malwarebytes Corporation c:\program files\malwarebytes' anti-malware\mbamext.dll

+ V2iContextMenu Class VProShellExt Module Symantec Corporation d:\program files\programi\norton ghost\browser\vproshellext.dll

+ WinRAR c:\program files\winrar\rarext.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ ACE ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ AVG8 Shell Extension AVG Shell Extension AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgse.dll

+ Catalyst Context Menu extension ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ GMail Drive GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Context Menu GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Drop Handler GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ GMailFS Property Sheet GMail File System Shell Namespace Extension Bjarke Viksoe c:\windows\system32\shellext\gmailfs.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ WinRAR shell extension c:\program files\winrar\rarext.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ AVG Safe Search Safe Search for Internet Explorer AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgssie.dll

+ FGCatchUrl Flashget CatchUrl Module www.flashget.com d:\program files\programi\jccatch.dll

HKLM\Software\Microsoft\Internet Explorer\Extensions

+ FlashGet FlashGet FlashGet.com d:\program files\programi\flashget.exe

Task Scheduler

+ Norton Internet Security - Run Full System Scan - leopoldin.job File not found: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"

+ Uniblue SpeedUpMyPC Nag.job SpeedUpMyPC Uniblue Software d:\program files\programi\speedupmypc 3\speedupmypc.exe

HKLM\System\CurrentControlSet\Services

+ Ati HotKey Poller ATI External Event Utility EXE Module ATI Technologies Inc. c:\windows\system32\ati2evxx.exe

+ ATI Smart ATI Smart c:\windows\system32\ati2sgag.exe

+ Automatic LiveUpdate Scheduler Manages the scheduling of Automatic LiveUpdate sessions Symantec Corporation c:\program files\symantec\liveupdate\aluschedulersvc.exe

+ avg8emc AVG E-Mail Scanner AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgemc.exe

+ avg8wd AVG Watchdog Service AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgwdsvc.exe

+ avgfws8 AVG Firewall Service AVG Technologies CZ, s.r.o. c:\program files\avg\avg8\avgfws8.exe

+ BlueSoleil Hid Service c:\program files\ivt corporation\bluesoleil\btntservice.exe

+ ccEvtMgr Event propagation and logging service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ ccSetMgr Settings storage and management service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ CLTNetCnService Symantec Lic NetConnect Service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ Norton Ghost Administrative service for scheduling and disk imaging. Symantec Corporation d:\program files\programi\norton ghost\agent\vprosvc.exe

HKLM\System\CurrentControlSet\Services

+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys

+ ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys

+ Avgfwdx AVG Firewall intermediate miniport driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgfwdx.sys

+ Avgfwfd AVG Firewall intermediate miniport driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgfwdx.sys

+ AvgLdx86 AVG AVI Loader Driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgldx86.sys

+ AvgMfx86 AVG Resident Shield Minifilter Driver AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgmfx86.sys

+ AvgTdiX AVG Network connection watcher AVG Technologies CZ, s.r.o. c:\windows\system32\drivers\avgtdix.sys

+ BlueletAudio Bluelet Audio Driver IVT Corporation c:\windows\system32\drivers\blueletaudio.sys

+ BT Bluetooth PAN Network Adapter Driver IVT Corporation c:\windows\system32\drivers\btnetdrv.sys

+ Btcsrusb Bluetooth USB Device Driver IVT Corporation c:\windows\system32\drivers\btcusb.sys

+ BTHidEnum c:\windows\system32\drivers\vbtenum.sys

+ BTHidMgr Bluetooth HID Manager driver IVT Corporation c:\windows\system32\drivers\bthidmgr.sys

+ BTNetFilter c:\windows\system32\drivers\btnetfilter.sys

+ CA561 Universal Serial Bus Camera Driver SP c:\windows\system32\drivers\spca561.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ CO_Mon Behavior Blocker v2007.1 WDM driver (2007.1.1.99) Symantec Corporation c:\windows\system32\drivers\co_mon.sys

+ eeCtrl File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

+ EraserUtilRebootDrv File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

+ filter FILTER.sys Walter Oney Software c:\windows\system32\drivers\filter.sys

+ GEARAspiWDM GEAR CD/DVD Filter Driver GEAR Software Inc. c:\windows\system32\drivers\gearaspiwdm.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ NAVENG File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVENG.SYS

+ NAVEX15 File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVEX15.SYS

+ NVENETFD NVIDIA Networking Function Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus NVIDIA Networking Bus Driver. NVIDIA Corporation c:\windows\system32\drivers\nvnetbus.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ SPBBCDrv File not found: C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

+ sptd c:\windows\system32\drivers\sptd.sys

+ SRTSP Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtsp.sys

+ SRTSPL Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtspl.sys

+ SRTSPX Symantec AutoProtect Symantec Corporation c:\windows\system32\drivers\srtspx.sys

+ SunkFilt6 File not found: C:\WINDOWS\System32\Drivers\sunkfilt6.sys

+ SunkFilt62 File not found: C:\WINDOWS\System32\Drivers\sunkfilt62.sys

+ Sunkfiltp File not found: C:\WINDOWS\System32\Drivers\sunkfiltp.sys

+ SYMDNS DNS Filter Driver Symantec Corporation c:\windows\system32\drivers\symdns.sys

+ SymEvent Symantec Event Library Symantec Corporation c:\windows\system32\drivers\symevent.sys

+ SYMFW Firewall Filter Driver Symantec Corporation c:\windows\system32\drivers\symfw.sys

+ SYMIDS IDS Filter Driver Symantec Corporation c:\windows\system32\drivers\symids.sys

+ SymIM NDIS Intermediate Driver Symantec Corporation c:\windows\system32\drivers\symim.sys

+ SymIMMP NDIS Intermediate Driver Symantec Corporation c:\windows\system32\drivers\symim.sys

+ SYMNDIS NDIS Filter Driver Symantec Corporation c:\windows\system32\drivers\symndis.sys

+ SYMREDRV Redirector Filter Driver Symantec Corporation c:\windows\system32\drivers\symredrv.sys

+ symsnap StorageCraft Volume Snap-Shot StorageCraft c:\windows\system32\drivers\symsnap.sys

+ SYMTDI Network Dispatch Driver Symantec Corporation c:\windows\system32\drivers\symtdi.sys

+ USB28xxBGA USB 28xx BDA Driver eMPIA Technology, Inc. c:\windows\system32\drivers\embda.sys

+ USB28xxOEM USB 28xx BDA Lower filter eMPIA Technology, Inc. c:\windows\system32\drivers\emoem.sys

+ v2imount V2iMount.sys - Image Mounting Device Driver Symantec Corporation c:\windows\system32\drivers\v2imount.sys

+ VComm Bluetooth Serial Port Driver IVT Corporation c:\windows\system32\drivers\vcomm.sys

+ VcommMgr Bluetooth VcommMgr driver IVT Corporation c:\windows\system32\drivers\vcommmgr.sys

+ VProEventMonitor VProEventMonitor.Sys - Event Monitoring driver Symantec Corporation c:\windows\system32\drivers\vproeventmonitor.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options

+ taskmgr.exe Sysinternals Process Explorer Sysinternals d:\instal\procexp.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\Appinit_Dlls

+ avgrsstx.dll AVG Resident Shield Starter AVG Technologies CZ, s.r.o. c:\windows\system32\avgrsstx.dll

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. c:\windows\system32\ati2evxx.dll

[Night_Raven]

Преди да продължим, кажи какви точно продукти имаш на Symantec и какви си имал, но деинсталирал?

[i4o.1976]

в момента имам един работеш продукт "Norton Ghost" и един дейнсталиран " Norton Internet Security",но несум сигурен дали не е осанало нещо от нея в регистрите ,за да я махна използвах ето това

 

извенявамсе за недуразомението ето за тази програма исках да ви кажаhttp://softvisia.com/download.php?view.274

[Night_Raven]

Засега можеш да махнеш отметките на следните обекти в Autoruns:

+ Norton Internet Security - Run Full System Scan - leopoldin.job File not found: C:\Program Files\Norton Internet Security\Norton AntiVirus\Navw32.exe /TASK:"C:\Documents and Settings\All Users\Application Data\Symantec\Norton AntiVirus\Tasks\mycomp.sca"

+ ccEvtMgr Event propagation and logging service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ ccSetMgr Settings storage and management service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ CLTNetCnService Symantec Lic NetConnect Service File not found: C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe

+ eeCtrl File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys

+ EraserUtilRebootDrv File not found: C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys

+ NAVENG File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVENG.SYS

+ NAVEX15 File not found: C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20070820.048\NAVEX15.SYS

+ SPBBCDrv File not found: C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys

+ SunkFilt6 File not found: C:\WINDOWS\System32\Drivers\sunkfilt6.sys

+ SunkFilt62 File not found: C:\WINDOWS\System32\Drivers\sunkfilt62.sys

+ Sunkfiltp File not found: C:\WINDOWS\System32\Drivers\sunkfiltp.sys

 

Виждам колко боклуци Norton е наблъскал в системата ти. Част от този боклук е в горния списък, има още доста файлове, които може би се ползват. Като цяло съм отвратен.

Не би било зле да сканираш системата си с Malwarebytes' Anti-Malware.

[i4o.1976]

Здравей,направих това което ми казахте.Аз още вчера сканирах с Malwarebytes' Anti-Malware. Ето и двата лог файла от сканирането ,първият е преди да махна заразите и вторият е след това ,но уви промлема си остава същият

1. Malwarebytes' Anti-Malware 1.25

Версия на базата от данни: 1062

Windows 5.1.2600 Service Pack 3

 

18:09:44 24.8.2008 г.

mbam-log-08-24-2008 (18-09-44).txt

 

Тип сканиране: Пълно сканиране (C:\|D:\|E:\|)

Сканирани обекти: 110679

Изминало време: 1 hour(s), 19 minute(s), 7 second(s)

 

Заразени процеси в паметта: 0

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 0

Заразени стойности в регистратурата: 0

Заразени информационни обекти в регистратурата: 0

Заразени папки: 0

Заразени файлове: 4

 

Заразени процеси в паметта:

(Нямаше открити заплахи)

 

Заразени модули в паметта:

(Нямаше открити заплахи)

 

Заразени ключове в регистратурата:

(Нямаше открити заплахи)

 

Заразени стойности в регистратурата:

(Нямаше открити заплахи)

 

Заразени информационни обекти в регистратурата:

(Нямаше открити заплахи)

 

Заразени папки:

(Нямаше открити заплахи)

 

Заразени файлове:

C:\WINDOWS\rundll16.exe (Fake.Dropped.Malware) -> Delete on reboot.

C:\WINDOWS\system32\vcmgcd32.dll (Trojan.Agent) -> Delete on reboot.

C:\WINDOWS\logo1_.exe (Worm.Viking) -> Delete on reboot.

C:\WINDOWS\system32\systems.txt (Trojan.FakeAlert) -> Delete on reboot.

2. Malwarebytes' Anti-Malware 1.25

Версия на базата от данни: 1062

Windows 5.1.2600 Service Pack 3

 

20:32:41 24.8.2008 г.

mbam-log-08-24-2008 (20-32-41).txt

 

Тип сканиране: Пълно сканиране (C:\|D:\|E:\|)

Сканирани обекти: 109535

Изминало време: 1 hour(s), 37 minute(s), 0 second(s)

 

Заразени процеси в паметта: 0

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 0

Заразени стойности в регистратурата: 0

Заразени информационни обекти в регистратурата: 0

Заразени папки: 0

Заразени файлове: 0

 

Заразени процеси в паметта:

(Нямаше открити заплахи)

 

Заразени модули в паметта:

(Нямаше открити заплахи)

 

Заразени ключове в регистратурата:

(Нямаше открити заплахи)

 

Заразени стойности в регистратурата:

(Нямаше открити заплахи)

 

Заразени информационни обекти в регистратурата:

(Нямаше открити заплахи)

 

Заразени папки:

(Нямаше открити заплахи)

 

Заразени файлове:

(Нямаше открити заплахи)

[Night_Raven]

Опитвал ли си да стартираш въпросната инсталация под Safe Mode?

[i4o.1976]

не сега и обнових Версия на базата от данни:от 1062 на 1083 и я пуснах да сканира,след като преключи ще ви пусна един лог файл от сканирането,в момента и AVG-то също сканира ,след това ще се опитам да сканирам под Safe Mode