Vistan käynnistysongelma vol 2

Tässä combofix.exe:n logi

ComboFix 09-03-26.03 - sputnick 2009-03-27 15:32:38.1 - NTFSx86 NETWORK
Microsoft® Windows Vista™ Ultimate 6.0.6001.1.1252.1.1033.18.1534.1155 [GMT 2:00]
Sijainti: c:\users\sputnick\Downloads\ComboFix.exe
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2009-02-27 to 2009-03-27 )))))))))))))))))
.

Tiedostoja ei ole luotu tällä aikavälillä

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-27 11:22 --------- d-----w c:\program files\Alwil Software
2009-03-27 11:01 --------- d-----w c:\users\sputnick\AppData\Roaming\mIRC
2009-03-26 21:58 --------- d-----w c:\users\sputnick\AppData\Roaming\F-Secure
2009-03-26 21:57 --------- d-----w c:\program files\F-Secure Internet Security
2009-03-26 19:31 --------- d-----w c:\program files\Trend Micro
2009-03-26 18:39 --------- d-----w c:\program files\mIRC
2009-03-26 18:04 --------- d-----w c:\progra~2\Kaspersky Lab Setup Files
2009-03-26 17:21 --------- d-----w c:\progra~2\f-secure
2009-03-26 17:19 --------- d-----w c:\progra~2\fssg
2009-03-26 16:46 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-03-26 16:42 --------- d-----w c:\program files\Norton Security Scan
2009-03-24 15:47 --------- d-----w c:\program files\Pinball Wizards
2009-03-23 18:35 --------- d-----w c:\program files\ReflexiveArcade
2009-03-22 23:09 --------- d-----w c:\users\sputnick\AppData\Roaming\Winamp
2009-03-21 23:47 --------- d-----w c:\progra~2\NOS
2009-03-21 23:46 --------- d-----w c:\program files\NOS
2009-03-20 06:40 --------- d-----w c:\program files\Common Files\Steam
2009-03-18 20:57 --------- d-----w c:\users\sputnick\AppData\Roaming\Apple Computer
2009-03-18 20:49 --------- d-----w c:\program files\iTunes
2009-03-18 20:49 --------- d-----w c:\progra~2\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-18 20:48 --------- d-----w c:\program files\iPod
2009-03-18 20:48 --------- d-----w c:\program files\Common Files\Apple
2009-03-18 20:48 --------- d-----w c:\progra~2\Apple Computer
2009-03-18 20:46 --------- d-----w c:\program files\QuickTime
2009-03-18 20:37 --------- d-----w c:\program files\Safari
2009-03-18 20:36 --------- d-----w c:\program files\Bonjour
2009-03-17 17:43 --------- d-----w c:\program files\Winamp
2009-03-17 17:43 --------- d-----w c:\program files\Common Files\PX Storage Engine
2009-03-13 23:15 --------- d-----w c:\users\sputnick\AppData\Roaming\SPORE
2009-03-13 20:26 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-13 16:16 --------- d--h--r c:\users\sputnick\AppData\Roaming\SecuROM
2009-03-13 16:06 --------- d-----w c:\program files\Electronic Arts
2009-03-13 12:57 --------- d-----w c:\program files\Starcraft
2009-03-13 10:59 34 ----a-w c:\users\sputnick\jagex_runescape_preferences.dat
2009-03-12 01:10 --------- d-----w c:\program files\Windows Mail
2009-03-11 00:47 --------- d-----w c:\program files\Gandalf Services
2009-03-11 00:47 --------- d-----w c:\program files\Avi2Dvd
2009-03-11 00:36 --------- d-----w c:\program files\AviSynth 2.5
2009-03-11 00:00 --------- d-----w c:\program files\Gabest
2009-03-10 23:53 --------- d-----w c:\program files\vso
2009-03-10 23:47 --------- d-----w c:\program files\VistaCodecPack
2009-03-10 23:45 --------- d-----w c:\progra~2\VistaCodecs
2009-03-09 19:49 8,464 ----a-w c:\windows\System32\ealregsnapshot1.reg
2009-03-09 19:49 --------- d-----w c:\progra~2\Electronic Arts
2009-02-28 23:51 --------- d-----w c:\users\sputnick\AppData\Roaming\Leadertech
2009-02-28 23:51 --------- d-----w c:\program files\Common Files\InstallShield
2009-02-22 15:50 --------- d-----w c:\users\sputnick\AppData\Roaming\SecondLife
2009-02-22 13:32 1,003,520 ----a-w c:\windows\System32\VSFilter.dll
2009-02-09 17:56 67,584 ----a-w c:\windows\System32\ff_vfw.dll
2009-02-09 03:10 2,033,152 ----a-w c:\windows\System32\win32k.sys
2009-02-05 21:06 51,792 ----a-w c:\windows\system32\drivers\aswMonFlt.sys
2009-01-21 11:18 0 ----a-w C:\WoW-3.0.3.9183-to-3.0.8.9464-enGB-patch.exe
2009-01-15 06:11 827,392 ----a-w c:\windows\System32\wininet.dll
2009-01-05 22:33 3,751,995 ----a-w c:\windows\System32\GPhotos.scr
2008-01-21 02:41 174 --sha-w c:\program files\desktop.ini
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-21 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952]
"Steam"="d:\program files\Steam\Steam.exe" [2008-12-10 1410296]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-21 202240]
"EA Core"="c:\program files\Electronic Arts\EADM\Core.exe" [2009-02-06 3325952]
"Google Update"="c:\users\sputnick\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-03-09 133104]
"PC Suite Tray"="c:\program files\Nokia\Nokia PC Suite 7\PCSuite.exe" [2008-12-03 1205760]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-21 c:\windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440]
"PWRISOVM.EXE"="c:\program files\PowerISO\PWRISOVM.EXE" [2008-11-02 167936]
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2008-11-10 136600]
"WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2009-01-05 413696]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-03-12 342312]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
"avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-02-05 81000]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"GrpConv"="grpconv -o" [X]

c:\users\sputnick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-04 393216]

c:\progra~2\MICROS~1\Windows\STARTM~1\Programs\Startup\
BTTray.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2008-09-11 752168]

c:\users\sputnick\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\
OpenOffice.org 3.0.lnk - c:\program files\OpenOffice.org 3\program\quickstart.exe [2008-10-04 393216]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"TCP Query User{93BE1602-5861-4BE0-BF27-DD3544DBA6E9}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{6F8A1062-D944-4DD1-B82B-6B0DFBFE4D6D}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"TCP Query User{D5AE06CC-40F7-40AE-9B61-3A313623B274}c:\\program files\\abc\\abc.exe"= UDP:c:\program files\abc\abc.exe:abc
"UDP Query User{090986A3-03D2-4986-949F-07E055D5FCC2}c:\\program files\\abc\\abc.exe"= TCP:c:\program files\abc\abc.exe:abc
"TCP Query User{1D8A4DBE-DAFC-47B1-BB59-E27F4C349CD1}c:\\users\\sputnick\\downloads\\wowclient-downloader.exe"= UDP:c:\users\sputnick\downloads\wowclient-downloader.exe:wowclient-downloader.exe
"UDP Query User{EE8540D5-4F26-4803-A9EB-48DBE90A6205}c:\\users\\sputnick\\downloads\\wowclient-downloader.exe"= TCP:c:\users\sputnick\downloads\wowclient-downloader.exe:wowclient-downloader.exe
"TCP Query User{5CAD8B0C-9507-4745-924B-9D3ECE015076}c:\\program files\\starcraft\\starcraft.exe"= UDP:c:\program files\starcraft\starcraft.exe:Starcraft
"UDP Query User{76971C95-4AF3-4A4B-959B-6CE9E4EF3A7A}c:\\program files\\starcraft\\starcraft.exe"= TCP:c:\program files\starcraft\starcraft.exe:Starcraft
"TCP Query User{641340EE-62A3-4A06-8B36-7A49CEF1E798}c:\\world of warcraft\\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe"= UDP:c:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe:Blizzard Downloader
"UDP Query User{F6B733D0-49D2-48D0-88CC-A786F8F593FA}c:\\world of warcraft\\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe"= TCP:c:\world of warcraft\wow-2.3.0.7561-to-2.3.2.7741-engb-downloader.exe:Blizzard Downloader
"TCP Query User{C853177E-B698-41CC-BF06-1DB3D289DCFD}c:\\world of warcraft\\repair.exe"= UDP:c:\world of warcraft\repair.exe:Blizzard Repair Utility
"UDP Query User{F6C4A5F1-650D-49D6-AF47-A5A89120D25C}c:\\world of warcraft\\repair.exe"= TCP:c:\world of warcraft\repair.exe:Blizzard Repair Utility
"{583D2562-1C40-4CC4-AF42-761F74A93055}"= UDP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.3-to-3.0.2-enGB-Win-Final-downloader.exe:Blizzard Downloader
"{539E2788-222A-42A2-A131-0B10D11048F1}"= TCP:c:\users\Public\Documents\Blizzard Entertainment\World of Warcraft\WoW-2.4.3-to-3.0.2-enGB-Win-Final-downloader.exe:Blizzard Downloader
"{69AB0078-5658-431A-BE6F-F03D7AD20F0A}"= UDP:3724:Blizzard Downloader: 3724
"{6B2F88A9-A4D8-4556-882C-BF63B2F423B8}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EA62130A-014E-428C-A9E6-CBE06040FDF8}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{EFC5638C-ED15-4140-A627-EF11963374AF}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{57519316-7A40-4CD9-A5A4-C9F2A089ACCE}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"TCP Query User{1A262991-EF60-4470-BD42-D5EF44EDC6F2}c:\\program files\\abc\\abc.exe"= UDP:c:\program files\abc\abc.exe:abc
"UDP Query User{E436E8D0-1BD9-4024-B32E-4B35261AD99F}c:\\program files\\abc\\abc.exe"= TCP:c:\program files\abc\abc.exe:abc
"TCP Query User{A7800DFB-D975-49C9-B98B-BD77E236B0C0}c:\\users\\sputnick\\appdata\\local\\temp\\blizzard launcher temporary - f755c2d0\\launcher.exe"= UDP:c:\users\sputnick\appdata\local\temp\blizzard launcher temporary - f755c2d0\launcher.exe:launcher.exe
"UDP Query User{4A177C79-D66D-404B-90C4-389695FD71B9}c:\\users\\sputnick\\appdata\\local\\temp\\blizzard launcher temporary - f755c2d0\\launcher.exe"= TCP:c:\users\sputnick\appdata\local\temp\blizzard launcher temporary - f755c2d0\launcher.exe:launcher.exe
"TCP Query User{182C092F-721A-445A-8A83-F277E0992756}c:\\users\\sputnick\\appdata\\local\\temp\\blizzard launcher temporary - 508a3b38\\launcher.exe"= UDP:c:\users\sputnick\appdata\local\temp\blizzard launcher temporary - 508a3b38\launcher.exe:launcher.exe
"UDP Query User{988A5E0F-9157-4945-81AB-999CF24AC57D}c:\\users\\sputnick\\appdata\\local\\temp\\blizzard launcher temporary - 508a3b38\\launcher.exe"= TCP:c:\users\sputnick\appdata\local\temp\blizzard launcher temporary - 508a3b38\launcher.exe:launcher.exe
"TCP Query User{1F5E6E2F-1E5E-4A2E-8FDB-23E66EA5D0B5}c:\\program files\\secondlife\\slvoice.exe"= UDP:c:\program files\secondlife\slvoice.exe:SLVoice
"UDP Query User{251DE266-8DF9-4F94-AF19-260E5362EF93}c:\\program files\\secondlife\\slvoice.exe"= TCP:c:\program files\secondlife\slvoice.exe:SLVoice
"TCP Query User{6BAE843F-7D08-4F01-B807-4476CCD4DF4B}d:\\program files\\steam\\steamapps\\pauli.pietikainen@hsi.fi\\counter-strike\\hl.exe"= UDP:d:\program files\steam\steamapps\pauli.pietikainen@hsi.fi\counter-strike\hl.exe:Half-Life Launcher
"UDP Query User{27CBFE1B-B603-474C-AC0E-D9C0D10E1C85}d:\\program files\\steam\\steamapps\\pauli.pietikainen@hsi.fi\\counter-strike\\hl.exe"= TCP:d:\program files\steam\steamapps\pauli.pietikainen@hsi.fi\counter-strike\hl.exe:Half-Life Launcher
"TCP Query User{2EB7F18F-BF04-4210-90CD-3C93124D65E9}c:\\program files\\electronic arts\\eadm\\core.exe"= UDP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"UDP Query User{6B23F071-C98F-467E-807A-52785B3760F0}c:\\program files\\electronic arts\\eadm\\core.exe"= TCP:c:\program files\electronic arts\eadm\core.exe:EA Download Manager
"TCP Query User{652DFAF4-6D86-483D-AA49-34ADB5184108}c:\\program files\\mirc\\mirc.exe"= UDP:c:\program files\mirc\mirc.exe:mIRC
"UDP Query User{72E47630-9F8B-4417-B65C-38BAB06166AB}c:\\program files\\mirc\\mirc.exe"= TCP:c:\program files\mirc\mirc.exe:mIRC
"{8D995951-9D22-4DB7-8F11-A63A8954AA82}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{7216A254-5D03-4258-8F2A-623DFBDB328D}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{0507D705-2E70-4206-B4E5-F3DD92A0B6EB}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{79AF12B6-16F4-4F18-9A9F-59147339C801}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes

S1 aswSP;avast! Self Protection;c:\windows\System32\drivers\aswSP.sys [2009-03-27 114768]
S2 aswFsBlk;aswFsBlk;c:\windows\System32\drivers\aswFsBlk.sys [2009-03-27 20560]
S2 aswMonFlt;aswMonFlt;c:\windows\System32\drivers\aswMonFlt.sys [2009-03-27 51792]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\System32\drivers\b57nd60x.sys [2008-01-21 179712]
S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\System32\drivers\btwl2cap.sys [2008-11-27 29736]
S3 getPlus(R) Helper;getPlus(R) Helper;c:\program files\NOS\bin\getPlus_HelperSvc.exe [2009-03-22 33176]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\STARTUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\G]
\shell\AutoRun\command - G:\STARTUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
\shell\AutoRun\command - H:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
\shell\AutoRun\command - I:\RunGame.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\J]
\shell\AutoRun\command - J:\RunGame.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\K]
\shell\AutoRun\command - K:\RunGame.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
\shell\AutoRun\command - L:\Setup.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\M]
\shell\AutoRun\command - M:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\N]
\shell\AutoRun\command - N:\Menu.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
%SystemRoot%\system32\soundschemes.exe /AddRegistration

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{B3688A53-AB2A-4b1d-8CEF-8F93D8C51C24}]
%SystemRoot%\system32\soundschemes2.exe /AddRegistration
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKCU-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe
HKCU-RunOnce-Shockwave Updater - c:\windows\System32\Adobe\SHOCKW~1\SWHELP~2.EXE -Update -1103471 -Mozilla/5.0 (Windows; U; Windows NT 6.0; fi; rv:1.9.0.7) Gecko/2009021910 Firefox/3.0.7
HKLM-RunOnce-<NO NAME> - (no file)


.
------- Täydentävä tarkistus -------
.
uInternet Settings,ProxyOverride = *.local
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Lähetä kuva &Bluetooth-laitteeseen... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Lähetä sivu &Bluetooth-laitteeseen... - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
TCP: {7758FEE9-55AF-47F9-9FA7-C77FF687FA55} = 192.168.0.1,10.0.0.2
FF - ProfilePath - c:\users\sputnick\AppData\Roaming\Mozilla\Firefox\Profiles\nrv77fu7.default\
FF - component: c:\program files\Nokia\Nokia PC Suite 7\bkmrksync\components\BkMrkExt.dll
FF - component: c:\users\sputnick\AppData\Roaming\Mozilla\Firefox\Profiles\nrv77fu7.default\extensions\fi@dictionaries.addons.mozilla.org\platform\WINNT_x86-msvc\components\mozvoikko.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa2.dll
FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll
FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: c:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
FF - plugin: c:\users\sputnick\AppData\Local\Google\Update\1.2.141.5\npGoogleOneClick7.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-03-27 15:39:19
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...


**************************************************************************
.
Valmistumisajankohta: 2009-03-27 15:42:16
ComboFix-quarantined-files.txt 2009-03-27 13:40:57

Ennen ajoa: Järjestelmä ei löydä sanomaa numerolle 0x2379 ohjelman Application sanomatiedostossa.
Ajon jälkeen: 46,493,782,016 tavua vapaana

205 --- E O F --- 2009-03-18 01:08:42
----------------------------------------------------------------
----------------------------------------------------------------
----------------------------------------------------------------




Sitten hijack logi edellisen ajon jälkeen:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:51:52, on 27.3.2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Safe mode with network support

Running processes:
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [GrpConv] grpconv -o
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [Steam] "D:\Program Files\Steam\Steam.exe" -silent
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Google Update] "C:\Users\sputnick\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Lähetä kuva &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Lähetä sivu &Bluetooth-laitteeseen... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{7758FEE9-55AF-47F9-9FA7-C77FF687FA55}: NameServer = 192.168.0.1,10.0.0.2
O22 - SharedTaskScheduler: Windows DreamScene - {E31004D1-A431-41B8-826F-E902F9D95C81} - C:\Windows\System32\DreamScene.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--
End of file - 5909 bytes

 

Avast home 4.8:lla löyty DM-Vundo troijalainen. Noh, ajelin vundofix-6.5. Ei löytänyt mitään...
Kone ei edelleenkään käynnisty kuin vikasietotilassa.