1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

Acerin läppäri hidastelee. Haittaohjelmat syynä?

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Fubuntu 04.05.2008.

  1. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Terve!

    Minulla on tässä käsissä noin vajaat kaksi vuotta vanha Acerin läppäri, joka on lähiaikoina (noin kk sitten) alkanut tökkimään häiritsevällä tasolla.

    Nykyään koneen käynnistyminen on äärimmäisen hidasta, ohjelmien käyttö on hidasta, ja pelejä pelatessa ne eivät reagoi noin viiden sekunnin välein. Esim. FlatOut2:ssa en pääse ensimmäisestä mutkasta läpi, koska peli ei reagoi ohjaukseen. Sama tapahtuu Deus Exissä (juoksee seinää vasten enkä mahda asialle mitään) ja jokaisella muulla pelillä (WoW, CS:S, Half-Life 2), huolimatta siitä millä grafiikka-asetuksilla pelejä pyöritetään. Ennen näiden pelien kanssa ei ollut mitään ongelmia.

    Diskeeper, Ad-Aware, Spybot, Spyware Blaster, Avast juoksutettu läpi, Spybot ja Avast löysivät jotain, korjaten löytämänsä.

    Kuitenkin kone on edelleenkin yhtä hidas. Prosessori näyttää pyörivän noin 30-50% vaikkei mitään raskasta olisi päällä. Uusia ohjelmia ei ole asennettu viimeisen kahden kuukauden aikana. Olisiko haittaohjelmia vielä siis jäljellä? Kiitos jo etukäteen jos joku jaksaisi katsoa tämän login läpi.

    -Fubuntu

    ---
    ---Tässä logi----

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 17:11:01, on 2008/05/04
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    D:\Ohjelmat\Daemon Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    D:\Pelit\Steam\Steam.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest?updtConfId=4&updtReqId=1946283498
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
    O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
    O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Ohjelmat\Daemon Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Ohjelmat\OFFICE~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Ohjelmat\OFFICE~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183395270578
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - D:\Ohjelmat\Diskkeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 9329 bytes
     
  2.  
  3. Hujo

    Hujo Guest

    poista lisää poista sovelutuksesta

    SPYBOT

    Poista kansio vikasiedossa

    C:\Program Files\Spybot - Search & Destroy

    ========

    scannaa hjt:llä merkkaa paina Fix checked

    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

    ========

    Avaa Windows Defender.
    Klikkaa Tools ja General Settings.
    Selaa alas ja ota rasti pois Turn on real-time protection (recommended)-kohdasta.
    Tämän jälkeen klikkaa Save ja sulje Windows Defender.

    =========

    Javan päivitys ja välimuistin tyhjennys:

    1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
    2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
    Niissä pitäisi olla seuraava kuva vieressä: [​IMG]

    3. Valitse kaikki entiset Java versiosi ja valitse Poista.
    4. Asenna uusin Java päivitys seuraavasta linkistä..
    5. Käynnistä kone uudelleen asennuksen jälkeen:

    http://java.sun.com/javase/downloads/index.jsp

    Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u5

    Paina Download

    Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

    6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

    7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

    (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
    Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

    8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

    *Applications and Applets

    *Trace and Log Files

    Ja paina OK -nappia

    9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.

    10. Klikkaa OK jättääksesi Java asetusikkunasi.

    =========

    1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
    combofix1
    combofix2

    2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
    3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

    =========

    Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

    Käynnistä koneesi vikasietotilaan:

    sammuta ja käynnistä
    käynnistyksen yhteydessä hakkaa F8 nappia
    valitse nuolinäppäimellä vikasietotila
    paina enter ja enter
    valitse käyttäjätilisi
    paina kyllä

    Jossakin koneissa hakataan F8:sin sijasta F5:tä

    " Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
    " Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
    " Paina Y käynnistääksesi skriptin.
    " Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
    " Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
    " Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
    " Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
    " Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
    " Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.
     
  4. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Terve taas!

    Tein kaikki nuo ehdottamasi vaiheet, ja täytyy sanoa että jonkin verran kone kyllä nopeutui (Deus Ex toimii jo, muut pelit eivät), muttei se entisellään ole vieläkään.

    Tarkistin koneen myös Malwarebytes' Anti-Malware:lla, ja se löysi:
    Saastuneita rekisteriavaimia:
    HKEY_CURRENT_USER\Software\WakeNet (Trojan.Adware) -> No action taken.


    -Fubuntu

    Tässä on prosessissa syntyneet logit:
    =====================================

    ==== Combofix ====
    ========

    ComboFix 08-05-01.3 - Jani Mustonen 2008-05-07 19:04:42.1 - NTFSx86
    Microsoft Windows XP Professional 5.1.2600.2.1252.358.1033.18.1455 [GMT 3:00]
    Running from: C:\Documents and Settings\Jani Mustonen\Desktop\ComboFix.exe
    * Created a new restore point

    WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
    .

    ((((((((((((((((((((((((( Files Created from 2008-04-07 to 2008-05-07 )))))))))))))))))))))))))))))))
    .

    2008-05-07 18:37 . 2008-05-07 18:37 <DIR> d-------- C:\Program Files\Windows Defender
    2008-05-06 15:47 . 2008-05-07 18:04 3 --a------ C:\reska.htm
    2008-05-04 22:14 . 2008-05-04 22:14 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\Application Data\Malwarebytes
    2008-05-04 22:14 . 2008-05-04 22:14 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-05-04 19:55 . 2008-05-04 19:55 <DIR> d-------- C:\Documents and Settings\LocalService\Application Data\Webroot
    2008-05-04 19:54 . 2008-05-04 19:54 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\Application Data\Webroot
    2008-05-04 19:54 . 2008-05-04 19:54 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Webroot
    2008-05-04 19:54 . 2007-06-15 13:38 1,521,216 --a------ C:\WINDOWS\WRSetup.dll
    2008-05-04 19:54 . 2007-06-15 13:22 160,320 --a------ C:\WINDOWS\system32\drivers\ssidrv.sys
    2008-05-04 19:54 . 2007-06-15 13:22 24,128 --a------ C:\WINDOWS\system32\drivers\sskbfd.sys
    2008-05-04 19:54 . 2007-06-15 13:21 22,080 --a------ C:\WINDOWS\system32\drivers\sshrmd.sys
    2008-05-04 19:54 . 2007-06-15 13:21 20,544 --a------ C:\WINDOWS\system32\drivers\SSFS0BB8.sys
    2008-05-04 19:52 . 2008-05-04 19:52 164 --a------ C:\install.dat
    2008-05-04 17:36 . 2008-05-04 17:36 <DIR> d-------- C:\_OTMoveIt
    2008-05-04 17:10 . 2008-05-04 17:10 <DIR> d-------- C:\Program Files\Trend Micro
    2008-04-27 16:32 . 2008-04-27 16:32 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Diskeeper Corporation
    2008-04-27 16:01 . 2007-12-24 17:37 138,384 --a------ C:\WINDOWS\system32\drivers\tmcomm.sys
    2008-04-27 15:57 . 2008-04-27 15:57 25,992 --a------ C:\WINDOWS\system32\pgdfgsvc.exe
    2008-04-27 15:34 . 2008-04-27 15:34 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\.housecall6.6
    2008-04-13 12:33 . 2008-04-13 12:33 <DIR> d-------- C:\Program Files\Windows Live
    2008-04-13 12:33 . 2008-04-13 12:33 <DIR> d--hs---- C:\Program Files\Common Files\WindowsLiveInstaller
    2008-04-13 12:33 . 2008-04-13 12:33 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-04-08 20:16 . 2008-04-08 20:16 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\Application Data\Nokia Multimedia Player
    2008-04-08 19:52 . 2008-04-08 19:52 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\Application Data\Nokia
    2008-04-08 19:52 . 2008-04-08 19:52 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\PC Suite
    2008-04-08 19:50 . 2008-04-08 19:50 <DIR> d-------- C:\Program Files\PC Connectivity Solution
    2008-04-08 19:50 . 2008-04-08 19:50 <DIR> d-------- C:\Program Files\Common Files\PCSuite
    2008-04-08 19:50 . 2008-04-08 19:50 <DIR> d-------- C:\Program Files\Common Files\Nokia
    2008-04-08 19:50 . 2008-04-08 19:50 <DIR> d-------- C:\Documents and Settings\Jani Mustonen\Application Data\PC Suite
    2008-04-08 19:49 . 2007-02-22 10:15 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
    2008-04-08 19:49 . 2007-02-22 10:15 90,624 --a------ C:\WINDOWS\system32\nmwcdcls.dll
    2008-04-08 19:49 . 2007-02-22 10:15 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
    2008-04-08 19:49 . 2007-02-22 10:15 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
    2008-04-08 17:16 . 2008-04-08 17:15 691,545 --a------ C:\WINDOWS\unins000.exe
    2008-04-08 17:16 . 2008-04-08 17:16 2,555 --a------ C:\WINDOWS\unins000.dat

    .
    (((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2008-05-07 16:08 2,791,456 --sha-w C:\WINDOWS\system32\drivers\fidbox.dat
    2008-05-07 15:53 35,444 --sha-w C:\WINDOWS\system32\drivers\fidbox.idx
    2008-05-07 15:52 --------- d-----w C:\Program Files\Java
    2008-05-04 16:50 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-03-28 14:11 17,411,114 ----a-w C:\WINDOWS\Internet Logs\tvDebug.zip
    2008-03-21 13:55 --------- d-----w C:\Documents and Settings\Jani Mustonen\Application Data\mIRC
    2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\win32k.sys
    2008-03-19 09:47 1,845,248 ----a-w C:\WINDOWS\system32\dllcache\win32k.sys
    2008-03-17 19:09 --------- d-----w C:\Documents and Settings\All Users\Application Data\Installations
    2008-03-13 20:11 75,248 ----a-w C:\WINDOWS\zllsputility.exe
    2008-03-13 20:11 1,086,952 ----a-w C:\WINDOWS\system32\zpeng24.dll
    2008-02-28 16:29 409,600 ----a-w C:\WINDOWS\system32\wrap_oal.dll
    2008-02-28 16:29 114,688 ----a-w C:\WINDOWS\system32\OpenAL32.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
    2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\dllcache\gdi32.dll
    2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
    2008-02-20 05:32 45,568 ----a-w C:\WINDOWS\system32\dllcache\dnsrslvr.dll
    2008-02-20 05:32 148,992 ----a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
    2008-02-15 09:07 18,432 ----a-w C:\WINDOWS\system32\dllcache\iedw.exe
    .

    ((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Note* empty entries & legit default entries are not shown
    REGEDIT4

    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "DAEMON Tools"="D:\Ohjelmat\Daemon Tools\daemon.exe" [2006-11-12 12:48 157592]
    "ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-10 20:00 15360]
    "SpybotSD TeaTimer"="C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [ ]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ehTray"="C:\WINDOWS\ehome\ehtray.exe" [2005-08-05 13:56 64512]
    "LaunchApp"="" []
    "AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [2006-04-14 22:35 53248]
    "Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [2006-03-31 16:39 204800]
    "IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [2004-08-10 20:00 208952]
    "MSPY2002"="C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" [2004-08-10 20:00 59392]
    "RTHDCPL"="RTHDCPL.EXE" [2006-06-27 23:54 16248320 C:\WINDOWS\RTHDCPL.exe]
    "SkyTel"="SkyTel.EXE" [2006-05-16 03:04 2879488 C:\WINDOWS\SkyTel.exe]
    "ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [2006-05-30 12:11 421888]
    "Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [2006-03-15 22:12 579584]
    "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-03-03 13:07 761946]
    "LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-06-23 06:59 602112]
    "ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 11:12 90112]
    "eRecoveryService"="C:\Acer\Empowering Technology\eRecovery\eRAgent.exe" [2006-06-01 14:40 413696]
    "avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2008-03-29 20:37 79224]
    "NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50 155648]
    "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41 282624]
    "TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2006-12-25 15:45 185896]
    "ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-03-13 23:11 919016]
    "Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2006-11-03 19:20 866584]
    "SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]

    [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
    "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-08-10 20:00 15360]
    "Nokia.PCSync"="D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" [2007-11-07 17:35 1294336]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "InstallVisualStyle"= C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
    "InstallTheme"= C:\WINDOWS\Resources\Themes\Royale.theme

    [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
    "DisableMonitoring"=dword:00000001

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
    "EnableFirewall"= 0 (0x0)

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
    "%windir%\\system32\\sessmgr.exe"=
    "C:\\Program Files\\Messenger\\msmsgs.exe"=
    "D:\\Pelit\\Steam\\SteamApps\\hannumustonen\\counter-strike source\\hl2.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=

    [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
    "26804:TCP"= 26804:TCP:BitComet 26804 TCP
    "26804:UDP"= 26804:UDP:BitComet 26804 UDP

    R0 SSFS0BB8;Spy Sweeper File System Filer Driver: 0BB8;C:\WINDOWS\system32\Drivers\SSFS0BB8.SYS [2007-06-15 13:21]
    R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-03-29 20:31]
    R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-03-29 20:35]
    R2 SQLWriter;SQL Server VSS Writer;"C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe" [2007-02-10 05:29]
    S2 eLock2BurnerLockDriver;eLock2BurnerLockDriver;C:\WINDOWS\system32\eLock2BurnerLockDriver.sys []
    S2 eLock2FSCTLDriver;eLock2FSCTLDriver;C:\WINDOWS\system32\eLock2FSCTLDriver.sys []
    S3 mod7700;DiBcom based TV tuner device;C:\WINDOWS\system32\DRIVERS\mod7700.sys [2007-02-20 07:26]
    S3 MODRC;Ultima Infrared Receiver;C:\WINDOWS\system32\DRIVERS\modrc.sys [2007-02-06 12:10]

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd286-4f2a-11dc-887d-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd287-4f2a-11dc-887d-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd288-4f2a-11dc-887d-0016cf9bea0e}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd289-4f2a-11dc-887d-0016cf9bea0e}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd28a-4f2a-11dc-887d-0016cf9bea0e}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{47dfd28b-4f2a-11dc-887d-0016cf9bea0e}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7430-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7431-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7432-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7433-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7434-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7435-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7436-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b5bd7437-4ffb-11dc-887f-0016d45a8479}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d59c5c08-5005-11dc-8880-a335fb4fb237}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d59c5c09-5005-11dc-8880-a335fb4fb237}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d59c5c0a-5005-11dc-8880-a335fb4fb237}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d59c5c0b-5005-11dc-8880-a335fb4fb237}]
    \Shell\AutoRun\command - J:\VMC_PBStarter.exe

    *Newly Created Service* - CATCHME
    .
    Contents of the 'Scheduled Tasks' folder
    "2008-05-07 15:57:44 C:\WINDOWS\Tasks\MP Scheduled Scan.job"
    - C:\Program Files\Windows Defender\MpCmdRun.exe
    .
    **************************************************************************

    catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-07 19:08:28
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden autostart entries ...

    scanning hidden files ...

    scan completed successfully
    hidden files: 0

    **************************************************************************
    .
    Completion time: 2008-05-07 19:10:26
    ComboFix-quarantined-files.txt 2008-05-07 16:10:15

    Pre-Run: 32,945,401,856 bytes free
    Post-Run: 32,919,253,504 bytes free

    181 --- E O F --- 2008-04-14 19:26:07

    ====================================
    ====================================

    ==== SDFix ====
    ========

    SDFix: Version 1.180
    Run by Jani Mustonen on 2008/05/07 at 20:10

    Microsoft Windows XP [versio 5.1.2600]
    Running From: C:\SDFix

    Checking Services :


    Restoring Windows Registry Values
    Restoring Windows Default Hosts File

    Rebooting


    Checking Files :

    Trojan Files Found:

    C:\WINDOWS\antiv.exe - Deleted





    Removing Temp Files

    ADS Check :



    Final Check :

    catchme 0.3.1359.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
    Rootkit scan 2008-05-07 20:24:30
    Windows 5.1.2600 Service Pack 2 NTFS

    scanning hidden processes ...

    scanning hidden services & system hive ...

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg]
    "s1"=dword:48739f28
    "s2"=dword:7626b723
    "h0"=dword:00000001

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="D:\Ohjelmat\Daemon Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:8d,df,a4,4b,69,b4,89,f5,a3,8e,25,69,d9,77,03,c6,69,0f,0e,9e,3e,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,4f,d1,e2,f7,34,8e,f9,8e,a3,d0,25,e7,b1,bc,99,1a,91,..
    "khjeh"=hex:f9,aa,8a,d6,e3,30,20,f7,1a,3d,f6,d3,a3,4c,e1,67,98,fa,91,9b,28,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:69,a4,93,24,e4,f7,9f,27,45,00,6d,fd,07,e3,28,fa,37,3b,25,73,c1,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
    "p0"="D:\Ohjelmat\Daemon Tools\"
    "h0"=dword:00000000
    "khjeh"=hex:8d,df,a4,4b,69,b4,89,f5,a3,8e,25,69,d9,77,03,c6,69,0f,0e,9e,3e,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
    "a0"=hex:20,01,00,00,4f,d1,e2,f7,34,8e,f9,8e,a3,d0,25,e7,b1,bc,99,1a,91,..
    "khjeh"=hex:f9,aa,8a,d6,e3,30,20,f7,1a,3d,f6,d3,a3,4c,e1,67,98,fa,91,9b,28,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
    "khjeh"=hex:69,a4,93,24,e4,f7,9f,27,45,00,6d,fd,07,e3,28,fa,37,3b,25,73,c1,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..

    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43]
    "khjeh"=hex:c8,ff,85,26,f1,9b,ce,80,11,55,24,0e,0a,4f,32,e2,71,bf,37,a0,68,..

    scanning hidden registry entries ...

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{077ACEC7-979C-40AB-9835-435BA1511E0D}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{077ACEC7-979C-40AB-9835-435BA1511E0D}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{077ACEC7-979C-40AB-9835-435BA1511E0D}\MPPRE10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{077ACEC7-979C-40AB-9835-435BA1511E0D}\mppre10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{30C7234B-6482-4A55-A11D-ECD9030313F2}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{30C7234B-6482-4A55-A11D-ECD9030313F2}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\WMDM10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{30C7234B-6482-4A55-A11D-ECD9030313F2}\wmdm10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{981FB688-E76B-4246-987B-92083185B90A}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{981FB688-E76B-4246-987B-92083185B90A}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\WPD10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{981FB688-E76B-4246-987B-92083185B90A}\wpd10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{A47B3654-48EE-48A5-B629-97D70175E58F}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{A47B3654-48EE-48A5-B629-97D70175E58F}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\codecs10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{A47B3654-48EE-48A5-B629-97D70175E58F}\codecs10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\WMFSDK10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{AAC1D942-0B38-4E37-9E4E-5B96A9DD2170}\wmfsdk10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup\ExceptionComponents\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}]
    "FriendlyName"="Windows Media Files"
    "ComponentGUID"="{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}"
    "Version"=dword:000a0000
    "Sub-Version"=dword:000010ec
    "ExceptionInfName"=str(2):"C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\DRM10.inf"
    "ExceptionCatalogName"=str(2):"C:\WINDOWS\RegisteredPackages\{C5B8FBE9-645E-4484-A7AA-E8DA9A70DD77}\drm10.cat"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\System]
    "OODEFRAG10.00.00.01WORKSTATION"="3B3882033D8E4B2B91B6AE72C44F513150311A9C87BC19AFBCF60249A7695BA753F6D189821C47
    82774A0B71F55BDA0D65440B67860C088C7F218974CE2423E7603506B84261314D4C37E3603720738160957330CD35CFA7A45DB720A05A06
    2E593103053E32B038AACEE8C901D49E23A1A574BDAC6BF39D6FFC366C5FE19E43072DA20650A59ED18163406062EF93ECDAF71D79052A27
    F0FA55A31A6356C1D107702FF764160A90934D01777BADBD3D96957572CCAC5488B14093919716F36A4BC5E93A7923364B77E8B90A828E3C
    D2AE8D76588EF4942ED51B8DDC7BC1ECFD1BF90552FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E
    127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933FEBC9E127BECC74CA6A0AC4980AC79335D575E7D6A3B9808C0F87F3B44B1C6C1E7A3D6
    86EBA9F556A932352B02F2AA7549C19CB15765F9116034C1533446BD9B92A7C0DFAEC130B70BEEA43053ECD96C4DA039289DDF4BF6D83733
    C8415B2D1C153F1ED2C4009C1C939626F7E1915227A3372DA2CA52A569AD1AA9402466552666A4602BEAC9A5E0D0A46A9714D84D1A0C6201
    1C86E5AE1873BB2CBD69E0E7C01355AE97340B2D06E2D9D2071D3E78DEDB417678CEC78154D5BB772E72490C17B894E0AB06B0862F7CB675
    A30AC174327C39017BF0A7AA1492807D5E7220DC778B6706DE9A2FF9A368049E2CB866D6756B72C7CD13BAAE70FBB26000736C6AD453195D
    0D7FFC43CF01CD4B455BB4A82C3AD7A67F2BB8012877BEFBABD2B7B6C76937DD769593124337E1AF79FAB6E4000D9A2C0006DF0D9C805759
    5A400EB988BF9332BB94F10A320FD32FB2EFFDFEBE9EAD1DA5C1EFB054A5EF3B6A41815C7857C33667049C4574217967C1E99CDB573BCA6F
    A8542D3D7808C2159E2D290018C8A47BE14397CD061AEFA6DC6C2BD2DF44ED51A70460F957DE4C909D321E778F3FD0C77D826E2508B995EC
    1B4CC4B212AFD51FA36D5620E374CE8871D1FC87AAF9AD14EAC9B03DBB538DF277B60B3CC90607EE8180E05EB1A5CD8F085EE86D57CB5F8F
    C3F06F000A503FA255A81EA207644A860C80D2D4FCE59368B5828757A79BCF9B82A6C2C901AED41B77F52890F07CACE1EE84069BA1BB2E8C
    2E3B806954652ECB86ECC468CC7A3FAE06C45424CE147CB13CF957BCA3C0EC288D57033937B8EBEA931914A1C4DBAF620E90D16B8E83CE58
    6A1F2634A623E59B527D40524F3841765055D32E5F899E737F27D4EDBF397C6DD00957F576A6717CDDA5EE343F1B25A0C81EA937374F474D
    2FAC952398B420BC2F9E5467809F2E91771D4750CEADD8CCEBC6415F8E0E28955516CD79F08D1AC5241B0A63D5797BD8C9830890E74EDA97
    8D7449B9483A84200EAF3E50C66B0FBB3890E7B6AC32008261CFF1CC9970754BE4"
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Prefetcher]
    "TracesProcessed"=dword:0000005d
    "LastTraceFailure"=dword:00000004

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0


    Remaining Services :




    Authorized Application Key Export:

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
    "D:\\Pelit\\Steam\\SteamApps\\hannumustonen\\counter-strike source\\hl2.exe"="D:\\Pelit\\Steam\\SteamApps\\hannumustonen\\counter-strike source\\hl2.exe:*:Enabled:hl2"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019"
    "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
    "C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="C:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

    Remaining Files :


    File Backups: - C:\SDFix\backups\backups.zip

    Files with Hidden Attributes :

    Tue 27 Jun 2006 1,024 A..HR --- "C:\WINDOWS\system32\NTIBUN4.dll"
    Tue 27 Jun 2006 1,024 A..HR --- "C:\WINDOWS\system32\NTICDMK7.dll"
    Tue 27 Jun 2006 1,024 A..HR --- "C:\WINDOWS\system32\NTIFCD3.dll"
    Tue 27 Jun 2006 1,024 A..HR --- "C:\WINDOWS\system32\NTIMP3.dll"
    Tue 27 Jun 2006 1,024 A..HR --- "C:\WINDOWS\system32\NTIMPEG2.dll"
    Tue 10 Apr 2007 4,348 A.SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
    Wed 9 Apr 2008 135,680 A..H. --- "C:\Documents and Settings\Jani Mustonen\Desktop\~WRL0002.tmp"
    Thu 10 Apr 2008 138,240 A..H. --- "C:\Documents and Settings\Jani Mustonen\Desktop\~WRL2715.tmp"
    Thu 20 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\1db9e52f9e862450a2af87f2f5a16dbc\BIT2.tmp"
    Thu 20 Sep 2007 0 A..H. --- "C:\WINDOWS\SoftwareDistribution\Download\6669d04be19822840dc12f3a3a5047fc\BIT1.tmp"
    Sat 13 Jan 2007 888 A..HR --- "C:\Documents and Settings\Jani Mustonen\Application Data\SecuROM\UserData\securom_v7_01.bak"

    Finished!

    ============================
    ============================

    ==== HijackThis ====
    ==========

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 20:50:52, on 2008/05/07
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    D:\Ohjelmat\Daemon Tools\daemon.exe
    D:\Ohjelmat\Diskkeeper\DkService.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    D:\Ohjelmat\Spy Sweeper\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest?updtConfId=4&updtReqId=1946283498
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"
    O4 - HKLM\..\Run: [Acer ePresentation HPD] "C:\Acer\Empowering Technology\ePresentation\ePresentation.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Boot] "C:\Acer\Empowering Technology\ePower\Boot.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\eRAgent.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Ohjelmat\Daemon Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe"
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Ohjelmat\OFFICE~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Ohjelmat\OFFICE~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll (file missing)
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183395270578
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - D:\Ohjelmat\Diskkeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Ohjelmat\Spy Sweeper\Spy Sweeper\SpySweeper.exe

    --
    End of file - 9549 bytes
     
    Viimeksi muokattu: 07.05.2008
  5. Hujo

    Hujo Guest

    Poista toi Spybot,koneelta
     
  6. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Terve taas!

    Spybot - Search & Destroy on nyt poistettu.

    -Fubuntu

    ========================================
    HijackThis logi Spybotin poiston jälkeen:
    ========================================

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 15:21:20, on 2008/05/12
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
    D:\Ohjelmat\Daemon Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\oodag.exe
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    D:\Ohjelmat\Spy Sweeper\Spy Sweeper\SpySweeper.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Messenger\usnsvc.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Documents and Settings\Jani Mustonen\Application Data\Real\Update\setup\setup.exe
    C:\DOCUME~1\JANIMU~1\LOCALS~1\Temp\temp1.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest?updtConfId=4&updtReqId=1946283498
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"
    O4 - HKLM\..\Run: [Acer ePresentation HPD] "C:\Acer\Empowering Technology\ePresentation\ePresentation.exe"
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [MSPY2002] "C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe" /SYNC
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Boot] "C:\Acer\Empowering Technology\ePower\Boot.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\eRAgent.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Ohjelmat\Daemon Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Ohjelmat\OFFICE~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Ohjelmat\OFFICE~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183395270578
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - D:\Ohjelmat\Diskkeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
    O23 - Service: Webroot Spy Sweeper Engine (WebrootSpySweeperService) - Webroot Software, Inc. - D:\Ohjelmat\Spy Sweeper\Spy Sweeper\SpySweeper.exe

    --
    End of file - 9301 bytes
     
  7. Hujo

    Hujo Guest

    Jos tässä on tausta suojaus päällä Windows Defender
    ota se pois päältä.
    ==
    Mites kone toimii
     
  8. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Windows Defenderin taustasuojaus on pois päältä.

    Tossa äskön taas testailin onko mikään parantunut, tulos oli peleissä tämä:

    Counter Strike: Sourcessä botteja vastaan pelatessa fps on koko ajan siinä 60+, joten se ei ole ongelma, kaikki pyörii täysin sulavasti, mutta sen oman terroristiparan ohjaus jää jumiin vähän väliä, tarkoittaen että jos vaikka nurkan takaa tulee vihu ja sitä pitäisi ampua, ja painan ukkoni juoksemaan sivuttain ja ammun vihun, tämän jälkeen ohjaus jää "jumiin", ja ukkoni jatkaa tuota sivuttain juoksua vähintään 5 sek ajan tyhjentäen samalla koko lippaan talon seinään. Ja taas kohta saan kontrollin ja sama toistuu kohta. Tämä ongelma tuntuu kulminoituvan aina kun pitäisi ampua joku.

    Sama juttu FlatOut2:ssa; ensimmäisestä mutkasta ei läpi pääse mitenkään kun auto ei suostu kääntymään kuin vasta noin 10 sekunnin viivellä. Tekoälyautoja tämä ei koske, ne ohittavat minut monilla kierroksilla.

    Tämä sama toistuu noissa kahdessa pelissä aivan sama millä grafiisilla asetuksilla niitä pyöritetään. Ennen on tällä koneella kyseiset pelit toimineet ilman ongelmia. Vanhemmat pelit, kuten Deus Ex ja Age of Empires II on ruvennut jo toimimaan.

    Kovalevyasemilla tilaa on seuraavasti:
    C 30,6GT/53,2GT (Windows XP, sekalaisia ohjelmia)
    D 18,8GT/53,6GT (Ohjelmat, pelit, kaikki sälä)
    Molempien asemien pirstoutuneisuus noin 1% luokkaa.
    Muistin varaus Tehtävienhallinnassa 690M / 3938M.
    Prosessori pyörii nykyään ilman rasitusta siinä 5-20% alueilla, se on tullut siis noin 20% alaspäin.

    Tämän koneen tehot ovat seuraavat:
    Acer Aspire 5010 AWLMi - läppäri
    - AMD Turion 2.0GhZ
    - ATI Mobility Radeon X1300 512MB (Hypermemory)
    - 2GB DDR2

    Eli vielä ei ole kunnossa, mutta parannusta on jo vähäsen.

    -Fubuntu
     
  9. Hujo

    Hujo Guest

    Luo poistolista:
    • Avaa HiJackThis
    • Klikkaa "Configure" valintaa oikealla alhaalla
    • Klikkaa "Misc Tools"
    • Klikkaa boxia joka sanoo "Uninstall Manager"
    • Klikkaa valintaa "Save list"
    • Kopioi ja liitä kyseinen lista muistiosta postiisi
     
  10. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Tässä poistolista.

    - Fubuntu

    =======================
    HijackThis poistolista:
    =========

    7-Zip 4.42
    Acer Empowering Technology
    Acer ePerformance Management
    Acer ePower Management
    Acer ePresentation Management
    Acer eSettings Management
    Acer GridVista
    Acer OrbiCam
    Acer Screensaver
    Ad-Aware SE Personal
    Adobe Flash Player 9 ActiveX
    Adobe Photoshop 7.0
    Adobe Reader 7.0.9
    AOK Mod Pack Studio
    ArtecMedia T14BR DVBT player 4.0.0.15
    ATI - Software Uninstall Utility
    ATI Catalyst Control Center
    ATI Display Driver
    ATI Parental Control & Encoder
    ATI Parental Control & Encoder
    Audacity 1.2.6
    avast! Antivirus
    BitComet 0.84
    BSPlayer
    CCleaner (remove only)
    Crimson Editor (remove only)
    DC++ 0.699
    Deus Ex
    Diskeeper 2008 Home
    DivX Codec
    DivX Player
    EasyPHP 2.0b1
    Final Fantasy VII - Ultima Edition
    FINAL FANTASY VIII
    FlatOut2
    FREE Hi-Q Recorder 1.92
    GemMaster Mystic
    High Definition Audio Driver Package - KB888111
    HijackThis 2.0.2
    Hotfix for Windows Media Player 10 (KB903157)
    Hotfix for Windows XP (KB888795)
    Hotfix for Windows XP (KB891593)
    Hotfix for Windows XP (KB895961)
    Hotfix for Windows XP (KB899337)
    Hotfix for Windows XP (KB899510)
    Hotfix for Windows XP (KB902841)
    Hotfix for Windows XP (KB935448)
    Java DB 10.2.2.0
    Java(TM) 6 Update 6
    Java(TM) SE Development Kit 6 Update 3
    Java(TM) SE Runtime Environment 6 Update 1
    Launch Manager
    Localization Pack for Microsoft Windows XP Media Center Edition
    Malwarebytes' Anti-Malware
    MetaFrame Presentation Server Web Client for Win32
    Microsoft .NET Framework 1.0 Hotfix (KB887998)
    Microsoft .NET Framework 1.0 Hotfix (KB930494)
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 1.1 Finnish Language Pack
    Microsoft .NET Framework 1.1 Hotfix (KB928366)
    Microsoft .NET Framework 2.0 Service Pack 1
    Microsoft Age of Empires II
    Microsoft Age of Empires II: The Conquerors Expansion
    Microsoft MSDN 2005 Express Edition - ENU
    Microsoft Office Professional Edition 2003
    Microsoft Office Visio Professional 2003
    Microsoft Office Visio Viewer 2003 (English)
    Microsoft Platform SDK (R2) (3790.2075)
    Microsoft SQL Server 2005
    Microsoft SQL Server 2005 Express Edition (SQLEXPRESS)
    Microsoft SQL Server 2005 Tools Express Edition
    Microsoft SQL Server Native Client
    Microsoft SQL Server Setup Support Files (English)
    Microsoft SQL Server VSS Writer
    Microsoft Visual Basic 2005 Express Edition - ENU
    Microsoft Visual Basic 2005 Express Edition - ENU
    mIRC
    Mozilla Firefox (2.0.0.14)
    MSVC80_x86
    MSXML 4.0 SP2 (KB927978)
    MSXML 4.0 SP2 (KB936181)
    MSXML 6.0 Parser (KB933579)
    MSXML4 Parser
    Nero OEM
    Nokia Connectivity Cable Driver
    Nokia PC Suite
    Nokia PC Suite
    Otto
    PC Connectivity Solution
    PowerISO
    Preconfigured PHP Package 5.2.2
    QuickTime
    RealPlayer
    Realtek High Definition Audio Driver
    Security Update for CAPICOM (KB931906)
    Security Update for CAPICOM (KB931906)
    Security Update for Windows Media Player 10 (KB917734)
    Security Update for Windows Media Player 10 (KB936782)
    Security Update for Windows Media Player 6.4 (KB925398)
    Security Update for Windows XP (KB893756)
    Security Update for Windows XP (KB896358)
    Security Update for Windows XP (KB896423)
    Security Update for Windows XP (KB896424)
    Security Update for Windows XP (KB896428)
    Security Update for Windows XP (KB899587)
    Security Update for Windows XP (KB899591)
    Security Update for Windows XP (KB900725)
    Security Update for Windows XP (KB901017)
    Security Update for Windows XP (KB901190)
    Security Update for Windows XP (KB901214)
    Security Update for Windows XP (KB902400)
    Security Update for Windows XP (KB904706)
    Security Update for Windows XP (KB905414)
    Security Update for Windows XP (KB905749)
    Security Update for Windows XP (KB908519)
    Security Update for Windows XP (KB911562)
    Security Update for Windows XP (KB911927)
    Security Update for Windows XP (KB912919)
    Security Update for Windows XP (KB913580)
    Security Update for Windows XP (KB914388)
    Security Update for Windows XP (KB914389)
    Security Update for Windows XP (KB917344)
    Security Update for Windows XP (KB917422)
    Security Update for Windows XP (KB917953)
    Security Update for Windows XP (KB918118)
    Security Update for Windows XP (KB918439)
    Security Update for Windows XP (KB919007)
    Security Update for Windows XP (KB920213)
    Security Update for Windows XP (KB920670)
    Security Update for Windows XP (KB920683)
    Security Update for Windows XP (KB920685)
    Security Update for Windows XP (KB921398)
    Security Update for Windows XP (KB921503)
    Security Update for Windows XP (KB922616)
    Security Update for Windows XP (KB922819)
    Security Update for Windows XP (KB923191)
    Security Update for Windows XP (KB923414)
    Security Update for Windows XP (KB923689)
    Security Update for Windows XP (KB923694)
    Security Update for Windows XP (KB923789)
    Security Update for Windows XP (KB923980)
    Security Update for Windows XP (KB924191)
    Security Update for Windows XP (KB924270)
    Security Update for Windows XP (KB924496)
    Security Update for Windows XP (KB924667)
    Security Update for Windows XP (KB925454)
    Security Update for Windows XP (KB925486)
    Security Update for Windows XP (KB925902)
    Security Update for Windows XP (KB926255)
    Security Update for Windows XP (KB926436)
    Security Update for Windows XP (KB927779)
    Security Update for Windows XP (KB927802)
    Security Update for Windows XP (KB928090)
    Security Update for Windows XP (KB928255)
    Security Update for Windows XP (KB928843)
    Security Update for Windows XP (KB929123)
    Security Update for Windows XP (KB929969)
    Security Update for Windows XP (KB930178)
    Security Update for Windows XP (KB931261)
    Security Update for Windows XP (KB931768)
    Security Update for Windows XP (KB931784)
    Security Update for Windows XP (KB932168)
    Security Update for Windows XP (KB933566)
    Security Update for Windows XP (KB933729)
    Security Update for Windows XP (KB935839)
    Security Update for Windows XP (KB935840)
    Security Update for Windows XP (KB936021)
    Security Update for Windows XP (KB937143)
    Security Update for Windows XP (KB937894)
    Security Update for Windows XP (KB938127)
    Security Update for Windows XP (KB938829)
    Security Update for Windows XP (KB939653)
    Security Update for Windows XP (KB941202)
    Security Update for Windows XP (KB941568)
    Security Update for Windows XP (KB941569)
    Security Update for Windows XP (KB941644)
    Security Update for Windows XP (KB941693)
    Security Update for Windows XP (KB942615)
    Security Update for Windows XP (KB943055)
    Security Update for Windows XP (KB943460)
    Security Update for Windows XP (KB943485)
    Security Update for Windows XP (KB944338)
    Security Update for Windows XP (KB944533)
    Security Update for Windows XP (KB944653)
    Security Update for Windows XP (KB945553)
    Security Update for Windows XP (KB946026)
    Security Update for Windows XP (KB947864)
    Security Update for Windows XP (KB948590)
    Security Update for Windows XP (KB948881)
    SMSC IrCC V5.1.3600.7
    Soft Data Fax Modem with SmartCP
    Sonic Encoders
    Spy Sweeper
    SpywareBlaster v3.5.1
    Steam(TM)
    Synaptics Pointing Device Driver
    Update for Windows Media Player 10 (KB913800)
    Update for Windows Media Player 10 (KB926251)
    Update for Windows XP (KB894391)
    Update for Windows XP (KB898461)
    Update for Windows XP (KB900485)
    Update for Windows XP (KB908531)
    Update for Windows XP (KB910437)
    Update for Windows XP (KB911280)
    Update for Windows XP (KB912945)
    Update for Windows XP (KB916595)
    Update for Windows XP (KB920872)
    Update for Windows XP (KB922582)
    Update for Windows XP (KB927891)
    Update for Windows XP (KB929338)
    Update for Windows XP (KB930916)
    Update for Windows XP (KB931836)
    Update for Windows XP (KB933360)
    Update for Windows XP (KB938828)
    Update for Windows XP (KB942763)
    Update for Windows XP (KB942840)
    Update for Windows XP (KB946627)
    Update Rollup 2 for Windows XP Media Center Edition 2005
    Version 3.1
    Windows Defender
    Windows Driver Package - Ultima (mod7700) Media (02/19/2007 3.6.0.1)
    Windows Driver Package - Ultima (MODRC) HIDClass (02/06/2007 2.0.1.0)
    Windows Installer 3.1 (KB893803)
    Windows Live installer
    Windows Live Messenger
    Windows Live OneCare safety scanner
    Windows Liven kirjautumisavustaja
    Windows Media Format Runtime
    Windows XP Hotfix - KB873339
    Windows XP Hotfix - KB885835
    Windows XP Hotfix - KB885836
    Windows XP Hotfix - KB885855
    Windows XP Hotfix - KB885884
    Windows XP Hotfix - KB886185
    Windows XP Hotfix - KB887472
    Windows XP Hotfix - KB888239
    Windows XP Hotfix - KB888302
    Windows XP Hotfix - KB890859
    Windows XP Hotfix - KB891781
    Windows XP Media Center Edition 2005 KB912067
    Windowsin ohjainpaketti - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)
    Windowsin ohjainpaketti - Nokia Modem (08/03/2007 6.84.0.2)
    Windowsin ohjainpaketti - Nokia Modem (10/12/2007 3.6)
    WinRAR-pakkausohjelma
    Vodafone Mobile Connect
    Vodafone Mobile Connect Lite Runtime Components
    ZoneAlarm
     
  11. Hujo

    Hujo Guest

    Poista lisää poista sovelutuksesta

    Spy Sweeper
    Java(TM) SE Runtime Environment 6 Update 1

    Poista vikasiedossa kansio

    D:\Ohjelmat\Spy Sweeper

    ===========

    Scannaa hjt:llä merkkaa paina Fix checked


    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/d...://uk.yahoo.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

    ==============

    Käynnistä > suorita kirjoita msconfig > ok
    Käynnistys välilehti

    Ota alla olevien edestä ruksi pois

    IMJPMIG
    ImScInst
    qttask
    realsched
    jusched
    PcSync2

    käytä ja ok
    Käynnistä kone uudelleen ja laita pikkuseen neliöön ruksi ja paina sitten vasta ok

     
  12. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Terve taas!

    Tein nuo kaikki vaiheet läpi.
    PcSync2 ei löytynyt msconfigista, muuten kaikki onnistui.

    Niin ja pistin vielä CCleanerinkin läpi, se poisti noin 200mb roskaa...ihmeellistä kuinka on kertynyt, justiinsa viime viikolla senkin vedin läpi.

    - Fubuntu

    =====================================
    HijackThis logi operaatioiden jälkeen:
    =====================================

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 18:02:23, on 2008/05/12
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\WINDOWS\eHome\ehmsas.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    D:\Ohjelmat\Daemon Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest?updtConfId=4&updtReqId=1946283498
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"
    O4 - HKLM\..\Run: [Acer ePresentation HPD] "C:\Acer\Empowering Technology\ePresentation\ePresentation.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Boot] "C:\Acer\Empowering Technology\ePower\Boot.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\eRAgent.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Ohjelmat\Daemon Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Ohjelmat\OFFICE~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\npjpi160_06.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Ohjelmat\OFFICE~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183395270578
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - D:\Ohjelmat\Diskkeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 7766 bytes
     
  13. Hujo

    Hujo Guest

    Lataa: RegSeeker.zip työpöydälle:

    Pura zip C:\RegSeeker\ kansioon. Sieltä käynnistät RegSeeker.exe ohjelman.
    Oikeasa yläkulmassa on Languages.... linkki, josta valitset Suomenkielen.
    Vasemmasta alakulmasta ruksit Luo vrmuuskopio ja sitten linkki Puhdista rekisteri
    Ruksit kaikkiin muihin kohtiin paitsi "Käyttökelvottomat.." sitten "OK" (odotat hetken).
    Ruutuun ilmestyy lista epäkelvoista rekisterimerkinnöistä, jotka alapalkista Valitse kohdasta
    klikkaat Valitse kaikki jolloin valitut saavat keltaisen pohjavärin.
    Alapalkin Toiminnot linkistä klikkaat Poista valitut kohteet
    Ponnahdusikkunaan "Kaikki valitut kohteet poistetaan ? vastaat "OK".
    Seuraavaan Ponnahdusikkunaan "Varmuuskopiot" vastaat "OK".
    Klikaa vasemmalta Lopeta RegSeeker ja käynnistä koneesi uudelleen.

    =================

    pistäs sitten omat työkalut käyttöön

    levyn uudelleeen järjestäminen
    levyn eheytys
     
  14. Fubuntu

    Fubuntu Member

    Liittynyt:
    04.05.2008
    Viestejä:
    7
    Kiitokset:
    0
    Pisteet:
    11
    Terve!

    Pistin tossa noi levyasemien järjestämisen ja eheytyksen läpi. Tämän jälkeen tein jälleen pelitestejä. Tulos oli seuraava:

    FlatOut2 oli parantunut huomattavasti. Pääsin 2 kierrosta ilman minkäänlaisia ongelmia, jonka jälkeen ongelmat palasivat, tosin erittäin lievänä. Ei se normaali ole vieläkään, mutta pelikelvollinen.
    Counter Strike: Source toimi täysin normaalisti. En kertaakaan huomannut ongelmia ohjaamisen kanssa.

    Eli joissain pelissä vielä on jäljellä tuota outoa pätkimistä, mutta muuten kone toimii nyt normaalisti. Mutta ne jäljellä olevat suorituskyvyn puuttumiset taitavat sitten johtua muusta kuin haittaohjelmista, vai kuinka? Löytyykös tuosta logista vielä mitään huomautettavaa vai onko jo kiitoksen paikka siihen suuntaan?

    - Fubuntu

    ========================
    HijackThis logi
    =======================

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:49:04, on 2008/05/15
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Windows Defender\MsMpEng.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\ehome\ehtray.exe
    C:\WINDOWS\eHome\ehmsas.exe
    C:\WINDOWS\RTHDCPL.EXE
    C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    C:\PROGRA~1\LAUNCH~1\LManager.exe
    C:\Acer\Empowering Technology\eRecovery\eRAgent.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Ohjelmat\Daemon Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    C:\WINDOWS\eHome\ehRecvr.exe
    C:\WINDOWS\eHome\ehSched.exe
    C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\ZONELABS\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\system32\wbem\unsecapp.exe
    C:\WINDOWS\system32\dllhost.exe
    C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    D:\Pelit\Steam\Steam.exe
    d:\pelit\steam\steamapps\hannumustonen\counter-strike source\hl2.exe
    D:\Pelit\Steam\GameOverlayUI.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.zonelabs.com/downloadrequest?updtConfId=4&updtReqId=1946283498
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.2.7.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
    O4 - HKLM\..\Run: [AzMixerSel] "C:\Program Files\Realtek\InstallShield\AzMixerSel.exe"
    O4 - HKLM\..\Run: [Acer ePresentation HPD] "C:\Acer\Empowering Technology\ePresentation\ePresentation.exe"
    O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
    O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
    O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
    O4 - HKLM\..\Run: [Boot] "C:\Acer\Empowering Technology\ePower\Boot.exe"
    O4 - HKLM\..\Run: [SynTPEnh] "C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
    O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
    O4 - HKLM\..\Run: [eRecoveryService] "C:\Acer\Empowering Technology\eRecovery\eRAgent.exe"
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
    O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\Ohjelmat\Daemon Tools\daemon.exe" -lang 1033
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "D:\Ohjelmat\Nokia PC Suite\Nokia PC Suite\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
    O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
    O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://D:\Ohjelmat\OFFICE~1\OFFICE11\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Ohjelmat\OFFICE~1\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1183395270578
    O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Diskeeper - Diskeeper Corporation - D:\Ohjelmat\Diskkeeper\DkService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe

    --
    End of file - 8048 bytes


    - Fubuntu
     

Jaa tämä sivu