kone on hidas

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi Godspit 05.01.2006.

  1. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    eli kone on vahän hidas ja tuntuu jotenkin "tahmeelta". olen tehnyt virus tarkastuksen mutta mitään ei löydy ja eheyttänyt levyn. suoritinkäyttö on myös korkealla.


    tässä vielä hjt loki:
    Logfile of HijackThis v1.99.1
    Scan saved at 23:39:07, on 5.1.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\NetLimiter 2\nlsvc.exe
    C:\NORMAN\Bin\Zanda.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\NORMAN\Nvc\bin\nvcoas.exe
    C:\NORMAN\bin\NJEEVES.EXE
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\ALCWZRD.EXE
    C:\ATI-CPanel\atiptaxx.exe
    C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    C:\NORMAN\bin\ZLH.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\WhatPulse\WhatPulse.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\NORMAN\Nvc\BIN\NIP.EXE
    C:\NORMAN\Nvc\bin\cclaw.exe
    C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
    C:\Program Files\Netropa\Onscreen Display\OSD.exe
    C:\Program Files\Netropa\InetKb\Inetkb.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\taskmgr.exe
    C:\hjt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
    O4 - HKLM\..\Run: [High Definition Audio -ominaisuussivun pikakuvake] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: CoreCenter.lnk = C:\Program Files\Core Center\CoreCenter.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
    O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
    O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
    O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2\nlsvc.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Unknown owner - C:\NORMAN\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe
     
  2.  
  3. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    ei prkl. meni ihan väärälle alueelle. voisko joku moderaattori siirtää oikeellee alueelle?
     
  4. Jannejt

    Jannejt Moderator Ylläpitäjä

    Liittynyt:
    10.02.2005
    Viestejä:
    5,045
    Kiitokset:
    6
    Pisteet:
    118
    siirretty :)
     
  5. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Eipä tuosta mitään vaarallista oikein löydy. Muutama tuossa noita "turhaan" käynnistyviä ohjelmia on, joten niitä karsimalla kone saattaisi ainakin hieman nopeutua. Millaiset ovat koneen tarkemmat tiedot? Eli mikä prossu, ja paljonko muistia käytössä nyt näin ensimmäisenä.
     
  6. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    muistia on 1024 ja käytössä 415. prossu on Intel Pentium 4 550, 3400 MHz (17 x 200)
     
    Viimeksi muokattu: 06.01.2006
  7. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
  8. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    Voit fixata seuraavat mielesi mukaan niin saadaan lisää tehoja vapautettua:

    O4 - HKLM\..\Run: [High Definition Audio -ominaisuussivun pikakuvake] HDAudPropShortcut.exe
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Startup: Xfire.lnk = C:\Program Files\Xfire\Xfire.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE

    Katso todella tarvitseeko näiden käynnistyä automaattisesti.
    Käynnistä kone lopuksi uudelleen ja katso näkyykö ero =)
     
  9. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    käyköhän kone liian kuumana kun tuuletinkin käy tuhatta ja sataa
     
  10. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 16:36:34, 6.1.2006
    + Report-Checksum: 5B012C6A

    + Scan result:

    HKLM\SOFTWARE\Altnet -> Spyware.Altnet : Error during cleaning
    HKLM\SOFTWARE\Altnet\Dashboard -> Spyware.Altnet : Error during cleaning
    HKLM\SOFTWARE\Altnet\Dashboard\Messages -> Spyware.Altnet : Error during cleaning
    :mozilla.6:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned without backup
    :mozilla.21:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Com : Cleaned without backup
    :mozilla.22:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Com : Cleaned without backup
    :mozilla.23:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned without backup
    :mozilla.33:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.34:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.35:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.36:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.37:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.38:C:\Documents and Settings\TUOMAS\Application Data\Mozilla\Firefox\Profiles\0k5gb8it.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned without backup
    :mozilla.9:C:\Documents and Settings\VEERA\Application Data\Mozilla\Firefox\Profiles\8dpoeuu8.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned without backup
    :mozilla.10:C:\Documents and Settings\VEERA\Application Data\Mozilla\Firefox\Profiles\8dpoeuu8.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned without backup
    :mozilla.11:C:\Documents and Settings\VEERA\Application Data\Mozilla\Firefox\Profiles\8dpoeuu8.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned without backup
    :mozilla.15:C:\Documents and Settings\VEERA\Application Data\Mozilla\Firefox\Profiles\8dpoeuu8.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned without backup
    :mozilla.16:C:\Documents and Settings\VEERA\Application Data\Mozilla\Firefox\Profiles\8dpoeuu8.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned without backup
    :mozilla.10:C:\Documents and Settings\VILLE\Application Data\Mozilla\Firefox\Profiles\tqrzqne7.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned without backup
    :mozilla.11:C:\Documents and Settings\VILLE\Application Data\Mozilla\Firefox\Profiles\tqrzqne7.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned without backup


    ::Report End
     
  11. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Kokeilepas ajaa ewido vikasiedossa (pelkkä registry scan riittää) ja tallenna raportti. Jos saataisiin tuo altnet pois :)
     
  12. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    escan: File C:\Documents and Settings\TUOMAS\Local Settings\Temp\InstaFinderK_inst.exe tagged as not-a-virus:AdWare.Win32.404Search.h. No Action Taken.
     
  13. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Ei eScan, vaan Ewido =)
     
  14. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
     
  15. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    Okei. Kokeile nyt kuitenkin ajaa se Ewido vikasiedossa, niinkuin -kemisti- neuvoi... eScan ei liikaa löytänytkään näköjään. Voisit silti tuon Temp kansion tyhjentää. >C:\Documents and Settings\TUOMAS\Local Settings\Temp <===
     
  16. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    tehty
     
  17. spertti

    spertti Active member

    Liittynyt:
    01.06.2005
    Viestejä:
    1,222
    Kiitokset:
    0
    Pisteet:
    66
    No laitatko vielä sen lokin ihmeteltäväksi, jotta nähdään lähtikö tuo Altnet suosiolla, vai otetaanko kovemmat otteet käyttöön =)
     
  18. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    Ja oletko katsonut koneesi lämmöt? Saattaa olla ihan rautavika.
     
  19. Godspit

    Godspit Member

    Liittynyt:
    22.07.2005
    Viestejä:
    44
    Kiitokset:
    0
    Pisteet:
    16
    Logfile of HijackThis v1.99.1
    Scan saved at 12:35:50, on 8.1.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\NetLimiter 2\nlsvc.exe
    C:\NORMAN\Bin\Zanda.exe
    C:\WINDOWS\system32\slserv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\NORMAN\bin\NJEEVES.EXE
    C:\NORMAN\Nvc\bin\nvcoas.exe
    C:\NORMAN\Nvc\BIN\nipsvc.exe
    C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\ATI-CPanel\atiptaxx.exe
    C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
    C:\NORMAN\bin\ZLH.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\NORMAN\Nvc\BIN\NIP.EXE
    C:\NORMAN\Nvc\bin\cclaw.exe
    C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
    C:\Program Files\Netropa\Onscreen Display\OSD.exe
    C:\Program Files\Netropa\InetKb\Inetkb.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\ATI-CPanel\atiptaxx.exe
    C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
    C:\NORMAN\bin\ZLH.EXE
    C:\Program Files\WhatPulse\WhatPulse.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Netropa\Multimedia Keyboard\TrayMon.exe
    C:\Program Files\Netropa\Onscreen Display\OSD.exe
    C:\Program Files\Netropa\InetKb\Inetkb.exe
    C:\NORMAN\Nvc\BIN\NIP.EXE
    C:\NORMAN\Nvc\bin\cclaw.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\hjt.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ATIPTA] C:\ATI-CPanel\atiptaxx.exe
    O4 - HKLM\..\Run: [MULTIMEDIA KEYBOARD] C:\Program Files\Netropa\Multimedia Keyboard\MMKeybd.exe
    O4 - HKLM\..\Run: [LWBMOUSE] C:\Program Files\FSC\Wireless Wheel Mouse\MOUSE32A.EXE
    O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\bin\ZLH.EXE /LOAD /SPLASH
    O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Adobe Gamma Loader.lnk = ?
    O4 - Global Startup: CoreCenter.lnk = C:\Program Files\Core Center\CoreCenter.exe
    O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
    O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
    O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
    O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
    O9 - Extra 'Tools' menuitem: Noble Poker - {B723B1B8-9788-4684-ADA7-D1DB02E1D516} - C:\Program Files\Noble Poker\casino.exe (file missing)
    O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
    O10 - Broken Internet access because of LSP provider 'xfire_lsp_10650.dll' missing
    O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe
    O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
    O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:\Program Files\NetLimiter 2\nlsvc.exe
    O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\bin\NJEEVES.EXE
    O23 - Service: Norman ZANDA - Unknown owner - C:\NORMAN\Bin\Zanda.exe
    O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\bin\nvcoas.exe
    O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
    O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\PROGRA~1\COMMON~1\SONYSH~1\AVLib\Sptisrv.exe


    miten mä noi koneen lämmöt nään??
     
  20. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
  21. prik

    prik Regular member

    Liittynyt:
    25.11.2005
    Viestejä:
    343
    Kiitokset:
    0
    Pisteet:
    26

Jaa tämä sivu