Logi

imaco · 06.10.2006

Logfile of HijackThis v1.99.1
Scan saved at 16:14:23, on 6.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0007)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\WINDOWS\System32\GEARSec.exe
E:\WINDOWS\system32\inetsrv\inetinfo.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
E:\WINDOWS\System32\snmp.exe
E:\WINDOWS\system32\svchost.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Program Files\Logitech\Video\LogiTray.exe
E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\Program Files\Windows Defender\MSASCui.exe
E:\program files\powerstrip\pstrip.exe
E:\Program Files\Logitech\MediaLife\MediaLifeService.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\WINDOWS\system32\svchost.exe
E:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 216.12.200.106:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "E:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "E:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Disk Cleaner.lnk = E:\Program Files\Disk Cleaner\dclean.exe
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PC Alert 4.lnk = E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O20 - Winlogon Notify: OfficeUpdate - E:\WINDOWS\
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\System32\GEARSec.exe
O23 - Service: Macromedia Licensing Service - Macromedia - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

AfterDawn

Daniii · 12.10.2006

1. Lataa http://download.bleepingcomputer.com/sUBs/combofix.exe
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Combofixin loki on täällä -> C:\Combofix.txt. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

Lähetä myös UUSI hjt-logi.

imaco · 12.10.2006

imaco - 06-10-12 19:31:23,53 Service Pack 2
ComboFix 06.09.28 - Running from: "E:\Documents and Settings\imaco\Ty”p”yt„"

((((((((((((((((((((((((((((((( Files Created from 2006-09-12 to 2006-10-12 ))))))))))))))))))))))))))))))))))

2006-09-30 05:14 520,192 --------- E:\WINDOWS\system32\ati2sgag.exe
2006-09-13 02:43 466,624 --a------ E:\WINDOWS\system32\LTRPR13n.DLL
2006-09-13 02:43 401,408 --a------ E:\WINDOWS\system32\pvmjpg30.dll
2006-09-13 02:43 194,248 --a------ E:\WINDOWS\system32\LTRFD13n.DLL
2006-09-13 02:42 79,360 --a------ E:\WINDOWS\system32\lfeps13s.dll
2006-09-13 02:42 74,752 --a------ E:\WINDOWS\system32\lfgif13s.dll
2006-09-13 02:42 73,728 --------- E:\WINDOWS\system32\MMAviAx.dll
2006-09-13 02:42 185,856 --a------ E:\WINDOWS\system32\lfpng13s.dll
2006-09-13 02:42 126,976 --------- E:\WINDOWS\system32\AVIPrAx.dll
2006-09-13 02:41 930,992 --------- E:\WINDOWS\system32\Ltr13n.dll
2006-09-13 02:41 884,736 --------- E:\WINDOWS\system32\LMUIRes.dll
2006-09-13 02:41 80,896 --------- E:\WINDOWS\system32\lfwmf13s.dll
2006-09-13 02:41 76,800 --------- E:\WINDOWS\system32\Lfwmf13n.dll
2006-09-13 02:41 73,728 --------- E:\WINDOWS\system32\lffax13n.dll
2006-09-13 02:41 70,144 --------- E:\WINDOWS\system32\lfbmp13s.dll
2006-09-13 02:41 65,536 --------- E:\WINDOWS\system32\lfpcx13s.dll
2006-09-13 02:41 65,536 --------- E:\WINDOWS\system32\Lfpct13n.dll
2006-09-13 02:41 64,512 --------- E:\WINDOWS\system32\lftga13s.dll
2006-09-13 02:41 59,904 --------- E:\WINDOWS\system32\lfpcd13s.dll
2006-09-13 02:41 453,120 --------- E:\WINDOWS\system32\ltkrn13n.dll
2006-09-13 02:41 409,600 --------- E:\WINDOWS\system32\LFCMP13s.DLL
2006-09-13 02:41 393,216 --------- E:\WINDOWS\system32\LFCMP13n.DLL
2006-09-13 02:41 306,352 --------- E:\WINDOWS\system32\Ltrio13n.dll
2006-09-13 02:41 30,208 --------- E:\WINDOWS\system32\lfbmp13n.dll
2006-09-13 02:41 283,648 --------- E:\WINDOWS\system32\LFJ2K13s.dll
2006-09-13 02:41 278,016 --------- E:\WINDOWS\system32\LFJ2K13n.dll
2006-09-13 02:41 24,576 --------- E:\WINDOWS\system32\lftga13n.dll
2006-09-13 02:41 2,079,232 --------- E:\WINDOWS\system32\LTCLR13s.dll
2006-09-13 02:41 167,936 --------- E:\WINDOWS\system32\lftif13s.dll
2006-09-13 02:41 153,088 --------- E:\WINDOWS\system32\ltfil13n.DLL
2006-09-13 02:41 143,360 --------- E:\WINDOWS\system32\lftif13n.dll
2006-09-13 02:41 12,288 --------- E:\WINDOWS\system32\LMLRes.dll
2006-09-13 02:41 116,224 --------- E:\WINDOWS\system32\lffax13s.dll
2006-09-13 02:41 110,080 --------- E:\WINDOWS\system32\lfpsd13s.dll
2006-09-13 02:41 105,984 --------- E:\WINDOWS\system32\lfpct13s.dll
2006-09-13 02:41 1,693,696 --------- E:\WINDOWS\system32\LTCLR13n.dll
2006-09-13 02:41 1,013,248 --------- E:\WINDOWS\system32\Ltwvc13n.dll
2006-09-13 01:59 84,992 --a------ E:\WINDOWS\system32\ATL70.DLL
2006-09-13 01:59 57,856 --a------ E:\WINDOWS\system32\masd32.dll
2006-09-13 01:59 27,648 --a------ E:\WINDOWS\system32\ma32.dll
2006-09-13 01:59 196,096 --a------ E:\WINDOWS\system32\macd32.dll
2006-09-13 01:59 138,752 --a------ E:\WINDOWS\system32\mase32.dll
2006-09-13 01:59 136,192 --a------ E:\WINDOWS\system32\mamc32.dll
2006-09-13 01:58 41,219 --a------ E:\WINDOWS\RSETPATH.exe
2006-09-13 01:58 171,008 --a------ E:\WINDOWS\system32\drivers\MarvinBus.sys
2006-09-13 01:57 964,608 --a------ E:\WINDOWS\system32\MFC70U.DLL
2006-09-13 01:57 61,440 --a------ E:\WINDOWS\system32\MFC71FRA.DLL
2006-09-13 01:57 54,784 --a------ E:\WINDOWS\system32\MSVCI70.DLL
2006-09-13 01:57 49,152 --a------ E:\WINDOWS\system32\PCLEGetGuid.dll
2006-09-13 01:50 14,165 --a------ E:\WINDOWS\system32\drivers\Pclepci.sys

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-10-12 19:04 -------- d-------- E:\Documents and Settings\imaco\Application Data\Skype
2006-10-12 19:03 -------- d-------- E:\Program Files\Mozilla Firefox 2 Beta 1
2006-10-12 06:41 -------- d-------- E:\Program Files\EA SPORTS
2006-10-11 17:34 -------- d-------- E:\Program Files\Mozilla Thunderbird
2006-10-11 11:23 -------- d-------- E:\Documents and Settings\imaco\Application Data\Azureus
2006-10-11 08:22 -------- d-------- E:\Program Files\Euroword2004
2006-10-10 19:05 -------- d-------- E:\Program Files\DC++
2006-10-09 03:11 -------- d-------- E:\Program Files\Azureus
2006-10-05 15:40 -------- d-------- E:\Program Files\Winamp
2006-10-05 05:00 -------- d--h----- E:\Program Files\InstallShield Installation Information
2006-10-05 04:36 -------- d-------- E:\Program Files\Java
2006-10-05 04:24 -------- d-------- E:\Program Files\Common Files\Java
2006-10-05 04:24 -------- d-------- E:\Program Files\Common Files
2006-10-03 02:51 -------- d-------- E:\Program Files\Logitech
2006-09-30 19:49 -------- d-------- E:\Documents and Settings\imaco\Application Data\ATI
2006-09-30 05:13 -------- d-------- E:\Program Files\ATI Technologies
2006-09-30 04:49 -------- d-------- E:\Program Files\Driver Cleaner Pro
2006-09-29 02:42 -------- d-------- E:\Program Files\Opera
2006-09-27 19:15 -------- d-------- E:\Program Files\Internet Explorer
2006-09-25 23:45 359808 --a------ E:\WINDOWS\system32\drivers\TCPIP.SYS
2006-09-20 14:34 -------- d-------- E:\Program Files\Survo_Editor
2006-09-18 03:07 -------- d-------- E:\Program Files\Macromedia
2006-09-18 03:07 -------- d-------- E:\Program Files\Common Files\Macromedia Shared
2006-09-18 03:07 -------- d-------- E:\Program Files\Common Files\Macromedia
2006-09-18 03:04 -------- d-------- E:\Documents and Settings\imaco\Application Data\Macromedia
2006-09-15 18:30 -------- d-------- E:\Documents and Settings\imaco\Application Data\InstallShield
2006-09-13 12:45 -------- d-------- E:\Program Files\MediaCoder
2006-09-13 02:41 -------- d-------- E:\Program Files\Pinnacle
2006-09-13 02:02 -------- d-------- E:\Program Files\SmartSound Software
2006-09-11 19:31 -------- d-------- E:\Documents and Settings\imaco\Application Data\Ahead
2006-09-10 13:45 -------- d-------- E:\Program Files\Common Files\Ahead
2006-09-10 13:40 -------- d-------- E:\Program Files\Nero
2006-08-30 00:57 -------- d-------- E:\Documents and Settings\imaco\Application Data\Inkscape
2006-08-30 00:56 -------- d-------- E:\Program Files\Inkscape
2006-08-29 02:21 -------- d-------- E:\Program Files\ffdshow
2006-08-28 10:23 5906432 --a------ E:\WINDOWS\system32\ieframe.dll
2006-08-28 10:23 50688 --a------ E:\WINDOWS\system32\msfeedsbs.dll
2006-08-28 10:23 457728 --a------ E:\WINDOWS\system32\msfeeds.dll
2006-08-28 10:23 413696 --a------ E:\WINDOWS\system32\vbscript.dll
2006-08-28 10:23 225792 --a------ E:\WINDOWS\system32\webcheck.dll
2006-08-28 10:23 175616 --a------ E:\WINDOWS\system32\ieui.dll
2006-08-28 10:23 152064 --a------ E:\WINDOWS\system32\msls31.dll
2006-08-28 10:09 78336 --a------ E:\WINDOWS\system32\ieencode.dll
2006-08-28 10:09 206336 --a------ E:\WINDOWS\system32\WinFXDocObj.exe
2006-08-28 10:08 40448 --a------ E:\WINDOWS\system32\licmgr10.dll
2006-08-28 10:08 105472 --a------ E:\WINDOWS\system32\url.dll
2006-08-28 10:08 100352 --a------ E:\WINDOWS\system32\occache.dll
2006-08-28 10:07 16896 --a------ E:\WINDOWS\system32\corpol.dll
2006-08-28 10:05 71680 --a------ E:\WINDOWS\system32\admparse.dll
2006-08-28 10:05 378368 --a------ E:\WINDOWS\system32\iedkcs32.dll
2006-08-28 10:05 229376 --a------ E:\WINDOWS\system32\ieaksie.dll
2006-08-28 10:05 152064 --a------ E:\WINDOWS\system32\ieakeng.dll
2006-08-28 10:04 55296 --a------ E:\WINDOWS\system32\iesetup.dll
2006-08-28 10:04 54784 --a------ E:\WINDOWS\system32\ie4uinit.exe
2006-08-28 10:04 43008 --a------ E:\WINDOWS\system32\iernonce.dll
2006-08-28 10:04 122880 --a------ E:\WINDOWS\system32\advpack.dll
2006-08-28 10:04 11776 --a------ E:\WINDOWS\system32\ieudinit.exe
2006-08-28 10:02 61440 --a------ E:\WINDOWS\system32\icardie.dll
2006-08-28 10:02 12288 --a------ E:\WINDOWS\system32\msfeedssync.exe
2006-08-28 10:01 35328 --a------ E:\WINDOWS\system32\imgutil.dll
2006-08-28 10:01 262656 --a------ E:\WINDOWS\system32\iertutil.dll
2006-08-28 09:59 45568 --a------ E:\WINDOWS\system32\mshta.exe
2006-08-28 09:25 48128 --a------ E:\WINDOWS\system32\mshtmler.dll
2006-08-28 09:22 161792 --a------ E:\WINDOWS\system32\ieakui.dll
2006-08-25 06:47 36528 --------- E:\WINDOWS\system32\drivers\PxHelp20.sys
2006-08-25 06:47 129784 --------- E:\WINDOWS\system32\pxafs.dll
2006-08-25 06:47 115880 --------- E:\WINDOWS\system32\pxinsi64.exe
2006-08-25 03:26 -------- d-------- E:\Program Files\mIRC
2006-08-23 05:11 307200 --a------ E:\WINDOWS\system32\atiiiexx.dll
2006-08-23 04:53 260096 --a------ E:\WINDOWS\system32\ati2dvag.dll
2006-08-23 04:53 1723904 --a------ E:\WINDOWS\system32\drivers\ati2mtag.sys
2006-08-23 04:47 114688 --a------ E:\WINDOWS\system32\atipdlxx.dll
2006-08-23 04:46 86016 --a------ E:\WINDOWS\system32\ati2evxx.dll
2006-08-23 04:46 77824 --a------ E:\WINDOWS\system32\Oemdspif.dll
2006-08-23 04:46 41984 --a------ E:\WINDOWS\system32\ati2edxx.dll
2006-08-23 04:46 26112 --a------ E:\WINDOWS\system32\Ati2mdxx.exe
2006-08-23 04:45 413696 --a------ E:\WINDOWS\system32\ati2evxx.exe
2006-08-23 04:44 53248 --a------ E:\WINDOWS\system32\ATIDDC.DLL
2006-08-23 04:38 2401984 --a------ E:\WINDOWS\system32\ati3duag.dll
2006-08-23 04:33 303104 --a------ E:\WINDOWS\system32\ATIDEMGR.dll
2006-08-23 04:33 2510752 --a------ E:\WINDOWS\system32\ativvaxx.dll
2006-08-23 04:27 6684672 --a------ E:\WINDOWS\system32\atioglx1.dll
2006-08-23 04:24 5140480 --a------ E:\WINDOWS\system32\atioglxx.dll
2006-08-23 04:21 221184 --a------ E:\WINDOWS\system32\atikvmag.dll
2006-08-23 04:19 17408 --a------ E:\WINDOWS\system32\atitvo32.dll
2006-08-23 04:14 290816 --a------ E:\WINDOWS\system32\ati2cqag.dll
2006-08-22 23:36 380928 --------- E:\WINDOWS\system32\ieapfltr.dll
2006-08-21 15:26 16896 --a------ E:\WINDOWS\system32\fltlib.dll
2006-08-21 12:14 23040 --a------ E:\WINDOWS\system32\fltmc.exe
2006-08-21 12:14 128896 --a------ E:\WINDOWS\system32\drivers\fltmgr.sys
2006-08-16 12:00 6144 --a------ E:\WINDOWS\system32\ff_vfw.dll
2006-08-16 10:02 -------- d---s---- E:\Documents and Settings\imaco\Application Data\Microsoft
2006-08-14 22:54 -------- d-------- E:\Documents and Settings\imaco\Application Data\MediaLife
2006-08-14 19:39 -------- d-------- E:\Documents and Settings\imaco\Application Data\Logitech
2006-08-14 19:38 -------- d-------- E:\Program Files\PowerStrip
2006-08-14 18:32 -------- d-------- E:\Program Files\MUSICMATCH
2006-08-14 18:32 -------- d-------- E:\Documents and Settings\imaco\Application Data\Musicmatch
2006-08-14 18:26 -------- d-------- E:\Program Files\Common Files\Logitech
2006-08-10 19:46 22752 --a------ E:\WINDOWS\system32\spupdsvc.exe
2006-07-29 19:32 48936 --a------ E:\WINDOWS\system32\sirenacm.dll
2006-07-27 16:26 679424 --a------ E:\WINDOWS\system32\inetcomm.dll
2006-07-21 11:28 72704 --a------ E:\WINDOWS\system32\hlink.dll
2006-07-14 18:52 121856 --------- E:\WINDOWS\system32\xmllite.dll
2006-07-14 02:53 39936 --a------ E:\WINDOWS\system32\CacheX.dll

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogitechSoftwareUpdate"="\"E:\\Program Files\\Logitech\\Video\\ManifestEngine.exe\" boot"
"updateMgr"="\"E:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"E:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"Skype"="\"E:\\Program Files\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"vptray"="E:\\PROGRA~1\\SYMANT~1\\SYMANT~1\\vptray.exe"
"RemoteControl"="\"E:\\Program Files\\CyberLink DVD Solution\\PowerDVD\\PDVDServ.exe\""
"LVCOMSX"="E:\\WINDOWS\\system32\\LVCOMSX.EXE"
"LogitechVideoRepair"="E:\\Program Files\\Logitech\\Video\\ISStart.exe "
"LogitechVideoTray"="E:\\Program Files\\Logitech\\Video\\LogiTray.exe"
@=""
"Norton Ghost 9.0"="E:\\Program Files\\Symantec\\Norton Ghost\\Agent\\GhostTray.exe"
"WINDVDPatch"="CTHELPER.EXE"
"UpdReg"="E:\\WINDOWS\\UpdReg.EXE"
"Jet Detection"="\"E:\\Program Files\\Creative\\SBLive\\PROGRAM\\ADGJDet.exe\""
"Cmaudio"="RunDll32 cmicnfg.cpl,CMICtrlWnd"
"Windows Defender"="\"E:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"DAEMON Tools-1033"="\"E:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"DAEMON Tools"="\"E:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"PowerStrip"="e:\\program files\\powerstrip\\pstrip.exe"
"Logitech Hardware Abstraction Layer"="KHALMNPR.EXE"
"MediaLifeService"="\"E:\\Program Files\\Logitech\\MediaLife\\MediaLifeService.exe\""
"mmtask"="\"E:\\Program Files\\Musicmatch\\Musicmatch Jukebox\\mmtask.exe\""
"NeroFilterCheck"="E:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"PinnacleDriverCheck"="E:\\WINDOWS\\system32\\\\PSDrvCheck.exe"
"ATICCC"="\"E:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""
"SunJavaUpdateSched"="\"E:\\Program Files\\Java\\jre1.5.0_08\\bin\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,cc,00,00,00,00,00,00,00,34,03,00,00,e2,02,\
00,00,01,00,00,00

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="E:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="E:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoRecentDocsMenu"=dword:00000001
"NoRecentDocsHistory"=dword:00000001
"NoStartMenuPinnedList"=dword:00000001

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\NoRecentDocsHistory ]

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\NoRecentDocsMenu]
@="1"

[HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\NoRecentDocsHistory ]

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\NoRecentDocsMenu]
@="1"

[HKEY_USERS\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"UPnPMonitor"="{e57ce738-33e8-4c51-8354-bb4de9d215d1}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSCONFIG\Startupreg\LiveMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LMonitor"
"hkey"="HKLM"
"command"="E:\\Program Files\\MSI\\Live Update 3\\LMonitor.exe"
"inimapping"="0"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders
securityproviders REG_SZ msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll

Contents of the 'Scheduled Tasks' folder
E:\WINDOWS\tasks\MP Scheduled Scan.job

Completion time: Thu 12.10.2006 19:32:15.62
ComboFix.txt
ComboFix2.txt

imaco · 12.10.2006

Logfile of HijackThis v1.99.1
Scan saved at 19:35:02, on 12.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0007)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\WINDOWS\System32\GEARSec.exe
E:\WINDOWS\system32\inetsrv\inetinfo.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
E:\WINDOWS\System32\snmp.exe
E:\WINDOWS\system32\svchost.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Program Files\Logitech\Video\LogiTray.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\Program Files\Windows Defender\MSASCui.exe
E:\program files\powerstrip\pstrip.exe
E:\Program Files\Logitech\MediaLife\MediaLifeService.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\Program Files\MSN Messenger\MSNP13Downgrader.exe
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\WINDOWS\system32\wscntfy.exe
E:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tietokone.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 216.12.200.106:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "E:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "E:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Disk Cleaner.lnk = E:\Program Files\Disk Cleaner\dclean.exe
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PC Alert 4.lnk = E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\System32\GEARSec.exe
O23 - Service: Macromedia Licensing Service - Macromedia - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

Daniii · 13.10.2006

Lataa [bold]L2MFix[/bold] jommastakummasta linkistä:

http://www.atribune.org/downloads/l2mfix.exe
http://www.downloads.subratam.org/l2mfix.exe

Tallenna tiedosto työpöydällesi ja tuplaklikkaa tiedostoa [bold]l2mfix.exe[/bold]. Klikkaa [bold]Install[/bold] purkaaksesi tiedostot ja seuraile ohjeita. Avaa sitten äskettäin luotu l2mfix kansio työpöydältäsi. Tuplaklikkaa tiedostoa [bold]l2mfix.bat[/bold] ja valitse vaihtoehto #[bold]1[/bold], [bold]Run Find Log[/bold] painamalla 1 ja sitten enter. Tämä skannaa koneesi. Parin minuutin kuluttua lokin pitäisi aueta. Kopioi ja liitä lokin sisältö tähän ketjuun.

[bold]Tärkeätä: ÄLÄ aja vaihtoehtoa #2 tai muita tiedostoja l2mfix kansiosta ennenkuin ohjastan tekemään niin![/bold]

Fixaa nämä hjt:lla:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

Lähetä siis vielä uusi hjt-logi ja uusi l2me-logi.

imaco · 13.10.2006

L2MFIX find log 032106
These are the registry keys present
**********************************************************************************
Winlogon/notify:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
"DLLName"="Ati2evxx.dll"
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000001
"Lock"="AtiLockEvent"
"Logoff"="AtiLogoffEvent"
"Logon"="AtiLogonEvent"
"Disconnect"="AtiDisConnectEvent"
"Reconnect"="AtiReConnectEvent"
"Safe"=dword:00000000
"Shutdown"="AtiShutdownEvent"
"StartScreenSaver"="AtiStartScreenSaverEvent"
"StartShell"="AtiStartShellEvent"
"Startup"="AtiStartupEvent"
"StopScreenSaver"="AtiStopScreenSaverEvent"
"Unlock"="AtiUnLockEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\crypt32chain]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,33,00,32,00,2e,00,64,00,6c,00,\
6c,00,00,00
"Logoff"="ChainWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cryptnet]
"Asynchronous"=dword:00000000
"Impersonate"=dword:00000000
"DllName"=hex(2):63,00,72,00,79,00,70,00,74,00,6e,00,65,00,74,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Logoff"="CryptnetWlxLogoffEvent"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\cscdll]
"DLLName"="cscdll.dll"
"Logon"="WinlogonLogonEvent"
"Logoff"="WinlogonLogoffEvent"
"ScreenSaver"="WinlogonScreenSaverEvent"
"Startup"="WinlogonStartupEvent"
"Shutdown"="WinlogonShutdownEvent"
"StartShell"="WinlogonStartShellEvent"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
"StartShell"="NavStartShellEvent"
"Logoff"="NavLogoffEvent"
"DllName"="E:\\WINDOWS\\system32\\NavLogon.dll"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ScCertProp]
"DLLName"="wlnotify.dll"
"Logon"="SCardStartCertProp"
"Logoff"="SCardStopCertProp"
"Lock"="SCardSuspendCertProp"
"Unlock"="SCardResumeCertProp"
"Enabled"=dword:00000001
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\Schedule]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"StartShell"="SchedStartShell"
"Logoff"="SchedEventLogOff"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sclgntfy]
"Logoff"="WLEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000001
"DllName"=hex(2):73,00,63,00,6c,00,67,00,6e,00,74,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SensLogn]
"DLLName"="WlNotify.dll"
"Lock"="SensLockEvent"
"Logon"="SensLogonEvent"
"Logoff"="SensLogoffEvent"
"Safe"=dword:00000001
"MaxWait"=dword:00000258
"StartScreenSaver"="SensStartScreenSaverEvent"
"StopScreenSaver"="SensStopScreenSaverEvent"
"Startup"="SensStartupEvent"
"Shutdown"="SensShutdownEvent"
"StartShell"="SensStartShellEvent"
"PostShell"="SensPostShellEvent"
"Disconnect"="SensDisconnectEvent"
"Reconnect"="SensReconnectEvent"
"Unlock"="SensUnlockEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\termsrv]
"Asynchronous"=dword:00000000
"DllName"=hex(2):77,00,6c,00,6e,00,6f,00,74,00,69,00,66,00,79,00,2e,00,64,00,\
6c,00,6c,00,00,00
"Impersonate"=dword:00000000
"Logoff"="TSEventLogoff"
"Logon"="TSEventLogon"
"PostShell"="TSEventPostShell"
"Shutdown"="TSEventShutdown"
"StartShell"="TSEventStartShell"
"Startup"="TSEventStartup"
"MaxWait"=dword:00000258
"Reconnect"="TSEventReconnect"
"Disconnect"="TSEventDisconnect"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wlballoon]
"DLLName"="wlnotify.dll"
"Logon"="RegisterTicketExpiredNotificationEvent"
"Logoff"="UnregisterTicketExpiredNotificationEvent"
"Impersonate"=dword:00000001
"Asynchronous"=dword:00000001

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wzcnotif]
"DLLName"="wzcdlg.dll"
"Logon"="WZCEventLogon"
"Logoff"="WZCEventLogoff"
"Impersonate"=dword:00000000
"Asynchronous"=dword:00000000

**********************************************************************************
useragent:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform]
"sv1"=""

**********************************************************************************
Shell Extension key:
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved]
"{00022613-0000-0000-C000-000000000046}"="Multimediatiedoston ominaisuusikkuna"
"{176d6597-26d3-11d1-b350-080036a75b03}"="ICM-kuvanlukijan hallinta"
"{1F2E5C40-9550-11CE-99D2-00AA006E086C}"="NTFS-suojaussivu"
"{3EA48300-8CF6-101B-84FB-666CCB9BCD32}"="OLE-asiakirjatiedoston ominaisuussivu"
"{40dd6e20-7c17-11ce-a804-00aa003ca9f6}"="Liittym„laajennus jakamista varten"
"{41E300E0-78B6-11ce-849B-444553540000}"="PlusPack CPL Extension"
"{42071712-76d4-11d1-8b24-00a0c9068ff3}"="N„ytt”sovittimen CPL-laajennus"
"{42071713-76d4-11d1-8b24-00a0c9068ff3}"="N„yt”n CPL -laajennus"
"{42071714-76d4-11d1-8b24-00a0c9068ff3}"="Display Panning CPL -laajennus"
"{4E40F770-369C-11d0-8922-00A024AB2DBB}"="Hakemistopalvelun suojaussivu"
"{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8}"="Yhteensopivuussivusto"
"{56117100-C0CD-101B-81E2-00AA004AE837}"="K„ytt”liittym„n leikkeidenk„sittelytoiminto"
"{59099400-57FF-11CE-BD94-0020AF85B590}"="Levykkeen kopiointilaajennus"
"{59be4990-f85c-11ce-aff7-00aa003ca9f6}"="Microsoft Windows -verkon objektien liittym„laajennukset"
"{5DB2625A-54DF-11D0-B6C4-0800091AA605}"="ICM-n„yt”n hallinta"
"{675F097E-4C4D-11D0-B6C1-0800091AA605}"="ICM-tulostimen hallinta"
"{764BF0E1-F219-11ce-972D-00AA00A14F56}"="Tiedostonpakkauksen liittym„laajennukset"
"{77597368-7b15-11d0-a0c2-080036af3f03}"="Web-tulostimen liittym„laajennus"
"{7988B573-EC89-11cf-9C00-00AA00A14F56}"="Disk Quota UI"
"{853FE2B1-B769-11d0-9C4E-00C04FB6C6FA}"="Salauksen pikavalikko"
"{85BBD920-42A0-1069-A2E4-08002B30309D}"="Salkku"
"{88895560-9AA2-1069-930E-00AA0030EBC8}"="HyperTerminal-kuvakkeen tunniste"
"{BD84B380-8CA2-1069-AB1D-08000948F534}"="Fonts"
"{DBCE2480-C732-101B-BE72-BA78E9AD5B27}"="ICC-profiili"
"{F37C5810-4D3F-11d0-B4BF-00AA00BBB723}"="Tulostimen suojaussivu"
"{f81e9010-6ea4-11ce-a7ff-00aa003ca9f6}"="Liittym„laajennus jakamista varten"
"{f92e8c40-3d33-11d2-b1aa-080036a75b03}"="Display TroubleShoot CPL Extension"
"{7444C717-39BF-11D1-8CD9-00C04FC29D45}"="Crypto PKO -laajennus"
"{7444C719-39BF-11D1-8CD9-00C04FC29D45}"="Crypto Sign -laajennus"
"{7007ACC7-3202-11D1-AAD2-00805FC1270E}"="Verkkoyhteydet"
"{992CFFA0-F557-101A-88EC-00DD010CCC48}"="Verkkoyhteydet"
"{E211B736-43FD-11D1-9EFB-0000F8757FCD}"="Skannerit ja kamerat"
"{FB0C9C8A-6C50-11D1-9F1D-0000F8757FCD}"="Skannerit ja kamerat"
"{905667aa-acd6-11d2-8080-00805f6596d2}"="Skannerit ja kamerat"
"{3F953603-1008-4f6e-A73A-04AAC7A992F1}"="Skannerit ja kamerat"
"{83bbcbf3-b28a-4919-a5aa-73027445d672}"="Skannerit ja kamerat"
"{F0152790-D56E-4445-850E-4F3117DB740C}"="Remote Sessions CPL Extension"
"{60254CA5-953B-11CF-8C96-00AA00B8708C}"="Windows Script Hostin liittym„laajennukset"
"{2206CDB2-19C1-11D1-89E0-00C04FD7A829}"="Microsoft-tietolinkki"
"{DD2110F0-9EEF-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Icon Handler"
"{797F1E90-9EDD-11cf-8D8E-00AA0060F5BF}"="Tasks Folder Shell Extension"
"{D6277990-4C6A-11CF-8D87-00AA0060F5BF}"="Ajoitetut teht„v„t"
"{2559a1f7-21d7-11d4-bdaf-00c04f60b9f0}"="Set Program Access and Defaults"
"{5F327514-6C5E-4d60-8F16-D07FA08A78ED}"="Auto Update Property Sheet Extension"
"{0DF44EAA-FF21-4412-828E-260A8728E7F1}"="Teht„v„palkki ja K„ynnist„-valikko"
"{2559a1f0-21d7-11d4-bdaf-00c04f60b9f0}"="Etsi"
"{2559a1f1-21d7-11d4-bdaf-00c04f60b9f0}"="Ohje ja tuki"
"{2559a1f2-21d7-11d4-bdaf-00c04f60b9f0}"="Ohje ja tuki"
"{2559a1f3-21d7-11d4-bdaf-00c04f60b9f0}"="Suorita..."
"{2559a1f4-21d7-11d4-bdaf-00c04f60b9f0}"="Internet"
"{2559a1f5-21d7-11d4-bdaf-00c04f60b9f0}"="S„hk”posti"
"{D20EA4E1-3957-11d2-A40B-0C5020524152}"="Fontit"
"{D20EA4E1-3957-11d2-A40B-0C5020524153}"="Valvontaty”kalut"
"{596AB062-B4D2-4215-9F74-E9109B0A8153}"="Aiempien versioiden ominaisuudet -sivu"
"{9DB7A13C-F208-4981-8353-73CC61AE2783}"="Edelliset versiot"
"{875CB1A1-0F29-45de-A1AE-CFB4950D0B78}"="Audio Media Properties Handler"
"{40C3D757-D6E4-4b49-BB41-0E5BBEA28817}"="Video Media Properties Handler"
"{E4B29F9D-D390-480b-92FD-7DDB47101D71}"="Wav Properties Handler"
"{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"="Avi Properties Handler"
"{A6FD9E45-6E44-43f9-8644-08598F5A74D9}"="Midi Properties Handler"
"{c5a40261-cd64-4ccf-84cb-c394da41d590}"="Video Thumbnail Extractor"
"{5E6AB780-7743-11CF-A12B-00AA004AE837}"="Microsoft Internet-ty”kalurivi"
"{22BF0C20-6DA7-11D0-B373-00A0C9034938}"="Lataamisen tila"
"{91EA3F8B-C99B-11d0-9815-00C04FD91972}"="Augmented Shell Folder"
"{6413BA2C-B461-11d1-A18A-080036B11A03}"="Augmented Shell Folder 2"
"{F61FFEC1-754F-11d0-80CA-00AA005B4383}"="BandProxy"
"{7BA4C742-9E81-11CF-99D3-00AA004AE837}"="Microsoft BrowserBand"
"{30D02401-6A81-11d0-8274-00C04FD5AE38}"="IE Search Band"
"{169A0691-8DF9-11d1-A1C4-00C04FD75D13}"="In-pane search"
"{07798131-AF23-11d1-9111-00A0C98BA67D}"="Web Search"
"{AF4F6510-F982-11d0-8595-00AA004CD6D8}"="Registry Tree Options Utility"
"{01E04581-4EEE-11d0-BFE9-00AA005B4383}"="&L„hiosoite"
"{A08C11D2-A228-11d0-825B-00AA005B4383}"="Address EditBox"
"{00BB2763-6A77-11D0-A535-00C04FD7D062}"="Microsoft AutoComplete"
"{7376D660-C583-11d0-A3A5-00C04FD706EC}"="TridentImageExtractor"
"{6756A641-DE71-11d0-831B-00AA005B4383}"="MRU AutoComplete List"
"{6935DB93-21E8-4ccc-BEB9-9FE3C77A297A}"="Custom MRU AutoCompleted List"
"{7e653215-fa25-46bd-a339-34a2790f3cb7}"="Accessible"
"{acf35015-526e-4230-9596-becbe19f0ac9}"="Track Popup Bar"
"{00BB2764-6A77-11D0-A535-00C04FD7D062}"="Microsoft History AutoComplete List"
"{03C036F1-A186-11D0-824A-00AA005B4383}"="Microsoft Shell Folder AutoComplete List"
"{00BB2765-6A77-11D0-A535-00C04FD7D062}"="Microsoft Multiple AutoComplete List Container"
"{ECD4FC4E-521C-11D0-B792-00A0C90312E1}"="Shell Band Site Menu"
"{3CCF8A41-5C85-11d0-9796-00AA00B90ADF}"="Shell DeskBarApp"
"{ECD4FC4C-521C-11D0-B792-00A0C90312E1}"="Shell DeskBar"
"{ECD4FC4D-521C-11D0-B792-00A0C90312E1}"="Shell Rebar BandSite"
"{DD313E04-FEFF-11d1-8ECD-0000F87A470C}"="User Assist"
"{EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}"="Global Folder Settings"
"{EFA24E61-B078-11d0-89E4-00C04FC9E26E}"="Favorites Band"
"{0A89A860-D7B1-11CE-8350-444553540000}"="Shell Automation Inproc Service"
"{E7E4BC40-E76A-11CE-A9BB-00AA004AE837}"="Shell DocObject Viewer"
"{A5E46E3A-8849-11D1-9D8C-00C04FC99D61}"="Microsoft Browser Architecture"
"{FBF23B40-E3F0-101B-8488-00AA003E56F8}"="InternetShortcut"
"{3C374A40-BAE4-11CF-BF7D-00AA006946EE}"="Microsoft Url History Service"
"{FF393560-C2A7-11CF-BFF4-444553540000}"="History"
"{7BD29E00-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{7BD29E01-76C1-11CF-9DD0-00A0C9034933}"="Temporary Internet Files"
"{CFBFAE00-17A6-11D0-99CB-00C04FD64497}"="Microsoft Url Search Hook"
"{A2B0DD40-CC59-11d0-A3A5-00C04FD706EC}"="IE4 Suite Splash Screen"
"{67EA19A0-CCEF-11d0-8024-00C04FD75D13}"="CDF Extension Copy Hook"
"{131A6951-7F78-11D0-A979-00C04FD705A2}"="ISFBand OC"
"{9461b922-3c5a-11d2-bf8b-00c04fb93661}"="Search Assistant OC"
"{3DC7A020-0ACD-11CF-A9BB-00AA004AE837}"="The Internet"
"{871C5380-42A0-1069-A2EA-08002B30309D}"="Internet Name Space"
"{EFA24E64-B078-11d0-89E4-00C04FC9E26E}"="Explorer Band"
"{9E56BE60-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{9E56BE61-C50F-11CF-9A2C-00A0C90A90CE}"="Sendmail service"
"{88C6C381-2E85-11D0-94DE-444553540000}"="ActiveX Cache Folder"
"{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"="WebCheck"
"{ABBE31D0-6DAE-11D0-BECA-00C04FD940BE}"="Subscription Mgr"
"{F5175861-2688-11d0-9C5E-00AA00A45957}"="Subscription Folder"
"{08165EA0-E946-11CF-9C87-00AA005127ED}"="WebCheckWebCrawler"
"{E3A8BDE6-ABCE-11d0-BC4B-00C04FD929DB}"="WebCheckChannelAgent"
"{E8BB6DC0-6B4E-11d0-92DB-00A0C90C2BD7}"="TrayAgent"
"{7D559C10-9FE9-11d0-93F7-00AA0059CE02}"="Code Download Agent"
"{E6CC6978-6B6E-11D0-BECA-00C04FD940BE}"="ConnectionAgent"
"{D8BD2030-6FC9-11D0-864F-00AA006809D9}"="PostAgent"
"{7FC0B86E-5FA7-11d1-BC7C-00C04FD929DB}"="WebCheck SyncMgr Handler"
"{352EC2B7-8B9A-11D1-B8AE-006008059382}"="K„ytt”liittym„n sovelluksenhallintaohjelma"
"{0B124F8F-91F0-11D1-B8B5-006008059382}"="Sovellusluettelo asennettiin"
"{CFCCC7A0-A282-11D1-9082-006008059382}"="Darwin App Publisher"
"{e84fda7c-1d6a-45f6-b725-cb260c236066}"="Shell Image Verbs"
"{66e4e4fb-f385-4dd0-8d74-a2efd1bc6178}"="Shell Image Data Factory"
"{00E7B358-F65B-4dcf-83DF-CD026B94BFD4}"="Autoplay for SlideShow"
"{3F30C968-480A-4C6C-862D-EFC0897BB84B}"="GDI+ -tiedoston pikkukuvan purkaja"
"{9DBD2C50-62AD-11d0-B806-00C04FD706EC}"="Yhteenvetotiedot pikkukuvien k„sittelyst„ (DOCFILES)"
"{EAB841A0-9550-11cf-8C16-00805F1408F3}"="HTML-pikkukuvien purkuohjelma"
"{eb9b1153-3b57-4e68-959a-a3266bc3d7fe}"="Shell Image Property Handler"
"{CC6EEFFB-43F6-46c5-9619-51D571967F7D}"="Ohjattu Web-julkaisutoiminto"
"{add36aa8-751a-4579-a266-d66f5202ccbb}"="Valokuvien paperikopioiden tilaaminen Internetist„"
"{6b33163c-76a5-4b6c-bf21-45de9cd503a1}"="Shell Publishing Wizard Object"
"{58f1f272-9240-4f51-b6d4-fd63d1618591}"="Ohjattu Passport toiminto"
"{7A9D77BD-5403-11d2-8785-2E0420524153}"="K„ytt„j„tilit"
"{BD472F60-27FA-11cf-B8B4-444553540000}"="Compressed (zipped) Folder Right Drag Handler"
"{888DCA60-FC0A-11CF-8F0F-00C04FD7D062}"="Compressed (zipped) Folder SendTo Target"
"{692F0339-CBAA-47e6-B5B5-3B84DB604E87}"="Extensions Manager Folder"
"{63da6ec0-2e98-11cf-8d82-444553540000}"="FTP Folders Webview"
"{883373C3-BF89-11D1-BE35-080036B11A03}"="Microsoft DocProp Shell Ext"
"{A9CF0EAE-901A-4739-A481-E35B73E47F6D}"="Microsoft DocProp Inplace Edit Box Control"
"{8EE97210-FD1F-4B19-91DA-67914005F020}"="Microsoft DocProp Inplace ML Edit Box Control"
"{0EEA25CC-4362-4A12-850B-86EE61B0D3EB}"="Microsoft DocProp Inplace Droplist Combo Control"
"{6A205B57-2567-4A2C-B881-F787FAB579A3}"="Microsoft DocProp Inplace Calendar Control"
"{28F8A4AC-BBB3-4D9B-B177-82BFC914FA33}"="Microsoft DocProp Inplace Time Control"
"{8A23E65E-31C2-11d0-891C-00A024AB2DBB}"="Directory Query UI"
"{9E51E0D0-6E0F-11d2-9601-00C04FA31A86}"="Shell properties for a DS object"
"{163FDC20-2ABC-11d0-88F0-00A024AB2DBB}"="Directory Object Find"
"{F020E586-5264-11d1-A532-0000F8757D7E}"="Directory Start/Search Find"
"{0D45D530-764B-11d0-A1CA-00AA00C16E65}"="Directory Property UI"
"{62AE1F9A-126A-11D0-A14B-0800361B1103}"="Directory Context Menu Verbs"
"{ECF03A33-103D-11d2-854D-006008059367}"="MyDocs Copy Hook"
"{ECF03A32-103D-11d2-854D-006008059367}"="MyDocs Drop Target"
"{4a7ded0a-ad25-11d0-98a8-0800361b1103}"="MyDocs Properties"
"{750fdf0e-2a26-11d1-a3ea-080036587f03}"="Offline Files Menu"
"{10CFC467-4392-11d2-8DB4-00C04FA31A66}"="Offline Files Folder Options"
"{AFDB1F70-2A4C-11d2-9039-00C04F8EEB3E}"="Offline-tiedostot-kansio"
"{143A62C8-C33B-11D1-84FE-00C04FA34A14}"="Microsoft Agent Character Property Sheet Handler"
"{ECCDF543-45CC-11CE-B9BF-0080C87CDBA6}"="DfsShell"
"{60fd46de-f830-4894-a628-6fa81bc0190d}"="%DESC_PublishDropTarget%"
"{7A80E4A8-8005-11D2-BCF8-00C04F72C717}"="MMC Icon Handler"
"{0CD7A5C0-9F37-11CE-AE65-08002B2E1262}"=".CAB file viewer"
"{32714800-2E5F-11d0-8B85-00AA0044F941}"="&Henkil”it„..."
"{8DD448E6-C188-4aed-AF92-44956194EB1F}"="Windows Media Player Play as Playlist Context Menu Handler"
"{CE3FB1D1-02AE-4a5f-A6E9-D9F1B4073E6C}"="Windows Media Player Burn Audio CD Context Menu Handler"
"{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}"="Windows Media Player Add to Playlist Context Menu Handler"
"{BDA77241-42F6-11d0-85E2-00AA001FE28C}"="LDVP Shell Extensions"
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}"="WinRAR shell extension"
"{400CFEE2-39D0-46DC-96DF-E0BB5A4324B3}"="My Logitech Pictures"
"{8BE13461-936F-11D1-A87D-444553540000}"="Eraser Shell Extension"
"{21569614-B795-46b1-85F4-E737A8DC09AD}"="Shell Search Band"
"{1D2680C9-0E2A-469d-B787-065558BC7D43}"="Fusion Cache"
"{BDEADF00-C265-11D0-BCED-00A0C90AB50F}"="Web-kansiot"
"{42042206-2D85-11D3-8CFF-005004838597}"="Microsoft Office HTML Icon Handler"
"{43886CD5-6529-41c4-A707-7B3C92C05E68}"="IE Navigation Bar"
"{3028902F-6374-48b2-8DC6-9725E775B926}"="IE AutoComplete"
"{4B78D326-D922-44f9-AF2A-07805C2A3560}"="IE Menu Band"
"{6CF48EF8-44CD-45d2-8832-A16EA016311B}"="IE IShellFolderBand"
"{F2CF5485-4E02-4f68-819C-B92DE9277049}"="&Links"
"{1C1EDB47-CE22-4bbb-B608-77B48F83C823}"="IE Fade Task"
"{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE}"="IE Tracking Shell Menu"
"{44C76ECD-F7FA-411c-9929-1B77BA77F524}"="IE Menu Site"
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}"="History Band"
"{FC9FB64A-1EB2-4CCF-AF5E-1A497A9B5C2D}"="Messenger Sharing Folders"
"{e57ce731-33e8-4c51-8354-bb4de9d215d1}"="Universal Plug and Play -laitteet"
"{640167b4-59b0-47a6-b335-a6b3c0695aea}"="Portable Media Devices"
"{cc86590a-b60a-48e6-996b-41d25ed39a1e}"="Portable Media Devices Menu"
"{e82a2d71-5b2f-43a0-97b8-81be15854de8}"="ShellLink for Application References"
"{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75}"="Shell Icon Handler for Application References"
"{E0D79304-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79305-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79306-84BE-11CE-9641-444553540000}"="WinZip"
"{E0D79307-84BE-11CE-9641-444553540000}"="WinZip"
"{46E22146-59C0-4136-9233-FB7720E777B2}"="EzCddax extension"
"{07C45BB1-4A8C-4642-A1F5-237E7215FF66}"="IE Microsoft BrowserBand"
"{205D7A97-F16D-4691-86EF-F3075DCCA57D}"="IE Menu Desk Bar"
"{6038EF75-ABFC-4e59-AB6F-12D397F6568D}"="IE Microsoft History AutoComplete List"
"{73CFD649-CD48-4fd8-A272-2070EA56526B}"="IE BandProxy"
"{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8}"="IE MRU AutoComplete List"
"{9a096bb5-9dc3-4d1c-8526-c3cbf991ea4e}"="Feed Platform Data Source"
"{9D958C62-3954-4b44-8FAB-C4670C1DB4C2}"="IE Microsoft Shell Folder AutoComplete List"
"{B31C5FAE-961F-415b-BAF0-E697A5178B94}"="IE Microsoft Multiple AutoComplete List Container"
"{BC476F4C-D9D7-4100-8D4E-E043F6DEC409}"="Microsoft Browser Architecture"
"{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A}"="IE Shell Rebar BandSite"
"{E6EE9AAC-F76B-4947-8260-A9F136138E11}"="IE Shell Band Site Menu"
"{F0353E1D-FEEC-474e-A984-1E5C6865E380}"="IE Global Folder Settings"
"{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E}"="IE Registry Tree Options Utility"
"{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75}"="IE User Assist"
"{FDE7673D-2E19-4145-8376-BBD58C4BC7BA}"="IE Custom MRU AutoCompleted List"
"{B327765E-D724-4347-8B16-78AE18552FC3}"="NeroDigitalIconHandler"
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}"="NeroDigitalPropSheetHandler"
"{79BC0345-1015-11D2-A299-006008312725}"="blue.shell"
"{9DED7A30-D572-4D21-8D82-6945EA697400}"="Macromedia FlashPaper Context Menu"
"{5E2121EE-0300-11D4-8D3B-444553540000}"="Catalyst Context Menu extension"

**********************************************************************************
HKEY ROOT CLASSIDS:
**********************************************************************************
Files Found are not all bad files:

E:\WINDOWS\SYSTEM32\
admparse.dll Mon 28 Aug 2006 10.05.00 A.... 71 680 70,00 K
advpack.dll Mon 28 Aug 2006 10.04.32 A.... 122 880 120,00 K
ati2cqag.dll Wed 23 Aug 2006 4.14.40 A.... 290 816 284,00 K
ati2dvag.dll Wed 23 Aug 2006 4.53.32 A.... 260 096 254,00 K
ati2edxx.dll Wed 23 Aug 2006 4.46.42 A.... 41 984 41,00 K
ati2evxx.dll Wed 23 Aug 2006 4.46.30 A.... 86 016 84,00 K
ati3duag.dll Wed 23 Aug 2006 4.38.46 A.... 2 401 984 2,29 M
atiddc.dll Wed 23 Aug 2006 4.44.38 A.... 53 248 52,00 K
atidemgr.dll Wed 23 Aug 2006 4.33.48 A.... 303 104 296,00 K
atiiiexx.dll Wed 23 Aug 2006 5.11.46 A.... 307 200 300,00 K
atikvmag.dll Wed 23 Aug 2006 4.21.16 A.... 221 184 216,00 K
atioglx1.dll Wed 23 Aug 2006 4.27.08 A.... 6 684 672 6,38 M
atioglxx.dll Wed 23 Aug 2006 4.25.00 A.... 5 140 480 4,90 M
atipdlxx.dll Wed 23 Aug 2006 4.47.14 A.... 114 688 112,00 K
atitvo32.dll Wed 23 Aug 2006 4.19.54 A.... 17 408 17,00 K
ativvaxx.dll Wed 23 Aug 2006 4.33.46 A.... 2 510 752 2,39 M
browseui.dll Tue 15 Aug 2006 19.32.30 A.... 1 022 976 999,00 K
corpol.dll Mon 28 Aug 2006 10.07.16 A.... 16 896 16,50 K
dxtmsft.dll Mon 28 Aug 2006 10.02.08 A.... 346 624 338,50 K
dxtrans.dll Mon 28 Aug 2006 10.01.48 A.... 213 504 208,50 K
extmgr.dll Mon 28 Aug 2006 10.23.56 A.... 130 560 127,50 K
ff_vfw.dll Wed 16 Aug 2006 12.00.00 A.... 6 144 6,00 K
fltlib.dll Mon 21 Aug 2006 15.26.46 A.... 16 896 16,50 K
hlink.dll Fri 21 Jul 2006 11.28.14 A.... 72 704 71,00 K
icardie.dll Mon 28 Aug 2006 10.02.12 A.... 61 440 60,00 K
ieakeng.dll Mon 28 Aug 2006 10.05.16 A.... 152 064 148,50 K
ieaksie.dll Mon 28 Aug 2006 10.05.24 A.... 229 376 224,00 K
ieakui.dll Mon 28 Aug 2006 9.22.06 A.... 161 792 158,00 K
ieapfltr.dll Tue 22 Aug 2006 23.36.04 ..... 380 928 372,00 K
iedkcs32.dll Mon 28 Aug 2006 10.05.26 A.... 378 368 369,50 K
ieencode.dll Mon 28 Aug 2006 10.09.30 A.... 78 336 76,50 K
ieframe.dll Mon 28 Aug 2006 10.23.56 A.... 5 906 432 5,63 M
iepeers.dll Mon 28 Aug 2006 10.23.56 A.... 189 440 185,00 K
iernonce.dll Mon 28 Aug 2006 10.04.44 A.... 43 008 42,00 K
iertutil.dll Mon 28 Aug 2006 10.01.12 A.... 262 656 256,50 K
iesetup.dll Mon 28 Aug 2006 10.04.50 A.... 55 296 54,00 K
ieui.dll Mon 28 Aug 2006 10.23.56 A.... 175 616 171,50 K
imgutil.dll Mon 28 Aug 2006 10.01.56 A.... 35 328 34,50 K
inetcomm.dll Thu 27 Jul 2006 16.26.14 A.... 679 424 663,50 K
inseng.dll Mon 28 Aug 2006 10.04.48 A.... 92 672 90,50 K
jscript.dll Mon 28 Aug 2006 10.04.24 A.... 487 424 476,00 K
jsproxy.dll Mon 28 Aug 2006 10.23.56 A.... 26 624 26,00 K
legitc~1.dll Mon 7 Aug 2006 9.50.22 A.... 1 484 592 1,41 M
licmgr10.dll Mon 28 Aug 2006 10.08.32 A.... 40 448 39,50 K
msfeeds.dll Mon 28 Aug 2006 10.23.56 A.... 457 728 447,00 K
msfeed~1.dll Mon 28 Aug 2006 10.23.56 A.... 50 688 49,50 K
mshtml.dll Mon 28 Aug 2006 10.23.58 A.... 3 494 400 3,33 M
mshtmled.dll Mon 28 Aug 2006 10.23.56 A.... 472 576 461,50 K
mshtmler.dll Mon 28 Aug 2006 9.25.48 A.... 48 128 47,00 K
msls31.dll Mon 28 Aug 2006 10.23.56 A.... 152 064 148,50 K
msrating.dll Mon 28 Aug 2006 10.08.38 A.... 192 000 187,50 K
mstime.dll Mon 28 Aug 2006 10.23.56 A.... 670 720 655,00 K
occache.dll Mon 28 Aug 2006 10.08.14 A.... 100 352 98,00 K
oemdspif.dll Wed 23 Aug 2006 4.46.56 A.... 77 824 76,00 K
pngfilt.dll Mon 28 Aug 2006 10.02.04 A.... 44 032 43,00 K
px.dll Fri 25 Aug 2006 6.47.00 ..... 514 808 502,74 K
pxafs.dll Fri 25 Aug 2006 6.47.00 ..... 129 784 126,74 K
pxdrv.dll Fri 25 Aug 2006 6.47.00 ..... 477 944 466,74 K
pxmas.dll Fri 25 Aug 2006 6.47.00 ..... 183 032 178,74 K
pxsfs.dll Fri 25 Aug 2006 6.47.00 ..... 1 309 432 1,25 M
pxwave.dll Fri 25 Aug 2006 6.47.00 ..... 379 640 370,74 K
shdocvw.dll Tue 15 Aug 2006 19.32.30 A.... 1 496 576 1,43 M
shlwapi.dll Tue 15 Aug 2006 19.32.30 A.... 474 112 463,00 K
sirenacm.dll Sat 29 Jul 2006 19.32.50 A.... 48 936 47,79 K
spmsg.dll Thu 10 Aug 2006 19.46.22 ..... 14 048 13,72 K
url.dll Mon 28 Aug 2006 10.08.38 A.... 105 472 103,00 K
urlmon.dll Mon 28 Aug 2006 10.23.56 A.... 1 138 688 1,09 M
vbscript.dll Mon 28 Aug 2006 10.23.56 A.... 413 696 404,00 K
vxblock.dll Fri 25 Aug 2006 6.47.00 ..... 39 672 38,74 K
webcheck.dll Mon 28 Aug 2006 10.23.56 A.... 225 792 220,50 K
wininet.dll Mon 28 Aug 2006 10.23.56 A.... 809 472 790,50 K

71 items found: 71 files, 0 directories.
Total of file sizes: 44 897 376 bytes 42,82 M
Locate .tmp files:

No matches found.
**********************************************************************************
Directory Listing of system files:
Aseman E nimi on C:
Aseman sarjanumero on 043C-845D

Kansio E:\WINDOWS\System32

03.10.2006 02:53 <KANSIO> dllcache
14.02.2006 20:27 <KANSIO> Microsoft
0 tiedosto(a) 0 tavua
2 kansio(ta) 25ÿ086ÿ681ÿ088 tavua vapaana

imaco · 13.10.2006

Logfile of HijackThis v1.99.1
Scan saved at 14:13:42, on 13.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5700.0007)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
E:\WINDOWS\System32\GEARSec.exe
E:\WINDOWS\system32\inetsrv\inetinfo.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe
E:\WINDOWS\System32\snmp.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\wscntfy.exe
E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
E:\WINDOWS\system32\LVCOMSX.EXE
E:\Program Files\Logitech\Video\LogiTray.exe
E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
E:\WINDOWS\system32\CTHELPER.EXE
E:\Program Files\Windows Defender\MSASCui.exe
E:\program files\powerstrip\pstrip.exe
E:\Program Files\Logitech\MediaLife\MediaLifeService.exe
E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
E:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
E:\Program Files\Logitech\Video\FxSvr2.exe
E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe
E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\Skype\Phone\Skype.exe
E:\Program Files\Logitech\SetPoint\SetPoint.exe
E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
E:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
E:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\Program Files\ATI Technologies\ATI.ACE\cli.exe
E:\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tietokone.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 216.12.200.106:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O4 - HKLM\..\Run: [vptray] E:\PROGRA~1\SYMANT~1\SYMANT~1\vptray.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] E:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "E:\Program Files\Creative\SBLive\PROGRAM\ADGJDet.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [Windows Defender] "E:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "E:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Disk Cleaner.lnk = E:\Program Files\Disk Cleaner\dclean.exe
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PC Alert 4.lnk = E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_08\bin\npjpi150_08.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O20 - Winlogon Notify: NavLogon - E:\WINDOWS\system32\NavLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: DefWatch - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: GEARSecurity - GEAR Software - E:\WINDOWS\System32\GEARSec.exe
O23 - Service: Macromedia Licensing Service - Macromedia - E:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NBService - Nero AG - E:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - E:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Norton Ghost - Symantec Corporation - E:\Program Files\Symantec\Norton Ghost\Agent\PQV2iSvc.exe

Daniii · 17.10.2006

Noniin look2me näyttäisi olevan poissa.

Nämä ovat automaattisesti käynnistyviä ohjelmia, karsi niistä ne mitkä haluat pois käynnistymästä, saat vähän puhtia koneen nopeuteen (merkitse haluamasi ja paina fix checked):

[bold]
O4 - HKLM\..\Run: [DAEMON Tools-1033] "E:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [DAEMON Tools] "E:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PowerStrip] e:\program files\powerstrip\pstrip.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [MediaLifeService] "E:\Program Files\Logitech\MediaLife\MediaLifeService.exe"
O4 - HKLM\..\Run: [mmtask] "E:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PinnacleDriverCheck] E:\WINDOWS\system32\\PSDrvCheck.exe
O4 - HKLM\..\Run: [ATICCC] "E:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "E:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "E:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKCU\..\Run: [updateMgr] "E:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "E:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] E:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] E:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Norton Ghost 9.0] E:\Program Files\Symantec\Norton Ghost\Agent\GhostTray.exe
O4 - Startup: Adobe Gamma.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Disk Cleaner.lnk = E:\Program Files\Disk Cleaner\dclean.exe
O4 - Startup: MSNP13 Downgrader.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: APC UPS Status.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = E:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PC Alert 4.lnk = E:\Program Files\MSI\PC Alert 4\PCAlert4.exe
[/bold]
Kone näyttäisi muuten olevan puhtoinen.

imaco · 17.10.2006

Kiitoksia vaivannäöstäsi!

Kirjaudu tai liity jäseneksi

Logi

imaco Member

Daniii Regular member

imaco Member

imaco Member

Daniii Regular member

imaco Member

imaco Member

Daniii Regular member

imaco Member

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

Logi

imaco Member

Daniii Regular member

imaco Member

imaco Member

Daniii Regular member

imaco Member

imaco Member

Daniii Regular member

imaco Member

Jaa tämä sivu

Hyödyllisiä hakuja