Jumitus ja hidastelu

Moro.

En tiiä mikä on tullu koneeseen, kun pätkii ja jumittelee aika kivaan malliin välillä ja plus kaikkee muuta pikku häsläystä.
Suoritinkäyttökkin pomppii aika isoilla luvuilla välillä vaikka mitää isompaa ei tee/ohjelmia auki.

Netti taas jumittaa sitäkin enemmän. Operaan tulee vähän väliä ei vastaa sanoma, ja sivuille siirtyminen kestää.

Osaatteko auttaa? Tässä logi:

----

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:45, on 24.2.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Opera\Opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

--
End of file - 7618 bytes

 

Löytyiskö ketään joka vois tsekata ton login
, että mitä häikkää löytyy. Itse kun en osaa...
Kone on alkanut nyt myös välillä uudelleen käynnistymään itsestään, kun ensin heittää bluescreenin. Lisäkin musiikin kuuntelu pätkii jotenkin oudosti?

Olisin kiitollinen jos joku vaivautuisi kattoon ton login Pitäis saada työt tehtyä, mutta koneen käyttäytyimen vähän hankaloittaa sitä tällä hetkellä.

Kiitos!

 

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

Älä sitten tee hommia tännä aikana anna touhuta yksistään tämä ohjelma

 

Noniin eli tässä:

ComboFix 08-02-24.4 - Joomas 2008-02-25 18:01:12.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6000.0.1252.1.1035.18.2124 [GMT 2:00]
Running from: C:\Users\Joomas.HURJA\Desktop\ComboFix.exe
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat
C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat

----- BITS: Possible infected sites -----

hxxp://vzccestwwspro.cce.hp.com
.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-01-25 to 2008-02-25 )))))))))))))))))
.

2008-02-25 17:59 . 2008-02-25 17:59 6,736 --a------ C:\WINDOWS\System32\drivers\PROCEXP90.SYS
2008-02-24 23:28 . 2008-02-24 23:40 214,736,740 --a------ C:\WINDOWS\MEMORY.DMP
2008-02-24 02:01 . 2008-02-24 02:01 <KANSIO> d-------- C:\Program Files\Common Files\Java
2008-02-23 14:38 . 2008-02-23 14:38 <KANSIO> d-------- C:\Users\All Users\SUPERAntiSpyware.com
2008-02-23 14:38 . 2008-02-23 14:38 <KANSIO> d-------- C:\ProgramData\SUPERAntiSpyware.com
2008-02-23 14:37 . 2008-02-23 14:37 <KANSIO> d-------- C:\Users\Joomas.HURJA\AppData\Roaming\SUPERAntiSpyware.com
2008-02-23 14:37 . 2008-02-25 17:01 <KANSIO> d-------- C:\Program Files\SUPERAntiSpyware
2008-02-23 14:28 . 2008-02-23 14:28 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-02-23 10:28 . 2008-02-23 10:30 <KANSIO> d-------- C:\Program Files\Subdownloader
2008-02-23 09:27 . 2008-02-23 09:27 <KANSIO> d-------- C:\Users\All Users\FLEXnet
2008-02-23 09:27 . 2008-02-23 09:27 <KANSIO> d-------- C:\ProgramData\FLEXnet
2008-02-23 09:14 . 2008-02-23 09:14 <KANSIO> d-------- C:\Program Files\Common Files\Macrovision Shared
2008-02-23 02:31 . 2007-12-04 15:04 837,496 --a------ C:\WINDOWS\System32\aswBoot.exe
2008-02-23 02:31 . 2004-01-09 11:13 380,928 --a------ C:\WINDOWS\System32\actskin4.ocx
2008-02-23 02:31 . 2007-12-04 14:54 95,608 --a------ C:\WINDOWS\System32\AvastSS.scr
2008-02-23 02:31 . 2007-12-04 16:52 45,648 --a------ C:\WINDOWS\System32\drivers\aswMonFlt.sys
2008-02-23 02:31 . 2007-12-04 16:51 42,912 --a------ C:\WINDOWS\System32\drivers\aswTdi.sys
2008-02-23 02:31 . 2007-12-04 16:53 23,152 --a------ C:\WINDOWS\System32\drivers\aswRdr.sys
2008-02-23 02:30 . 2008-02-23 02:30 <KANSIO> d-------- C:\Program Files\Alwil Software
2008-02-23 02:16 . 2008-02-23 02:16 <KANSIO> d-------- C:\Users\All Users\Avg7
2008-02-23 02:16 . 2008-02-23 02:16 <KANSIO> d-------- C:\ProgramData\Avg7
2008-02-23 01:55 . 2008-02-23 01:55 47,104 --a------ C:\WINDOWS\System32\drivers\avgwfp.sys
2008-02-23 01:47 . 2008-02-23 01:47 <KANSIO> d-------- C:\Program Files\iTunes
2008-02-23 01:45 . 2008-02-23 01:45 <KANSIO> d-------- C:\Program Files\Bonjour
2008-02-23 01:43 . 2008-02-23 01:47 <KANSIO> d-------- C:\Users\All Users\Apple Computer
2008-02-23 01:43 . 2008-02-23 01:47 <KANSIO> d-------- C:\ProgramData\Apple Computer
2008-02-23 01:42 . 2008-02-23 01:42 <KANSIO> d-------- C:\Program Files\Apple Software Update
2008-02-23 01:41 . 2008-02-23 01:41 <KANSIO> d-------- C:\Users\All Users\Apple
2008-02-23 01:41 . 2008-02-23 01:41 <KANSIO> d-------- C:\ProgramData\Apple
2008-02-23 01:41 . 2008-02-23 01:41 <KANSIO> d-------- C:\Program Files\Common Files\Apple
2008-02-23 01:33 . 2008-02-23 01:33 <KANSIO> d-------- C:\Users\Joomas.HURJA\AppData\Roaming\vlc
2008-02-23 00:27 . 2008-02-23 00:27 <KANSIO> d-------- C:\Program Files\MagicISO
2008-02-23 00:16 . 2008-02-23 00:16 <KANSIO> d-------- C:\Program Files\Yahoo!
2008-02-23 00:16 . 2008-02-23 00:17 <KANSIO> d-------- C:\Program Files\FLV Player
2008-02-23 00:14 . 2008-02-23 00:14 716,272 --a------ C:\WINDOWS\System32\drivers\sptd.sys
2008-02-23 00:08 . 2008-02-23 00:08 <KANSIO> d-------- C:\Users\All Users\Lavasoft
2008-02-23 00:08 . 2008-02-23 00:08 <KANSIO> d-------- C:\ProgramData\Lavasoft
2008-02-23 00:08 . 2008-02-23 00:08 <KANSIO> d-------- C:\Program Files\Lavasoft
2008-02-23 00:08 . 2008-02-23 14:36 <KANSIO> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-02-23 00:02 . 2008-02-23 11:56 <KANSIO> d-------- C:\Program Files\CCleaner
2008-02-22 23:54 . 2008-02-22 23:54 <KANSIO> d-------- C:\Downloads
2008-02-22 23:37 . 2008-02-22 23:37 <KANSIO> d-------- C:\Program Files\Zone Labs
2008-02-22 23:37 . 2008-01-09 03:31 1,086,952 --a------ C:\WINDOWS\System32\zpeng24.dll
2008-02-22 23:36 . 2008-02-22 23:37 <KANSIO> d-------- C:\WINDOWS\System32\ZoneLabs
2008-02-22 23:36 . 2008-02-22 23:36 <KANSIO> d-------- C:\Users\All Users\CheckPoint
2008-02-22 23:36 . 2008-02-22 23:36 <KANSIO> d-------- C:\ProgramData\CheckPoint
2008-02-22 23:36 . 2008-02-25 00:13 352,615 --ah----- C:\WINDOWS\System32\drivers\vsconfig.xml
2008-02-22 23:36 . 2008-02-23 08:09 352,615 --ah----- C:\WINDOWS\System32\drivers\vsconfig(58).xml
2008-02-22 23:36 . 2008-01-09 03:32 276,368 --------- C:\WINDOWS\System32\drivers\vsdatant.sys
2008-02-22 23:36 . 2008-01-09 03:32 276,368 --a------ C:\WINDOWS\System32\drivers\~GLH0014.TMP
2008-02-22 23:35 . 2008-02-25 18:02 <KANSIO> d-------- C:\WINDOWS\Internet Logs
2008-02-22 23:12 . 2008-02-22 23:12 <KANSIO> dr------- C:\Users\Joomas.HURJA\Searches
2008-02-22 23:11 . 2008-02-22 23:12 <KANSIO> dr------- C:\Users\Joomas.HURJA\Videos
2008-02-22 23:11 . 2008-02-22 23:12 <KANSIO> dr------- C:\Users\Joomas.HURJA\Saved Games
2008-02-22 23:11 . 2008-02-22 23:12 <KANSIO> dr------- C:\Users\Joomas.HURJA\Pictures
2008-02-22 23:11 . 2008-02-25 13:11 <KANSIO> dr------- C:\Users\Joomas.HURJA\Music
2008-02-22 23:11 . 2008-02-22 23:19 <KANSIO> dr------- C:\Users\Joomas.HURJA\Links
2008-02-22 23:11 . 2008-02-22 23:12 <KANSIO> dr------- C:\Users\Joomas.HURJA\Downloads
2008-02-22 23:11 . 2008-02-24 15:59 <KANSIO> dr------- C:\Users\Joomas.HURJA\Documents
2008-02-22 23:11 . 2008-02-22 23:11 <KANSIO> dr------- C:\Users\Joomas.HURJA\Contacts
2008-02-22 23:11 . 2006-11-02 14:37 <KANSIO> d-------- C:\Users\Joomas.HURJA\AppData\Roaming\Media Center Programs
2008-02-22 23:11 . 2008-02-04 20:02 <KANSIO> d-------- C:\Users\Joomas.HURJA\AppData\Roaming\Apple Computer
2008-02-22 23:11 . 2008-02-22 23:12 <KANSIO> d--h----- C:\Users\Joomas.HURJA\AppData
2008-02-22 17:11 . 2008-02-22 17:11 <KANSIO> dr------- C:\WINDOWS\System32\config\systemprofile\Music
2008-02-22 17:06 . 2008-02-22 17:06 194,560 --a------ C:\WINDOWS\System32\WebClnt.dll
2008-02-22 17:06 . 2008-02-22 17:06 110,080 --a------ C:\WINDOWS\System32\drivers\mrxdav.sys
2008-02-22 17:04 . 2008-02-22 17:04 3,505,720 --a------ C:\WINDOWS\System32\ntkrnlpa.exe
2008-02-22 17:04 . 2008-02-22 17:04 3,471,928 --a------ C:\WINDOWS\System32\ntoskrnl.exe
2008-02-22 17:04 . 2008-02-22 17:04 1,060,920 --a------ C:\WINDOWS\System32\drivers\ntfs.sys
2008-02-22 17:04 . 2008-02-22 17:04 211,000 --a------ C:\WINDOWS\System32\drivers\volsnap.sys
2008-02-22 17:04 . 2008-02-22 17:04 154,624 --a------ C:\WINDOWS\System32\drivers\nwifi.sys
2008-02-22 17:04 . 2008-02-22 17:04 109,624 --a------ C:\WINDOWS\System32\drivers\ataport.sys
2008-02-22 17:04 . 2008-02-22 17:04 45,112 --a------ C:\WINDOWS\System32\drivers\pciidex.sys
2008-02-22 17:04 . 2008-02-22 17:04 21,560 --a------ C:\WINDOWS\System32\drivers\atapi.sys
2008-02-22 17:04 . 2008-02-22 17:04 15,928 --a------ C:\WINDOWS\System32\drivers\pciide.sys
2008-02-22 17:02 . 2008-02-22 17:02 130,048 --a------ C:\WINDOWS\System32\drivers\srv2.sys
2008-02-22 17:02 . 2008-02-22 17:02 101,888 --a------ C:\WINDOWS\System32\drivers\mrxsmb.sys
2008-02-22 17:02 . 2008-02-22 17:02 84,992 --a------ C:\WINDOWS\System32\drivers\srvnet.sys
2008-02-22 17:02 . 2008-02-22 17:02 58,368 --a------ C:\WINDOWS\System32\drivers\mrxsmb20.sys
2008-02-22 17:02 . 2008-02-22 17:02 11,776 --a------ C:\WINDOWS\System32\sbunattend.exe
2008-02-22 17:01 . 2008-02-22 17:01 2,048 --a------ C:\WINDOWS\System32\tzres.dll
2008-02-22 16:56 . 2008-02-22 16:56 1,244,672 --a------ C:\WINDOWS\System32\mcmde.dll
2008-02-22 16:43 . 2008-02-22 16:43 1,712,984 --a------ C:\WINDOWS\System32\wuaueng.dll
2008-02-22 16:43 . 2008-02-22 16:43 1,524,224 --a------ C:\WINDOWS\System32\wucltux.dll
2008-02-22 16:43 . 2008-02-22 16:43 549,720 --a------ C:\WINDOWS\System32\wuapi.dll
2008-02-22 16:43 . 2008-02-22 16:43 80,896 --a------ C:\WINDOWS\System32\wudriver.dll
2008-02-22 16:43 . 2008-02-22 16:43 53,080 --a------ C:\WINDOWS\System32\wuauclt.exe
2008-02-22 16:43 . 2008-02-22 16:43 43,352 --a------ C:\WINDOWS\System32\wups2.dll
2008-02-22 16:43 . 2008-02-22 16:43 33,624 --a------ C:\WINDOWS\System32\wups.dll
2008-02-22 16:41 . 2008-02-22 16:41 163,000 --a------ C:\WINDOWS\System32\wuwebv.dll
2008-02-22 16:41 . 2008-02-22 16:41 31,232 --a------ C:\WINDOWS\System32\wuapp.exe
2008-02-22 16:41 . 2008-02-22 16:41 1,838 --a------ C:\WINDOWS\System32\responseBody.xml
2008-02-22 16:41 . 2008-02-22 16:41 984 --a------ C:\WINDOWS\System32\requestBody.xml
2008-02-22 16:41 . 2008-02-22 16:41 449 --a------ C:\WINDOWS\System32\request.gzip
2008-02-22 16:37 . 2002-04-04 11:14 26,493 --a------ C:\WINDOWS\System32\drivers\ADM851x.SYS
2008-02-22 16:17 . 2008-02-23 02:16 <KANSIO> d-------- C:\Users\All Users\Grisoft
2008-02-22 16:17 . 2008-02-23 02:16 <KANSIO> d-------- C:\ProgramData\Grisoft
2008-02-22 16:05 . 2008-02-22 16:05 44 --a------ C:\WINDOWS\system\hpsysdrv.dat
2008-02-22 16:02 . 2008-02-22 16:02 1,980 -rahs---- C:\WINDOWS\System32\drivers\103C_HP_CPC_KA909AA-UUW m9151.sc_YC_0Pavi_QCZH750_E81FIv3PrA2_49_INARRA2_SASUSTek Computer INC._V2.00_B5.13_T071029_WUH0_L40B_M3071_J500_7AMD_8Athlon 64 X2 Dual Core_92.6_#080130_N10DE03EF_Z_G10DE0402.MRK
2008-02-22 16:01 . 2008-02-23 08:02 <KANSIO> d--h----- C:\Users\Joonas\AppData

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-24 00:02 --------- d-----w C:\Program Files\Java
2008-02-23 10:22 --------- d-----w C:\Program Files\Common Files\Adobe
2008-02-23 04:05 1,446,912 ----a-w C:\Windows\Internet Logs\xDBF768.tmp
2008-02-23 00:10 21,504 ----a-w C:\Windows\Internet Logs\xDBCE07.tmp
2008-02-23 00:10 1,332,736 ----a-w C:\Windows\Internet Logs\xDBCFDC.tmp
2008-02-23 00:05 22,016 ----a-w C:\Windows\Internet Logs\xDBF324.tmp
2008-02-23 00:05 1,332,736 ----a-w C:\Windows\Internet Logs\xDBF3E0.tmp
2008-02-23 00:03 17,920 ----a-w C:\Windows\Internet Logs\xDBE445.tmp
2008-02-23 00:03 1,332,736 ----a-w C:\Windows\Internet Logs\xDBEA20.tmp
2008-02-23 00:00 1,478,656 ----a-w C:\Windows\Internet Logs\xDBF70A.tmp
2008-02-22 23:33 --------- d-----w C:\Users\Joomas.HURJA\AppData\Roaming\vlc
2008-02-22 19:42 --------- d-----w C:\Program Files\WinTV
2008-02-22 19:41 --------- d-----w C:\Program Files\PC-Doctor 5 for Windows
2008-02-22 19:41 --------- d-----w C:\Program Files\Microsoft Works
2008-02-22 19:40 --------- d-----w C:\Program Files\HP
2008-02-22 16:00 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-02-22 15:58 --------- d-----w C:\Program Files\Windows Sidebar
2008-02-22 15:58 --------- d-----w C:\Program Files\Windows Mail
2008-02-22 15:07 704,000 ----a-w C:\Windows\System32\PhotoScreensaver.scr
2008-02-22 15:07 67,584 ----a-w C:\Windows\System32\wlanhlp.dll
2008-02-22 15:07 542,720 ----a-w C:\Windows\System32\sysmain.dll
2008-02-22 15:07 502,784 ----a-w C:\Windows\System32\wlansvc.dll
2008-02-22 15:07 47,104 ----a-w C:\Windows\System32\wlanapi.dll
2008-02-22 15:07 297,984 ----a-w C:\Windows\System32\wlansec.dll
2008-02-22 15:07 290,816 ----a-w C:\Windows\System32\wlanmsm.dll
2008-02-22 15:07 258,232 ----a-w C:\Windows\system32\drivers\acpi.sys
2008-02-22 15:07 24,064 ----a-w C:\Windows\System32\wtsapi32.dll
2008-02-22 15:07 2,923,520 ----a-w C:\Windows\explorer.exe
2008-02-22 15:07 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-22 15:03 9,728 ----a-w C:\Windows\System32\LAPRXY.DLL
2008-02-22 14:59 824,832 ----a-w C:\Windows\System32\wininet.dll
2008-02-22 14:59 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-22 14:59 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-22 14:59 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-22 14:28 --------- d-----w C:\ProgramData\Symantec
2008-02-22 14:16 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-02-22 14:02 1,980 --sha-r C:\Windows\system32\drivers\103C_HP_CPC_KA909AA-UUW m9151.sc_YC_0Pavi_QCZH750_E81FIv3PrA2_49_INARRA2_SASUSTek Computer INC._V2.00_B5.13_T071029_WUH0_L40B_M3071_J500_7AMD_8Athlon 64 X2 Dual Core_92.6_#080130_N10DE03EF_Z_G10DE0402.MRK
2008-02-22 14:02 --------- d-----w C:\ProgramData\Hewlett-Packard
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Työpöytä
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Tiedostot
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Suosikit
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Mallit
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Käynnistä-valikko
2008-02-22 13:58 --------- d-sh--w C:\ProgramData\Application Data
2008-01-09 01:32 276,368 ----a-w C:\Windows\system32\drivers\~GLH0014.TMP
2007-12-14 09:32 12,632 ----a-w C:\Windows\System32\lsdelete.exe
2007-12-04 00:26 8,147,968 ----a-w C:\Windows\System32\wmploc.DLL
2007-12-04 00:26 7,680 ----a-w C:\Windows\System32\spwmp.dll
2007-12-04 00:26 4,096 ----a-w C:\Windows\System32\dxmasf.dll
2007-12-04 00:26 356,864 ----a-w C:\Windows\System32\MediaMetadataHandler.dll
2007-12-04 00:25 84,480 ----a-w C:\Windows\System32\INETRES.dll
2007-12-04 00:25 737,792 ----a-w C:\Windows\System32\inetcomm.dll
2007-12-04 00:23 788,992 ----a-w C:\Windows\System32\rpcrt4.dll
2007-12-04 00:22 8,704 ----a-w C:\Windows\System32\hcrstco.dll
2007-12-04 00:22 8,704 ----a-w C:\Windows\System32\hccoin.dll
2007-12-04 00:22 750,080 ----a-w C:\Windows\System32\qmgr.dll
2007-12-04 00:20 25,600 ----a-w C:\Windows\System32\LangCleanupSysprepAction.dll
2007-12-04 00:20 23,552 ----a-w C:\Windows\System32\lpremove.exe
2007-12-04 00:20 166,912 ----a-w C:\Windows\System32\lpksetup.exe
2007-12-04 00:20 10,240 ----a-w C:\Windows\System32\MUILanguageCleanup.dll
2007-12-04 00:15 1,335,296 ----a-w C:\Windows\System32\msxml6.dll
2007-12-04 00:15 1,191,936 ----a-w C:\Windows\System32\msxml3.dll
2007-12-04 00:14 86,016 ----a-w C:\Windows\System32\icfupgd.dll
2007-12-04 00:14 61,952 ----a-w C:\Windows\System32\cmifw.dll
2007-12-04 00:14 396,800 ----a-w C:\Windows\System32\MPSSVC.dll
2007-12-04 00:14 392,192 ----a-w C:\Windows\System32\FirewallAPI.dll
2007-12-04 00:14 39,936 ----a-w C:\Windows\System32\dwmapi.dll
2007-12-04 00:14 374,456 ----a-w C:\Windows\System32\mcupdate_GenuineIntel.dll
2007-12-04 00:14 2,016,256 ----a-w C:\Windows\System32\milcore.dll
2007-12-04 00:14 178,688 ----a-w C:\Windows\System32\iphlpsvc.dll
2007-12-04 00:14 16,896 ----a-w C:\Windows\System32\wfapigp.dll
2007-12-04 00:12 57,856 ----a-w C:\Windows\System32\SLUINotify.dll
2007-12-04 00:12 566,784 ----a-w C:\Windows\System32\SLCommDlg.dll
2007-12-04 00:12 39,936 ----a-w C:\Windows\System32\slcinst.dll
2007-12-04 00:12 351,232 ----a-w C:\Windows\System32\SLUI.exe
2007-12-04 00:12 33,280 ----a-w C:\Windows\System32\slwmi.dll
2007-12-04 00:12 268,288 ----a-w C:\Windows\System32\mcbuilder.exe
2007-12-04 00:12 223,232 ----a-w C:\Windows\System32\SLC.dll
2007-12-04 00:12 2,605,568 ----a-w C:\Windows\System32\SLsvc.exe
2007-12-04 00:12 186,368 ----a-w C:\Windows\System32\SLLUA.exe
2007-12-04 00:10 5,120 ----a-w C:\Windows\System32\wmi.dll
2007-12-04 00:10 152,576 ----a-w C:\Windows\System32\imagehlp.dll
2007-12-04 00:08 87,040 ----a-w C:\Windows\System32\msoert2.dll
2007-12-04 00:08 39,424 ----a-w C:\Windows\System32\ACCTRES.dll
2007-12-04 00:08 205,824 ----a-w C:\Windows\System32\msoeacct.dll
2007-12-04 00:07 97,792 ----a-w C:\Windows\System32\sdshext.dll
2007-12-04 00:07 727,040 ----a-w C:\Windows\System32\sdengin2.dll
2007-12-04 00:07 102,912 ----a-w C:\Windows\System32\sdrsvc.dll
2007-12-04 00:07 1,192,960 ----a-w C:\Windows\System32\sdclt.exe
2007-12-04 00:05 49,664 ----a-w C:\Windows\System32\csrsrv.dll
2007-12-04 00:05 376,320 ----a-w C:\Windows\System32\winsrv.dll
2007-12-04 00:05 36,864 ----a-w C:\Windows\System32\wmdmps.dll
2007-12-04 00:05 311,296 ----a-w C:\Windows\System32\mswmdm.dll
2007-12-04 00:05 31,744 ----a-w C:\Windows\System32\wmdmlog.dll
2007-12-04 00:04 633,856 ----a-w C:\Windows\System32\user32.dll
2007-12-04 00:03 414,208 ----a-w C:\Windows\System32\msscp.dll
2007-12-04 00:03 146,944 ----a-w C:\Windows\System32\MMDevAPI.dll
2007-12-04 00:02 84,480 ----a-w C:\Windows\System32\dnsrslvr.dll
2007-12-04 00:02 24,576 ----a-w C:\Windows\System32\dnscacheugc.exe
2007-12-04 00:01 974,336 ----a-w C:\Windows\System32\crypt32.dll
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-02-22 17:02 1232896]
"BitComet"="C:\Program Files\BitComet\BitComet.exe" [2008-02-01 09:20 2194744]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2007-12-04 02:04 1006264]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2007-04-18 17:01 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"OsdMaestro"="C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2007-02-15 13:59 118784]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-08-27 20:59 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-08-27 20:59 8473120]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-08-27 20:59 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2007-10-25 15:52 4702208 C:\WINDOWS\RtHDVCpl.exe]
"HP Health Check Scheduler"="[ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [ ]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2007-05-11 03:06 40048]
"SunJavaUpdateReg"="C:\Windows\system32\jureg.exe" [2007-04-07 02:56 54936]
"HP Software Update"="c:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 16:24 54840]
"ZoneAlarm Client"="C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe" [2008-01-09 03:31 959976]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [2008-01-31 23:13 385024]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 13:10 267048]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [2007-12-04 15:00 79224]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe" [2007-12-14 03:42 144784]

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2006-12-20 13:55 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 2007-04-19 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{A96B629F-8044-4782-8987-D7081B4D61BC}"= C:\Program Files\HP\DVDPlay\DVDPlay.exeVD Play|Desc=DVD Play
"{1C3BD497-C000-47D2-A089-7E54E5D20641}"= C:\Program Files\HP\DVDPlay\DPService.exeVD Play Resident Program|Desc=DVD Play Resident Program
"{48B8D2D7-DB8B-4C7F-937E-9BA9BAB56AEA}"= c:\Program Files\Cyberlink\PowerDirector\PDR.EXE:CyberLink PowerDirector|Desc=CyberLink PowerDirector
"TCP Query User{49BF063B-D382-43D3-BA00-C06782B01E34}C:\program files\bitcomet\bitcomet.exe"= UDP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client|Desc=BitComet - a BitTorrent Client
"UDP Query User{1ECD8A99-8374-4099-8F0C-F311BE509525}C:\program files\bitcomet\bitcomet.exe"= TCP:C:\program files\bitcomet\bitcomet.exe:BitComet - a BitTorrent Client|Desc=BitComet - a BitTorrent Client
"{78217305-32EE-40A7-877E-8FD361ABA5F7}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{A592E6C8-6451-4EE8-A869-2A3C66B24FC9}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{813C3D3E-0DA9-4025-B602-CFD2861D2585}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{1B0C3FA0-132F-450B-8352-A16DD7994A24}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};C:\Program Files\HP\DVDPlay\000.fcl [2007-10-09 11:07]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2007-12-04 16:52]
R2 HPBtnSrv;HP Chasis Button Service;c:\hp\HPEZBTN\HPBtnSrv.exe [2007-05-29 17:19]
R3 ADM851x;ADMtek ADM8511 To Fast Ethernet Adapter;C:\Windows\system32\DRIVERS\ADM851x.SYS [2002-04-04 11:14]
R3 HCW85BDA;Hauppauge WinTV 885 Video Capture;C:\Windows\system32\drivers\HCW85BDA.sys [2007-10-01 11:21]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista;C:\Windows\system32\DRIVERS\netr73.sys [2007-09-24 13:09]

.
**************************************************************************

catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-02-25 18:05:38
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-02-25 18:06:21
ComboFix-quarantined-files.txt 2008-02-25 16:06:19
.
2008-02-23 21:08:43 --- E O F ---

 

poista koneelta

SUPERAntiSpyware

=========

Avaa Windows Defender.
Klikkaa Tools ja General Settings.
Selaa alas ja ota rasti pois Turn on real-time protection (recommended)-kohdasta.
Tämän jälkeen klikkaa Save ja sulje Windows Defender.

=========

scannaa hjt;llä merkkaa paina Fix checked

O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)

 

Hmm.. Netti tuntuu takkuilevan kyllä vieläkin tosi ikävästi kuin myös musiikin ja videoiden katselu.
Suoritinkäyttö ei kyllä näytä enään olevan yhtä suuri.

Noh, laitan tähän vielä uuden login:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:09:45, on 24.2.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\System32\mobsync.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Opera\Opera.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

--
End of file - 7618 bytes

 

Lataa VundoFix.exe työpöydällesi.

Tupla-klikkaa VundoFix.exe ajaaksesi sen.
Klikkaa Scan for Vundo valintaa.
Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
Sinulta kysytään haluatko poistaa filut - klikkaa YES.
Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.

Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

===========

Muuten loki on sama kuin aikaisemmin ei ole uusin

 

Vundolla ei löytynyt mitään...

Tässä se uusi hjt logi:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16:34, on 26.2.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\WerFault.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\hp\KBD\KbdStub.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_04\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe" /tray
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

--
End of file - 7364 bytes

 

loki ok

 

Noni hyvä juttu.

Mutta vielä tuntuu kyllä olevan inhottavan hidastelva :/ ei se ole tämmöinen ollut ennen... Mistäköhän se voisi sitten johtua? Onko ideoita?

 

Lataa Atribunen ATF Cleaner

Ohjeet;

Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasiKlikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)

 

ATF:llä poistin kaikki, mutta eipä sekään paljoa auttanut. Eli edelleen netti tökkii ja jumittelee tosi pahasti.

Onko vielä jotain mitä voisi tehdä?

 

Lataa: RegSeeker.zip työpöydälle:

Pura zip C:\RegSeeker\ kansioon. Sieltä käynnistät RegSeeker.exe ohjelman.
Oikeasa yläkulmassa on Languages.... linkki, josta valitset Suomenkielen.
Vasemmasta alakulmasta ruksit Luo vrmuuskopio ja sitten linkki Puhdista rekisteri
Ruksit kaikkiin muihin kohtiin paitsi "Käyttökelvottomat.." sitten "OK" (odotat hetken).
Ruutuun ilmestyy lista epäkelvoista rekisterimerkinnöistä, jotka alapalkista Valitse kohdasta
klikkaat Valitse kaikki jolloin valitut saavat keltaisen pohjavärin.
Alapalkin Toiminnot linkistä klikkaat Poista valitut kohteet
Ponnahdusikkunaan "Kaikki valitut kohteet poistetaan ? vastaat "OK".
Seuraavaan Ponnahdusikkunaan "Varmuuskopiot" vastaat "OK".
Klikaa vasemmalta Lopeta RegSeeker ja käynnistä koneesi uudelleen.

 

Ei auttanut... ei taaskaan parannusta :/

 

Lataa Winsockfix
työpöydällesi
pura zip, Avaa Winsockfix paina Fix

 

Tuo Winsockfix tuntui korjaavan tuon netin ainakin joskin aikaa. Mitä tuo ohjelma tekee oikein tarkalleen?

Mutta kuitenkin... Kun netissä jonkin aikaa surffailee ihan sujuvasti alkaa se taas tökkiä, muttei kuitenkaan yhtä paljon kuin ennen Winsockfixillä korjausta.
Sitten jos sen ohjelman ajaa taas niin nettikin lähtee rulaan.
Pitääkö aina ajaa se ohjelma että korjaantuis vai onko joku pysyväkin keino millä sen sais lopullisesti pysymään normaalina?

Sitten sen olen huomannut myös, että kun avaa p2p-ohjelman netti jumittuu ihan totaalisesti, kuin myös se ohjelmakin.

Laitampa vielä uusimman login jos auttais vaikka:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:05:18, on 12.3.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Windows\system32\taskeng.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\ehome\ehmsas.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [Computer Alarm Clock] C:\PROGRA~1\COMPUT~1\cac.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

--
End of file - 8714 bytes

 

ongelma vaivaa edelleenkin... Nykyään kone on alkanu myös sammuilemaan itsekseen, heittää bluescreenin vaan näytölle ja hetken kuluttua käynnistyy uudelleen.
Onko neuvoa`?

 

scannaa uusi hjt:n loki

 

Tässä tämä

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:35, on 25.3.2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16609)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Opera\Opera.exe
C:\hp\kbd\kbd.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=fi_fi&c=81&bd=Pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe" -delete
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: HP Chasis Button Service (HPBtnSrv) - Unknown owner - c:\hp\HPEZBTN\HPBtnSrv.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\System32\ZoneLabs\vsmon.exe

--
End of file - 8969 bytes

 

Poista tuo Spybot - Search & Destroy koneelta
Poista tuo Windows Defender koneelta.

Katos ne verkoyhteyden asetukset et on oikein.