Kone hidastelee ajoittain

jalbert · Oct 18, 2008

terves itselläni samalainen ongelma oli tos just ei auttanut muu kun
windowsin uudelleen asennus....ja kyseessä acerin 5100

Jukssu · Oct 29, 2008

Mulla siis tuo samainen Acerin 5100 ja samaan aikaan ostettu. Tuolla asiaa jonkin verran käyty läpi: http://keskustelu.afterdawn.com/thread_view.cfm/709257#4338292

Ja tein samat hommat eli mitä Oiva2:kin oli ilmeisesti tehnyt.. tässä vähän mun lokilistaa ym...

Javan poistin ja asensin uudestaan kuten kehoitettiin, mutta eikös versio ollut nyt 6u4. Nyt mulla näyttää tuo versio 6.0.40.12. Onko oikea? Jätin sitä käyttötilaa 100 MB. Onkos sopiva?

Tässä JaVaRa:n loki:

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Tue Oct 28 19:34:23 2008

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Classes\JavaPlugin.160_04

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610004

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160040}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_04\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_04.b12\

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

------------------------------------

Finished reporting.

Combofix:

ComboFix 08-10-27.01 - Piia 2008-10-28 6:20:18.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.901 [GMT 2:00]
.

((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-09-28 to 2008-10-28 )))))))))))))))))
.

2008-10-27 19:15 . 2008-10-27 19:15 <KANSIO> d-------- C:\Users\Piia\AppData\Roaming\Malwarebytes
2008-10-27 19:15 . 2008-10-27 19:15 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
2008-10-27 19:15 . 2008-10-27 19:15 <KANSIO> d-------- C:\ProgramData\Malwarebytes
2008-10-27 19:15 . 2008-10-22 16:10 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-27 19:15 . 2008-10-22 16:10 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-27 17:56 . 2008-10-27 17:57 <KANSIO> d-------- C:\Program Files\Java
2008-10-27 17:56 . 2008-10-27 17:56 <KANSIO> d-------- C:\Program Files\Common Files\Java
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Videos
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Searches
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Saved Games
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Pictures
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Music
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Links
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Downloads
2008-10-25 15:47 . 2008-10-25 15:47 <KANSIO> dr------- C:\Windows\System32\config\systemprofile\Documents
2008-10-25 15:46 . 2008-10-25 15:46 <KANSIO> d-------- C:\Users\Piia\AppData\Roaming\Leadertech
2008-10-25 15:36 . 2007-05-16 15:45 3,497,832 --a------ C:\Windows\System32\d3dx9_34.dll
2008-10-25 15:36 . 2007-03-12 15:42 3,495,784 --a------ C:\Windows\System32\d3dx9_33.dll
2008-10-25 15:36 . 2007-05-16 15:45 1,124,720 --a------ C:\Windows\System32\D3DCompiler_34.dll
2008-10-25 15:36 . 2007-03-12 15:42 1,123,696 --a------ C:\Windows\System32\D3DCompiler_33.dll
2008-10-25 15:36 . 2007-03-15 15:57 443,752 --a------ C:\Windows\System32\d3dx10_33.dll
2008-10-25 15:36 . 2007-04-04 17:55 261,480 --a------ C:\Windows\System32\xactengine2_7.dll
2008-10-25 15:36 . 2007-01-24 14:27 255,848 --a------ C:\Windows\System32\xactengine2_6.dll
2008-10-25 15:36 . 2007-04-04 17:53 81,768 --a------ C:\Windows\System32\xinput1_3.dll
2008-10-25 15:36 . 2007-03-05 11:42 15,128 --a------ C:\Windows\System32\x3daudio1_1.dll
2008-10-25 15:11 . 2008-10-27 17:41 <KANSIO> d-------- C:\Program Files\DAEMON Tools Toolbar
2008-10-25 15:01 . 2008-10-25 15:01 <KANSIO> d-------- C:\Users\Piia\AppData\Roaming\DAEMON Tools
2008-10-23 18:04 . 2008-08-05 11:49 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-10-23 18:04 . 2008-08-05 11:48 217,088 --a------ C:\Windows\System32\psisrndr.ax
2008-10-23 18:03 . 2008-08-05 11:49 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-10-23 18:03 . 2008-08-05 11:48 177,664 --a------ C:\Windows\System32\mpg2splt.ax
2008-10-23 18:03 . 2008-08-05 11:48 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-10-20 22:36 . 2006-11-29 12:06 3,426,072 --a------ C:\Windows\System32\d3dx9_32.dll
2008-10-20 22:36 . 2006-09-28 15:05 2,414,360 --a------ C:\Windows\System32\d3dx9_31.dll
2008-10-20 22:36 . 2006-11-29 12:06 440,080 --a------ C:\Windows\System32\d3dx10.dll
2008-10-20 22:36 . 2006-12-08 11:02 251,672 --a------ C:\Windows\System32\xactengine2_5.dll
2008-10-20 22:36 . 2006-09-28 15:05 237,848 --a------ C:\Windows\System32\xactengine2_4.dll
2008-10-20 22:36 . 2006-07-28 08:30 236,824 --a------ C:\Windows\System32\xactengine2_3.dll
2008-10-20 22:36 . 2006-07-28 08:30 62,744 --a------ C:\Windows\System32\xinput1_2.dll
2008-10-20 22:35 . 2005-05-26 14:34 2,297,552 --a------ C:\Windows\System32\d3dx9_26.dll
2008-10-16 20:07 . 2008-10-16 20:07 <KANSIO> d-------- C:\Program Files\Common Files\Adobe AIR
2008-10-16 20:05 . 2008-10-16 20:06 <KANSIO> d-------- C:\Users\All Users\Adobe
2008-10-16 20:05 . 2008-10-16 20:06 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
2008-10-16 19:57 . 2008-10-16 20:09 <KANSIO> d-------- C:\Users\All Users\NOS
2008-10-16 19:57 . 2008-10-16 20:09 <KANSIO> d-------- C:\ProgramData\NOS
2008-10-16 19:57 . 2008-10-16 19:57 <KANSIO> d-------- C:\Program Files\NOS
2008-10-16 13:43 . 2008-09-18 07:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-16 13:43 . 2008-09-18 07:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-16 13:43 . 2008-09-18 04:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-16 13:43 . 2008-08-27 03:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-16 13:42 . 2008-10-02 03:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-16 13:42 . 2008-10-02 05:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-10-12 21:30 . 2008-10-12 21:31 <KANSIO> d-------- C:\Program Files\PokerStars.NET
2008-10-01 15:56 . 2008-10-01 15:57 50 --a------ C:\~GLHTTP1.TMP
2008-10-01 15:54 . 2008-10-27 17:44 <KANSIO> d-------- C:\Users\All Users\Yahoo!
2008-10-01 15:54 . 2008-10-27 17:44 <KANSIO> d-------- C:\ProgramData\Yahoo!
2008-09-29 18:34 . 2008-09-29 18:34 410,976 --a------ C:\Windows\System32\deploytk.dll

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-27 21:32 --------- d-----w C:\Users\Piia\AppData\Roaming\uTorrent
2008-10-27 20:24 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-27 20:24 --------- d-----w C:\Program Files\Acer Inc
2008-10-27 20:18 --------- d-----w C:\Program Files\Acer Arcade Deluxe
2008-10-27 20:10 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-10-27 15:44 --------- d-----w C:\Program Files\Yahoo!
2008-10-27 15:41 --------- d-----w C:\Program Files\BS.Player ControlBar
2008-10-25 13:01 717,296 ----a-w C:\Windows\system32\drivers\sptd.sys
2008-10-22 06:47 --------- d-----w C:\Program Files\Google
2008-10-17 07:54 --------- d-----w C:\Program Files\Windows Mail
2008-10-17 07:50 --------- d-----w C:\ProgramData\Microsoft Help
2008-09-28 11:11 --------- d-----w C:\Program Files\Windows Live Toolbar
2008-09-28 11:09 --------- d-----w C:\Program Files\Windows Live
2008-09-28 11:08 --------- d-----w C:\Program Files\Weather Watcher
2008-09-28 11:01 --------- d-----w C:\Program Files\HP
2008-09-28 10:54 --------- d-----w C:\ProgramData\HP
2008-09-28 10:52 --------- d-----w C:\Program Files\Common Files\HP
2008-09-26 19:57 --------- d-----w C:\Program Files\Messenger Plus! Live
2008-09-11 13:07 --------- d-----w C:\Program Files\Microsoft Works
2008-09-08 03:14 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-09-06 10:05 --------- d-----w C:\ProgramData\hps
2008-09-06 04:43 174 --sha-w C:\Program Files\desktop.ini
2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Sidebar
2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Journal

2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Defender
2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Collaboration
2008-09-06 04:31 --------- d-----w C:\Program Files\Windows Calendar
2008-09-06 03:53 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-09-06 03:52 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-08-20 16:27 119,848 ----a-w C:\Windows\System32\SilSupp.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 01:13 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
.

((((((((((((((((((((((((((((( snapshot@2008-10-27_18.53.09.01 )))))))))))))))))))))))))))))))))))))))))
.
- 2008-10-27 16:29:44 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
+ 2008-10-28 04:19:38 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive0.dat
- 2008-10-27 16:29:44 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
+ 2008-10-28 04:19:38 2,048 --sha-w C:\Windows\ServiceProfiles\LocalService\AppData\Local\lastalive1.dat
- 2008-10-27 16:33:48 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-10-28 04:20:34 262,144 --sha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat
+ 2008-10-28 04:20:34 262,144 ---ha-w C:\Windows\ServiceProfiles\LocalService\ntuser.dat.LOG1
- 2008-10-27 16:33:40 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-10-28 04:20:29 262,144 --sha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat
+ 2008-10-28 04:20:29 262,144 ---ha-w C:\Windows\ServiceProfiles\NetworkService\ntuser.dat.LOG1
- 2008-10-27 16:00:06 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
+ 2008-10-27 20:32:09 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\History\History.IE5\index.dat
- 2008-10-27 16:00:06 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
+ 2008-10-27 20:32:09 49,152 --sha-w C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat
- 2008-10-27 16:00:06 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
+ 2008-10-27 20:32:09 16,384 --sha-w C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\index.dat
- 2008-10-27 16:24:32 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-10-28 04:18:02 262,144 ----a-w C:\Windows\System32\config\systemprofile\ntuser.dat
+ 2008-10-28 04:18:02 262,144 ---ha-w C:\Windows\System32\config\systemprofile\ntuser.dat.LOG1
- 2008-10-27 16:39:13 101,250 ----a-w C:\Windows\System32\perfc009.dat
+ 2008-10-27 20:35:59 101,250 ----a-w C:\Windows\System32\perfc009.dat
- 2008-10-27 16:39:13 80,720 ----a-w C:\Windows\System32\perfc00B.dat
+ 2008-10-27 20:35:59 80,720 ----a-w C:\Windows\System32\perfc00B.dat
- 2008-10-27 16:39:13 587,178 ----a-w C:\Windows\System32\perfh009.dat
+ 2008-10-27 20:35:59 587,178 ----a-w C:\Windows\System32\perfh009.dat
- 2008-10-27 16:39:13 435,626 ----a-w C:\Windows\System32\perfh00B.dat
+ 2008-10-27 20:36:00 435,626 ----a-w C:\Windows\System32\perfh00B.dat
- 2008-10-26 16:19:38 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
+ 2008-10-27 20:28:53 6,291,456 ----a-w C:\Windows\System32\SMI\Store\Machine\schema.dat
- 2008-10-27 16:33:57 11,950 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1803536599-380627707-3337594469-1000_UserData.bin
+ 2008-10-28 04:17:25 12,050 ----a-w C:\Windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1803536599-380627707-3337594469-1000_UserData.bin
- 2008-10-27 16:33:51 96,972 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
+ 2008-10-28 04:21:32 97,544 ----a-w C:\Windows\System32\WDI\BootPerformanceDiagnostics_SystemData.bin
- 2008-10-27 16:33:26 56,500 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
+ 2008-10-28 04:21:29 56,588 ----a-w C:\Windows\System32\WDI\ShutdownPerformanceDiagnostics_SystemData.bin
.
-- Snapshot nollattu tähän hetkeen --
.
(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"DAEMON Tools Lite"="D:\Daemon\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952]
"WindowsWelcomeCenter"="oobefldr.dll" [2008-01-19 C:\Windows\System32\oobefldr.dll]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-10-23 815104]
"eDSMSNfix"="C:\Acer\Empowering Technology\eDSMSNfix.exe" [2007-02-09 13312]
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe" [2006-12-08 614400]
"WarReg_PopUp"="C:\Acer\WR_PopUp\WarReg_PopUp.exe" [2006-11-05 57344]
"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 176128]
"avast!"="D:\Avast\ashDisp.exe" [2008-07-19 78008]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2008-06-12 34672]
"RtHDVCpl"="RtHDVCpl.exe" [2006-12-01 C:\Windows\RtHDVCpl.exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Empowering Technology Launcher.lnk - C:\Acer\Empowering Technology\eAPLauncher.exe [2007-04-15 528384]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{AD4ED091-0C3D-4910-BC4C-397475926AAE}"= UDP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{97D8739C-5A4E-423B-B3EE-3A8869917466}"= TCP:C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\MCE Deluxe Suite.exe:CyberLink MCE Deluxe Suite
"{C1C87DF9-50E6-49E5-B669-50991F1FE245}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{D8F3BD2B-C4FC-4392-B1B5-74E21ECC5A6F}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{BE6B3E33-4761-4F75-9095-CC6BB0A214B1}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{5D15700C-A12B-4347-9BEC-886D55BF95B0}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{6F0DEC47-1B44-4847-A680-FFB5452CD0FB}"= UDP:C:\Users\Piia\Program Files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{80E0D08D-DCA2-4719-A995-FA27D9E7A083}"= TCP:C:\Users\Piia\Program Files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
"{A2D79E19-412D-4C8C-AE65-901D4BADA344}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{351F4008-7CD4-471C-8896-AD2F5C0C3B9D}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List]
"C:\\Acer\\Empowering Technology\\eDataSecurity\\eDSfsu.exe"= C:\Acer\Empowering Technology\eDataSecurity\eDSfsu.exe:*:Enabled:eDSfsu
"C:\\Acer\\Empowering Technology\\eDataSecurity\\encryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\encryption.exe:*:Enabled:encryption
"C:\\Acer\\Empowering Technology\\eDataSecurity\\decryption.exe"= C:\Acer\Empowering Technology\eDataSecurity\decryption.exe:*:Enabled:decryption

R1 aswSP;avast! Self Protection;C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R2 aswFsBlk;aswFsBlk;C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt;C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2007-03-07 2411520]
S3 getPlus(R) Helper;getPlus(R) Helper;C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
S3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);C:\Windows\system32\DRIVERS\RMSPPPOE.SYS [2002-10-03 31504]
S3 SMSCIRDA;SMSC Infrared Device Driver;C:\Windows\system32\DRIVERS\SMSCirda.sys [2006-10-18 31232]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-01-30 87288]
S3 u3kmini;ASUS My Cinema-U3000 Mini;C:\Windows\system32\Drivers\u3kmini.sys [2006-08-08 351488]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{271a7623-dbb8-11dc-87e8-e7ce69de6bae}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{271a7624-dbb8-11dc-87e8-e7ce69de6bae}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{271a762f-dbb8-11dc-87e8-8f4ebc94aff8}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4bec6720-a295-11dd-9d8f-f2e307f9e132}]
\shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aba9bd73-db00-11dc-8e93-e05939db92ae}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aba9bd8b-db00-11dc-8e93-e05939db92ae}]
\shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b26ea74e-dd33-11dc-b0ab-ac6e6c1f68d4}]
\shell\AutoRun\command - F:\AutoRun.exe
.
'Ajoitetut tehtävät'-kansion sisältö

2008-10-24 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - Piia.job
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe []
.
- - - - POISTETUT JÄMÄRIVIT - - - -

HKLM-Run-Acer Tour Reminder - C:\Acer\AcerTour\Reminder.exe

.
------- Täydentävä tarkistus -------
.
FireFox -: Profile - C:\Users\Piia\AppData\Roaming\Mozilla\Firefox\Profiles\2sy2nrq3.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.hanna-pakarinen.com/keskustelu
FF -: plugin - C:\Program Files\Java\jre6\bin\new_plugin\npdeploytk.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-28 06:26:30
Windows 6.0.6001 Service Pack 1 NTFS

tarkistaa piilotettuja prosesseja ...

tarkistaa piilotettuja käynnistysarvoja ...

tarkistaa piilotettuja tiedostoja ...

tarkistus on valmis
piilotetut tiedostot: 0

**************************************************************************
.
Valmistumisajankohta: 2008-10-28 6:28:59
ComboFix-quarantined-files.txt 2008-10-28 04:28:54
ComboFix2.txt 2008-10-27 16:55:36

Ennen ajoa: 25,109,319,680 tavua vapaana
Ajon jälkeen: 24,987,131,904 tavua vapaana

251 --- E O F --- 2008-10-26 16:18:44

Malwarebytes' Anti-Malware:n loki:

Malwarebytes' Anti-Malware 1.30
Tietokantaversio: 1331
Windows 6.0.6001 Service Pack 1

28.10.2008 19:31:51
mbam-log-2008-10-28 (19-31-51).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 120555
Kulunut aika: 1 hour(s), 38 minute(s), 14 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

Ccleanerilla tehty kaikki voitava.

Ja poistin itsekin tuon Nortonin kokonaan, kun ei ollut enää käytössäkään.

Myös ATF Cleanerilla tehty tarvittava.

Kaspersky Online Scannerin loki:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, October 29, 2008
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 1 (build 6001)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Wednesday, October 29, 2008 04:28:52
Records in database: 1355156
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\

Scan statistics:
Files scanned: 99684
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 01:53:44

File name / Threat name / Threats count
C:\Program Files\AdVantage\TR.dll Infected: not-a-virus:AdTool.Win32.WhenU.r 1

The selected area was scanned.

Pitääkö tuolle "virheelle" jotakin tehdä? Tai voiko?

Ja tässä vielä HiJackThis:n loki:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:59:19, on 29.10.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Acer\Empowering Technology\eDSMSNfix.exe
C:\Program Files\Launch Manager\LManager.exe
C:\Windows\System32\wpcumi.exe
D:\Avast\ashDisp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
D:\Daemon\DAEMON Tools Lite\daemon.exe
C:\Acer\Empowering Technology\eRecovery\ERAGENT.EXE
D:\AVG\avgtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\HJT\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bsplayer-search.com/startpage
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\AVG\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\AVG\avgtoolbar.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\AVG\avgtoolbar.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [eDSMSNfix] C:\Acer\Empowering Technology\eDSMSNfix.exe
O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe
O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [avast!] D:\Avast\ashDisp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] D:\AVG\avgtray.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "D:\Daemon\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O8 - Extra context menu item: V&ie Microsoft Exceliin - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_04\bin\ssv.dll
O9 - Extra button: Lähetä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Läh&etä OneNoteen - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/products/acrobat/nos/gp.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\AVG\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Avast\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Avast\ashWebSv.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\AVG\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\AVG\avgwdsvc.exe
O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6862 bytes

Sekä poistolista:

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
Adobe AIR
Adobe AIR
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 9
Adobe Shockwave Player
ATI Uninstaller
avast! Antivirus
AVG Free 8.0
BitrateView
BS.Player FREE
BSPlayer
ccc-Branding
CCleaner (remove only)
foobar2000 v0.9.4.5
getPlus(R) for Adobe
HDAUDIO Soft Data Fax Modem with SmartCP
HijackThis 2.0.2
Java(TM) 6 Update 4
Launch Manager
Malwarebytes' Anti-Malware
Messenger Plus! Live
Microsoft Office Excel MUI (Finnish) 2007
Microsoft Office Home and Student 2007
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (Finnish) 2007
Microsoft Office PowerPoint MUI (Finnish) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (Finnish) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Swedish) 2007
Microsoft Office Proofing (Finnish) 2007
Microsoft Office Shared MUI (Finnish) 2007
Microsoft Office Word MUI (Finnish) 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Mobile Partner
Mozilla Firefox (3.0.3)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
Norton Security Scan
NTI Backup NOW! 4.7
NTI CD & DVD-Maker
OpenOffice.org Installer 1.0
Paint Shop Pro 7 Evaluation
PokerStars.net
PowerProducer
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB955936)
Security Update for Microsoft Office Excel 2007 (KB955470)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Visio 2007 (KB947590)
Synaptics Pointing Device Driver
Update for Office 2007 (KB946691)
VideoLAN VLC media player 0.8.6e
Windows Live Messenger
Windows Liven kirjautumisavustaja
Windows Media Player Firefox Plugin
WinRAR archiver

Ajoin vielä AVG:lla:

"Scan ""Scan whole computer"" was finished."
"Infections found:";"0"
"Infected objects removed or healed:";"0"
"Not removed or healed:";"0"
"Spyware found:";"0"
"Spyware removed:";"0"
"Not removed:";"0"
"Warnings count:";"51"
"Information count:";"0"
"Scan started:";"29. lokakuuta 2008, 18:47:15"
"Scan finished:";"29. lokakuuta 2008, 19:53:00 (1 hour(s) 5 minute(s) 44 second(s))"
"Total object scanned:";"972531"
"User who launched the scan:";"Piia"

"Warnings"
"File";"Infection";"Result"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@doubleclick[1].txt";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@doubleclick[1].txt:\doubleclick.net.1d39bd48";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@m.webtrends[2].txt";"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@m.webtrends[2].txt:\m.webtrends.com.b4ca7df0";"Found Tracking cookie.Webtrends";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@msnportal.112.2o7[1].txt";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\Low\muut@msnportal.112.2o7[1].txt:\msnportal.112.2o7.net.7225be6f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\muut@2o7[1].txt";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\muut@2o7[1].txt:\2o7.net.92b4d8ae";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\muut@atdmt[2].txt";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Muut\AppData\Roaming\Microsoft\Windows\Cookies\muut@atdmt[2].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\Low\piia@tradedoubler[2].txt";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\Low\piia@tradedoubler[2].txt:\tradedoubler.com.ba12c0e9";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\Low\piia@tradedoubler[2].txt:\tradedoubler.com.eab0972e";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@atdmt[2].txt";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@atdmt[2].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@atdmt[3].txt";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@atdmt[3].txt:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@doubleclick[1].txt";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@doubleclick[1].txt:\doubleclick.net.1d39bd48";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@msnportal.112.2o7[1].txt";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@msnportal.112.2o7[1].txt:\msnportal.112.2o7.net.7225be6f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@tradedoubler[1].txt";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@tradedoubler[1].txt:\tradedoubler.com.dc3c9994";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Microsoft\Windows\Cookies\piia@tradedoubler[1].txt:\tradedoubler.com.eab0972e";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\2o7.net.92b4d8ae";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\ad.yieldmanager.com.557bf2b0";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\ad.yieldmanager.com.b68f2b7b";"Found Tracking cookie.Yieldmanager";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\adtech.de.a9245469";"Found Tracking cookie.Adtech";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\advertising.com.1820df7a";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\advertising.com.203aa218";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\advertising.com.b624fa46";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\advertising.com.f62113d5";"Found Tracking cookie.Advertising";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\atdmt.com.b3e33b5f";"Found Tracking cookie.Atdmt";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\bs.serving-sys.com.5bf1f00f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\doubleclick.net.bf396750";"Found Tracking cookie.Doubleclick";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\hitbox.com.2b95f8a3";"Found Tracking cookie.Hitbox";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\msnportal.112.2o7.net.7225be6f";"Found Tracking cookie.2o7";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\revsci.net.2df99d79";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\revsci.net.b9b08de6";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\revsci.net.e9dbeb91";"Found Tracking cookie.Revsci";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\serving-sys.com.255d6f2f";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\serving-sys.com.4b416ef8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\serving-sys.com.606c3d3b";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\serving-sys.com.6a1cf9e8";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\serving-sys.com.c9034af6";"Found Tracking cookie.Serving-sys";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\tradedoubler.com.adc507fa";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\tradedoubler.com.ba12c0e9";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\tradedoubler.com.dc3c9994";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\tradedoubler.com.eab0972e";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"
"C:\Users\Piia\AppData\Roaming\Opera\Opera\profile\cookies4.dat:\tradedoubler.com.f4648305";"Found Tracking cookie.Tradedoubler";"Moved to Virus Vault"

Eli jos joku osaa vielä jollain tavoin auttaa, niin olisin syvästi kiitollinen!

Log in or Sign up

Kone hidastelee ajoittain

jalbert Member

Jukssu Regular member

Share This Page

Log in or Sign up

Kone hidastelee ajoittain

jalbert Member

Jukssu Regular member

Share This Page

Useful Searches