Yhtäkkinen hidastelu, Avast ei käynnisty

spiru4 · Oct 6, 2015

Kyseessä HP compaq jotakin, tuollainen kompakti pöytäkone. Hienosti toiminut tähän asti. Hidastelu alkoi päivällä kun herätin koneen lepotilasta ja päivitin flashin (taisi kyllä olla hidas jo ennen päivitystä). Käynnistin sitten uudelleen, kesti tuhottoman kauan, ensimmäinen yritys taisi jumiutua windowsin logoon. Sain kuitenkin lopulta päälle, mutta hidastelu vaan pahentui. Aikansa ruksuteltuaan Avast ilmoitti ettei suostu suojaamaan konetta, ja kun koitin aloittaa tarkastusta niin sanoi näin: "Tarkistusta ei voi käynnistää. Päätepistekartoituksessa ei ole tarpeeksi päätepisteitä." Koitin moista virheilmoitusta googlailla, ja jotain viitettä mahdolliseen troijalaiseen löytyi.

Tässä siis logi:

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 22:38:00, on 6.10.2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18015)

FIREFOX: 41.0.1 (x86 fi)
Boot mode: Normal

Running processes:
C:\Program Files\LaCie\Network Assistant\LaCie Network Assistant.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Users\koti\Desktop\Tonin\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'Verkkopalvelu')
O4 - Startup: mIRC.lnk = C:\Program Files (x86)\mIRC\mirc.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: @%SystemRoot%\system32\aelupsvc.dll,-1 (AeLookupSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: @%systemroot%\system32\appidsvc.dll,-100 (AppIDSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\appinfo.dll,-100 (Appinfo) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @appmgmts.dll,-3250 (AppMgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-204 (AudioEndpointBuilder) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\audiosrv.dll,-200 (AudioSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\AxInstSV.dll,-103 (AxInstSV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bdesvc.dll,-100 (BDESVC) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\bfe.dll,-1001 (BFE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\qmgr.dll,-1000 (BITS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: @%systemroot%\system32\browser.dll,-100 (Browser) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\bthserv.dll,-101 (bthserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-11 (CertPropSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\cryptsvc.dll,-1001 (CryptSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\cscsvc.dll,-200 (CscService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @oleres.dll,-5012 (DcomLaunch) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\defragsvc.dll,-101 (defragsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dhcpcore.dll,-100 (Dhcp) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\UtcResources.dll,-3001 (DiagTrack) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\dnsapi.dll,-101 (Dnscache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dot3svc.dll,-1102 (dot3svc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\dps.dll,-500 (DPS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\eapsvc.dll,-1 (EapHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\ehome\ehrecvr.exe,-101 (ehRecvr) - Unknown owner - C:\Windows\ehome\ehRecvr.exe
O23 - Service: @%SystemRoot%\ehome\ehsched.exe,-101 (ehSched) - Unknown owner - C:\Windows\ehome\ehsched.exe
O23 - Service: @%SystemRoot%\system32\wevtsvc.dll,-200 (eventlog) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @comres.dll,-2450 (EventSystem) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\fdPHost.dll,-100 (fdPHost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\fdrespub.dll,-100 (FDResPub) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\FntCache.dll,-100 (FontCache) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: gearsec - GEAR Software - C:\Windows\SysWOW64\gearsec.exe
O23 - Service: @gpapi.dll,-112 (gpsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Google Päivitä-palvelu (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Päivitä-palvelu (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\System32\hidserv.dll,-101 (hidserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\kmsvc.dll,-6 (hkmsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\ListSvc.dll,-100 (HomeGroupListener) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\provsvc.dll,-100 (HomeGroupProvider) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ikeext.dll,-501 (IKEEXT) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\IPBusEnum.dll,-102 (IPBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\iphlpsvc.dll,-500 (iphlpsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2946 (KtmRm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LaCieDesktopManagerDaemon - Unknown owner - C:\Program Files (x86)\LaCie\LaCie Desktop Manager\LaCieDesktopManagerDaemon.exe
O23 - Service: @%systemroot%\system32\srvsvc.dll,-100 (LanmanServer) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wkssvc.dll,-100 (LanmanWorkstation) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: @%SystemRoot%\system32\lltdres.dll,-1 (lltdsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\lmhsvc.dll,-101 (lmhosts) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-100 (MMCSS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @%SystemRoot%\system32\FirewallAPI.dll,-23090 (MpsSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\iscsidsc.dll,-5000 (MSiSCSI) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\msimsg.dll,-27 (msiserver) - Unknown owner - C:\Windows\system32\msiexec.exe
O23 - Service: @%SystemRoot%\system32\qagentrt.dll,-6 (napagent) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\netman.dll,-109 (Netman) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\netprofm.dll,-202 (netprofm) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\nlasvc.dll,-1 (NlaSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\nsisvc.dll,-200 (nsi) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8004 (p2pimsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\p2psvc.dll,-8006 (p2psvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pcasvc.dll,-1 (PcaSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\peerdistsvc.dll,-9000 (PeerDistSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\sysWow64\perfhost.exe,-2 (PerfHost) - Unknown owner - C:\Windows\SysWow64\perfhost.exe
O23 - Service: @%systemroot%\system32\pla.dll,-500 (pla) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpnpmgr.dll,-100 (PlugPlay) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpauto.dll,-8002 (PNRPAutoReg) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\pnrpsvc.dll,-8000 (PNRPsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\polstore.dll,-5010 (PolicyAgent) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\umpo.dll,-100 (Power) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\profsvc.dll,-300 (ProfSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasauto.dll,-200 (RasAuto) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%Systemroot%\system32\rasmans.dll,-200 (RasMan) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @regsvc.dll,-1 (RemoteRegistry) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%windir%\system32\RpcEpMap.dll,-1001 (RpcEptMapper) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @oleres.dll,-5010 (RpcSs) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SCardSvr.dll,-1 (SCardSvr) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\schedsvc.dll,-100 (Schedule) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\certprop.dll,-13 (SCPolicySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sdrsvc.dll,-107 (SDRSVC) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Sens.dll,-200 (SENS) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\sensrsvc.dll,-1000 (SensrSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\SessEnv.dll,-1026 (SessionEnv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\shsvcs.dll,-12288 (ShellHWDetection) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppuinotify.dll,-103 (sppuinotify) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\ssdpsrv.dll,-100 (SSDPSRV) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sstpsvc.dll,-200 (SstpSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wiaservc.dll,-9 (stisvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\StorSvc.dll,-100 (StorSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\swprv.dll,-103 (swprv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\sysmain.dll,-1000 (SysMain) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\TabSvc.dll,-100 (TabletInputService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tapisrv.dll,-10100 (TapiSrv) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\tbssvc.dll,-100 (TBS) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\termsrv.dll,-268 (TermService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\themeservice.dll,-8192 (Themes) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\mmcss.dll,-102 (THREADORDER) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\trkwks.dll,-1 (TrkWks) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\umrdp.dll,-1000 (UmRdpService) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\upnphost.dll,-213 (upnphost) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\dwm.exe,-2000 (UxSms) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\w32time.dll,-200 (W32Time) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%systemroot%\system32\wbiosrvc.dll,-100 (WbioSrvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wcncsvc.dll,-3 (wcncsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\WcsPlugInService.dll,-200 (WcsPlugInService) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-502 (WdiServiceHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\wdi.dll,-500 (WdiSystemHost) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\webclnt.dll,-100 (WebClient) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wecsvc.dll,-200 (Wecsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wercplsupport.dll,-101 (wercplsupport) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wersvc.dll,-100 (WerSvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%ProgramFiles%\Windows Defender\MsMpRes.dll,-103 (WinDefend) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\system32\winhttp.dll,-100 (WinHttpAutoProxySvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmisvc.dll,-205 (Winmgmt) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wsmsvc.dll,-101 (WinRM) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wlansvc.dll,-257 (Wlansvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%SystemRoot%\system32\wpcsvc.dll,-100 (WPCSvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wpdbusenum.dll,-100 (WPDBusEnum) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wscsvc.dll,-200 (wscsvc) - Unknown owner - C:\Windows\System32\svchost.exe
O23 - Service: @%systemroot%\system32\SearchIndexer.exe,-103 (WSearch) - Unknown owner - C:\Windows\system32\SearchIndexer.exe
O23 - Service: @%systemroot%\system32\wuaueng.dll,-105 (wuauserv) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\system32\wudfsvc.dll,-1000 (wudfsvc) - Unknown owner - C:\Windows\system32\svchost.exe
O23 - Service: @%SystemRoot%\System32\wwansvc.dll,-257 (WwanSvc) - Unknown owner - C:\Windows\system32\svchost.exe

--
End of file - 21984 bytes

*Trinity* · Oct 6, 2015

Terve ksatsotaan mitä löytyy.

Lataa Jukware Removal tool alla olevasta linkistä työpöydälle.
http://www.bleepingcomputer.com/download/junkware-removal-tool/

Sulje muut ohjelmat ja aukaise JRT
Paina mitä tahansa näppäintä ja tarkistus alkaa, kun taristus on valmis, loki aukeaa liitä se tänne.

Lataa AdwCleaner alla olevasta linkistä työpöydälle.
https://toolslib.net/downloads/viewdownload/1-adwcleaner/

Sulje mut ohjelmat aukaise AdwCleaner
Klikkaa Scan, odota kunes tarkistus on ohi, sen jälkeen klikkaa Cleaning
Kun poisto on ohi Adwcleaner pyytää koneen uudelleen käynnistystä tee se, kun kone on käynnistynyt uudelleen, lokin pitäisi aueta, jos ei niin löydät lokin, C:\AdwCleaner\AdwCleaner

Lataa Eset online scan työpöydälle.
http://www.eset.com/us/online-scanner-popup/
Auksie eset, hyväksy käyttöehdot ja windowsin huomautukset.
Pistä valinta ruutuun Enable detection of potentially unwanted aplications klikkaa start, eset lataa tietokannan ja aloittaa tarkistuksen. Jos mitään ei löydy niin lokia ei tarvitse pistää mutta jos löytyy niin se sijaitsee
C:\Program Files (x86)\ESET\ESET Online Scanner\log

Katsotaan vielä myös tempit (väliaikaistiedostot) pois.

Lataa TFC temp file cleaner työpöydälle.
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/
Sulje kaikki muut ohjelmat
Aukaise TFC
Klikaa Start
Poistossa saattaa mennä useampikin minuutti. Poisto on valmis kun Total Files Cleaned teksti ilmestyy..
Lopuksi klikkaa Exit
Käynnistä kone uudelleen jos TFC niin pyytää.

spiru4 · Oct 7, 2015

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by koti on ke 07.10.2015 at 18:22:43,88
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

~~~ Registry Keys

~~~ Files

~~~ Folders

Failed to delete: [Folder] C:\Users\koti\AppData\Roaming\acestream
Successfully deleted: [Folder] C:\Users\koti\Appdata\LocalLow\.acestream
Successfully deleted: [Folder] C:\Users\koti\AppData\Roaming\.acestream
Successfully deleted: [Folder] C:\Users\koti\AppData\Roaming\pdfforge

~~~ FireFox

Emptied folder: C:\Users\koti\AppData\Roaming\mozilla\firefox\profiles\vkx69e09.default\minidumps [48 files]

~~~ Chrome

[C:\Users\koti\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\koti\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\koti\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\koti\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ke 07.10.2015 at 18:26:39,12
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ADW:

# AdwCleaner v5.011 - Logfile created 07/10/2015 at 18:30:21
# Updated 07/10/2015 by Xplode
# Database : 2015-10-07.1 [Server]
# Operating system : Windows 7 Professional Service Pack 1 (x64)
# Username : koti - KOTI-PC
# Running from : C:\Users\koti\Desktop\adwcleaner_5.011.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder Deleted : C:\_acestream_cache_
[-] Folder Deleted : C:\Users\koti\AppData\Roaming\acestream

***** [ Files ] *****

***** [ DLLs ] *****

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKCU\SOFTWARE\Clients\Media\AceStream
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
[-] Key Deleted : HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acelive
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acemedia
[-] Key Deleted : HKCU\SOFTWARE\Classes\.acestream
[-] Key Deleted : HKCU\SOFTWARE\Classes\.tslive
[-] Key Deleted : HKCU\SOFTWARE\Classes\acestream
[-] Key Deleted : HKCU\SOFTWARE\Classes\AceStream.file
[-] Key Deleted : HKCU\SOFTWARE\Classes\Applications\ace_player.exe
[-] Key Deleted : HKCU\SOFTWARE\Classes\MIME\Database\Content Type\application/x-acestream-plugin
[-] Key Deleted : HKCU\Software\Classes\CLSID\{79690976-ED6E-403C-BBBA-F8928B5EDE17}
[-] Key Deleted : HKCU\Software\Conduit
[-] Key Deleted : HKCU\Software\AceStream
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
[!] Key Not Deleted : [x64] HKCU\Software\Conduit
[!] Key Not Deleted : [x64] HKCU\Software\AceStream

***** [ Web browsers ] *****

*************************

:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [2056 bytes] ##########

Eset:

ESETSmartInstaller@High as downloader log:
Can not open internetESETSmartInstaller@High as downloader log:
Can not open internet# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=139ce063ecd0114081ce50d04a7acd62
# end=init
# utc_time=2015-10-07 03:36:04
# local_time=2015-10-07 06:36:04 (+0200, Suomen kesäaika)
# country="Finland"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 26126
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=139ce063ecd0114081ce50d04a7acd62
# end=updated
# utc_time=2015-10-07 03:42:19
# local_time=2015-10-07 06:42:19 (+0200, Suomen kesäaika)
# country="Finland"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=139ce063ecd0114081ce50d04a7acd62
# engine=26126
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-10-07 04:47:38
# local_time=2015-10-07 07:47:38 (+0200, Suomen kesäaika)
# country="Finland"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='avast! Internet Security'
# compatibility_mode=779 16777213 85 66 8211890 208656948 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 65756174 195866308 0 0
# scanned=235182
# found=11
# cleaned=11
# scan_time=3918
sh=2B394105F0FB99CB51118E9F8544316E834D1702 ft=1 fh=ae333cd456a81611 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Switch\switch.exe"
sh=64CB687E725FBB8BC19122FED1215826704B45DD ft=1 fh=b92c4ab315e1a85c vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Switch\switchsetup_v4.27.exe"
sh=9B98E1EF6420EFF80757FD1020DE4238BA53D0C4 ft=1 fh=540d781e56a81611 vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Program Files (x86)\NCH Software\Switch\uninst.exe"
sh=3C37EFD8D00FE239C7BB9C72EBEA6CB644EE8243 ft=1 fh=99b01408626a2ac2 vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\koti\AppData\Roaming\uTorrent\uTorrent.exe"
sh=3C37EFD8D00FE239C7BB9C72EBEA6CB644EE8243 ft=1 fh=99b01408626a2ac2 vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\koti\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe"
sh=B963E1746B76EC254DCD143E68AFC39D602F4D5A ft=1 fh=e714aaae851e518f vn="Win32/Somoto.E potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\koti\Downloads\InstallSciLorsGrooveshark.comDownloaderV0.4.9.8SoMo.exe"
sh=F218CB4810038F0B9E1DAA6A8E73FA258D620A8C ft=1 fh=719afe2b4494447f vn="Win32/InstallMonetizer.AQ potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\koti\Downloads\PDFCreator-2_1_1-setup.exe"
sh=3C37EFD8D00FE239C7BB9C72EBEA6CB644EE8243 ft=1 fh=99b01408626a2ac2 vn="a variant of Win32/AdkDLLWrapper.A potentially unwanted application (cleaned by deleting - quarantined)" ac=C fn="C:\Users\koti\Downloads\utorrent_v3.3.1b30017.exe"
sh=64CB687E725FBB8BC19122FED1215826704B45DD ft=1 fh=b92c4ab315e1a85c vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="C:\Users\koti\Downloads\NCH.Switch.Sound.File.Converter.Plus.v4.27-LAXiTY\switchsetup.exe"
sh=620ED194ADF9A17AFC19CCA0C563089AFD45D71B ft=1 fh=8e32ca7ddb6e4c55 vn="a variant of Win32/Toolbar.Conduit.J potentially unwanted application (deleted - quarantined)" ac=C fn="E:\LÃ„PPÃ„RI\Tiedostoja\Lataukset\switchsetup.exe"
sh=64CB687E725FBB8BC19122FED1215826704B45DD ft=1 fh=b92c4ab315e1a85c vn="a variant of Win32/Toolbar.Conduit.H potentially unwanted application (deleted - quarantined)" ac=C fn="E:\LÃ„PPÃ„RI\Tiedostoja\Lataukset\switchsetup(1).exe"

spiru4 · Oct 7, 2015

Näköjään tuo Eset poisteli ihan hyödyllistäkin softaa surutta.

*Trinity* · Oct 7, 2015

Alla ohje kuinka palauttaa esetin karanteenista tiedostoja.
http://support.eset.com/kb2915/

Mikä noista tiedostoista oli mitä ei olisi saanut poistaa?
Eset on kuitnkin ihan yleisesti käytetty ohjelma esim Bleepingcomputern foorumilla se on yksi parhaista virustenpoistoon littyvistä sivustoista.
Ei siis sillä etteikö eset voisi poistaa vääriä positiviisia, mutta tulevaisuutta varten haluaisin tietää.

Oletko kokeillut toimiko avast nyt?

spiru4 · Oct 7, 2015

No exet noista Switch sound file converterista ja utorrentista ainakin. Avast oli joo alkanut toimia jossain vaiheessa itsekseen jo ennen näiden ohjelmien ajeluita, ja nyt kone tuntuu muutenkin suht entiseltään. Vähän tulee mieleen, että olisiko tässä kyseessä kuitenkin rautavika. Memtestin jo tein, ja kaikki oli ok.

*Trinity* · Oct 7, 2015

Ok, voi olla että eset poisti sen takia koska ne asennspaketit siältää noita PUP:ja conduit:ia ainakin näkyi olevan.
Mietin kassa että olisiko laitevika, katso vielä kiintolevyn kuntoa.
Vaikka crystaldiskinfolla.
http://crystalmark.info/download/index-e.html
Huom: asennettava versio siältää adwarea eli tarkkana asnuksesa ettet asenna muuta kuin itse ohjelman, portable versio ei sisällä mitään ylimääräistä, jos levyn kunto on jotain muuta kuin hyvä niin ota kuvankaappaus ja pistä tänne.
Jos kunto on hyvä, niin sitten jos haluat voidaan mettiä lisää.

spiru4 · Oct 7, 2015

HD-tune löytyi koneelta, quick scanilla ajelin kaikki kovot eikä mitään löytynyt. Täytynee palata asiaan jos hidastelu taas alkaa. Tässä vaiheessa kiitoksia kovasti Trinitylle!

*Trinity* · Oct 7, 2015

Jos se HD-tune on ilmainen versio niin lataa se 15 päivän kokeiluluversio että näät myös smart tiedot tai sitten katsot tuolla crystaldiskinfolla. Mutta joo palaa asiaan jos ilmenee myöhemmin jotain.

spiru4 · Oct 8, 2015

Njoo katsoin nyt crystaldiskinfolla. C-kovo oli kaikin puolin kunnossa, mutta tuon toisen kohdalla varoiteltiin uudelleensijoitelluista sektoreista [4]. Kyseessä siis erillinen kovo.

Aikaisemmat ongelmat tuskin johtuvat tuosta(?), mutta onkohan kovo sitten hajoamassa?

*Trinity* · Oct 8, 2015

Joo kyllä se hajoamassa on, alla linkki missä on selitykset mitä noi varoitukset tarkoittaa.
https://en.wikipedia.org/wiki/S.M.A.R.T.#ATA_S.M.A.R.T._attributes

Jos se levy oli kiinni sun konessa silloin niin voi olla että se aiheutti ongelmia, senhän voit helposti kuitenkin testata.

Log in or Sign up

Yhtäkkinen hidastelu, Avast ei käynnisty

spiru4 Member

Trinity Senior member

spiru4 Member

spiru4 Member

Trinity Senior member

spiru4 Member

Trinity Senior member

spiru4 Member

Trinity Senior member

spiru4 Member

Trinity Senior member

Share This Page

Log in or Sign up

Yhtäkkinen hidastelu, Avast ei käynnisty

spiru4 Member

*Trinity* Senior member

spiru4 Member

spiru4 Member

*Trinity* Senior member

spiru4 Member

*Trinity* Senior member

spiru4 Member

*Trinity* Senior member

spiru4 Member

*Trinity* Senior member

Share This Page

Useful Searches

Trinity Senior member

Trinity Senior member

Trinity Senior member

Trinity Senior member

Trinity Senior member