yks loki

vaan tässä

2008-05-07 22:20:54

Onko pahsti sekaisin?

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:19:44, on 7.5.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Acer\Empowering Technology\SysMonitor.exe
C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
C:\Windows\system32\WerCon.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Users\Björn\winlogon.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\limewire\limewire.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://uk.rd.yahoo.com/customize/ycomp/defaults/sp/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://fi.intl.acer.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://fi.intl.acer.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://uk.rd.yahoo.com/customize/ycomp/defaults/su/*http://uk.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKLM\..\Run: [dmuqv.exe] C:\Windows\system32\dmuqv.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
O4 - HKCU\..\Run: [dmlwp.tmp] C:\Windows\system32\dmlwp.tmp
O4 - HKCU\..\Run: [dmzuz.tmp] C:\Windows\system32\dmzuz.tmp
O4 - HKCU\..\Run: [dmxnl.tmp] C:\Windows\system32\dmxnl.tmp
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [dmfue.tmp] C:\Windows\system32\dmfue.tmp
O4 - HKCU\..\Run: [dmqmu.tmp] C:\Windows\system32\dmqmu.tmp
O4 - HKCU\..\Run: [dmdbr.tmp] C:\Windows\system32\dmdbr.tmp
O4 - HKCU\..\Run: [dmwzm.tmp] C:\Windows\system32\dmwzm.tmp
O4 - HKCU\..\Run: [dmzkk.tmp] C:\Windows\system32\dmzkk.tmp
O4 - HKCU\..\Run: [dmbdt.tmp] C:\Windows\system32\dmbdt.tmp
O4 - HKCU\..\Run: [dmmxv.tmp] C:\Windows\system32\dmmxv.tmp
O4 - HKCU\..\Run: [dmesh.tmp] C:\Windows\system32\dmesh.tmp
O4 - HKCU\..\Run: [dmxuh.tmp] C:\Windows\system32\dmxuh.tmp
O4 - HKCU\..\Run: [dminn.tmp] C:\Windows\system32\dminn.tmp
O4 - HKCU\..\Run: [dmjvv.tmp] C:\Windows\system32\dmjvv.tmp
O4 - HKCU\..\Run: [dmdhx.tmp] C:\Windows\system32\dmdhx.tmp
O4 - HKCU\..\Run: [dmuzc.tmp] C:\Windows\system32\dmuzc.tmp
O4 - HKCU\..\Run: [dmbby.tmp] C:\Windows\system32\dmbby.tmp
O4 - HKCU\..\Run: [dmkyo.tmp] C:\Windows\system32\dmkyo.tmp
O4 - HKCU\..\Run: [dmhln.tmp] C:\Windows\system32\dmhln.tmp
O4 - HKCU\..\Run: [dmmxl.tmp] C:\Windows\system32\dmmxl.tmp
O4 - HKCU\..\Run: [dmpge.tmp] C:\Windows\system32\dmpge.tmp
O4 - HKCU\..\Run: [MSServer] rundll32.exe C:\Users\BJRN~1\AppData\Local\Temp\xxyvsSLD.dll,#1
O4 - HKCU\..\Run: [Host Process] C:\Users\Björn\svchost.exe
O4 - HKCU\..\Run: [dmisg.tmp] C:\Windows\system32\dmisg.tmp
O4 - HKCU\..\Run: [dmlfr.tmp] C:\Windows\system32\dmlfr.tmp
O4 - HKCU\..\Run: [dmkil.tmp] C:\Windows\system32\dmkil.tmp
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
O4 - HKCU\..\Run: [dmjfu.tmp] C:\Windows\system32\dmjfu.tmp
O4 - HKCU\..\Run: [dmmtm.tmp] C:\Windows\system32\dmmtm.tmp
O4 - HKCU\..\Run: [cmds] rundll32.exe C:\Users\BJRN~1\AppData\Local\Temp\hgGxwtsR.dll,c
O4 - HKCU\..\Run: [dmuyd.tmp] C:\Windows\system32\dmuyd.tmp
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Empowering Technology Launcher.lnk = ?
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip\..\{7E2A12EB-7403-47CF-A610-164D8F933D1C}: NameServer = 85.255.114.90,85.255.112.233
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.90 85.255.112.233
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe

--
End of file - 13222 bytes

1381

Äänestä

Vastaukset

Kyllä joo
2008-05-08 17:28:50
Troijalaiset ovat näemmä kotiutuneet koneelle.
- sanoo kysyjä
  2008-05-08 17:38:01
  Nyt sitten kaivattaisiin neuvoja miten ne saisi häädettyä
joku muukin
2008-05-08 18:31:37
käyttää konettasi. Sitten kun olet koneesi "fixannut", ehkä kannattaisi vaihtaa myös käyttämiäsi salasanoja. Käy liittämässä tuo hjt- logi tuolla sivustolla, niin näet mitä kaikkea ylimääräistä voi korjata hjt -ohjelmalla. http://www.hijackthis.de/index.php Koita edetä varovasti ja skannaa koneesi myös avgantispywarella ja tuolla malwarebyte's anti-malwarella. Noilla poistuu aika mukavasti ylimääräisiä pöpöjä. Tuossa aluksi.
- ajaa ewido...
  2008-05-09 02:16:10
  ja vielä lisäys, jos on pankkiasioita hoidellut koneella, niin se olisi lopetettava siksi aikaa kun on saatu kone putsattua...jäljet johtaa syltty tehtaalle.
  
  ohjeet ewidolle:
  
  -Skannaa koneesi Ewido Online Scannerilla
  
  *Lataa Ewido_micro.exe http://downloads.ewido.net/ewido_micro.exe
  
  *Tallenna tiedosto esimerkiksi työpöydälle.
  
  *Tuplaklikkaa Ewido_micro.exeä työpöydälläsi.
  *Ewido alkaa samantien päivittämään tunnisteitaan. Tässä voi mennä hetki.
  *Kun päivitykset on ladattu, varmista että kaikki kohdat ovat rastitettuja ikkunan vasemmassa laidassa.
  *Klikkaa vasemmalla alhaalla olevaa -nappia.
  *Scannaus alkaa. Tässä voi kestää jonkun aikaa, riippuen tiedostojen määrästä.
  *Kun skannaus on valmis ja löytyneitä kohteita on, niin varmista, että kaikkien kohteiden vasemmalla puolella olevissa kohdissa on rastit.
  *Klikkaa -nappia ja tallenna raportti vaikka työpöydälle.
  *Klikkaa -nappia.
  *Kun vastaat aukeavaan ilmoitukseen , niin kaikki saastuneet tiedostot poistetaan.
  *Poiston jälkeen voit sammuttaa Ewido Online Scannerin painamalla yläkulmassa olevaa punaista rastia.
  *Käynnistä kone nyt uudelleen ja postita tallentamasi raportti viestiketjuusi uuden HijackThis lokin kera.
- uusi lok tässä
  2008-05-11 00:27:10
  ajaa ewido... kirjoitti:
  ja vielä lisäys, jos on pankkiasioita hoidellut koneella, niin se olisi lopetettava siksi aikaa kun on saatu kone putsattua...jäljet johtaa syltty tehtaalle.
  
  ohjeet ewidolle:
  
  -Skannaa koneesi Ewido Online Scannerilla
  
  *Lataa Ewido_micro.exe http://downloads.ewido.net/ewido_micro.exe
  
  *Tallenna tiedosto esimerkiksi työpöydälle.
  
  *Tuplaklikkaa Ewido_micro.exeä työpöydälläsi.
  *Ewido alkaa samantien päivittämään tunnisteitaan. Tässä voi mennä hetki.
  *Kun päivitykset on ladattu, varmista että kaikki kohdat ovat rastitettuja ikkunan vasemmassa laidassa.
  *Klikkaa vasemmalla alhaalla olevaa -nappia.
  *Scannaus alkaa. Tässä voi kestää jonkun aikaa, riippuen tiedostojen määrästä.
  *Kun skannaus on valmis ja löytyneitä kohteita on, niin varmista, että kaikkien kohteiden vasemmalla puolella olevissa kohdissa on rastit.
  *Klikkaa -nappia ja tallenna raportti vaikka työpöydälle.
  *Klikkaa -nappia.
  *Kun vastaat aukeavaan ilmoitukseen , niin kaikki saastuneet tiedostot poistetaan.
  *Poiston jälkeen voit sammuttaa Ewido Online Scannerin painamalla yläkulmassa olevaa punaista rastia.
  *Käynnistä kone nyt uudelleen ja postita tallentamasi raportti viestiketjuusi uuden HijackThis lokin kera.
  onko yhtään parempi?
  
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:49:03, on 10.5.2008
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal
  
  Running processes:
  C:\Windows\System32\smss.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\wininit.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\services.exe
  C:\Windows\system32\lsass.exe
  C:\Windows\system32\lsm.exe
  C:\Windows\system32\winlogon.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\SLsvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  C:\Windows\system32\Dwm.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\Windows\Explorer.EXE
  C:\Windows\RtHDVCpl.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Acer\Empowering Technology\SysMonitor.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Logitech\Gaming Software\LWEMon.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Program Files\Spyware Doctor\pctsTray.exe
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\Program Files\Windows Sidebar\sidebar.exe
  C:\Windows\ehome\ehtray.exe
  C:\Windows\System32\spoolsv.exe
  C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Windows\ehome\ehmsas.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  C:\Windows\system32\svchost.exe
  C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  C:\Program Files\Spyware Doctor\pctsAuxs.exe
  C:\Program Files\Spyware Doctor\pctsSvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\SearchIndexer.exe
  C:\Windows\system32\WUDFHost.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\Windows\System32\mobsync.exe
  C:\Program Files\Windows Media Player\wmpnetwk.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  C:\Windows\system32\conime.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O1 - Hosts: ::1 localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
  O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
  O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
  O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
  O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  O4 - HKLM\..\Run: [Skytel] Skytel.exe
  O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
  O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
  O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
  O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Empowering Technology Launcher.lnk = ?
  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
  O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
  O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  
  --
  End of file - 12264 bytes
- parempi...
  2008-05-11 01:33:28
  uusi lok tässä kirjoitti:
  onko yhtään parempi?
  
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:49:03, on 10.5.2008
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal
  
  Running processes:
  C:\Windows\System32\smss.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\wininit.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\services.exe
  C:\Windows\system32\lsass.exe
  C:\Windows\system32\lsm.exe
  C:\Windows\system32\winlogon.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\SLsvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  C:\Windows\system32\Dwm.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\Windows\Explorer.EXE
  C:\Windows\RtHDVCpl.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Acer\Empowering Technology\SysMonitor.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Logitech\Gaming Software\LWEMon.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Program Files\Spyware Doctor\pctsTray.exe
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\Program Files\Windows Sidebar\sidebar.exe
  C:\Windows\ehome\ehtray.exe
  C:\Windows\System32\spoolsv.exe
  C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Windows\ehome\ehmsas.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  C:\Windows\system32\svchost.exe
  C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  C:\Program Files\Spyware Doctor\pctsAuxs.exe
  C:\Program Files\Spyware Doctor\pctsSvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\SearchIndexer.exe
  C:\Windows\system32\WUDFHost.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\Windows\System32\mobsync.exe
  C:\Program Files\Windows Media Player\wmpnetwk.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  C:\Windows\system32\conime.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O1 - Hosts: ::1 localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
  O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
  O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
  O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
  O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  O4 - HKLM\..\Run: [Skytel] Skytel.exe
  O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
  O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
  O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
  O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Empowering Technology Launcher.lnk = ?
  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
  O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
  O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  
  --
  End of file - 12264 bytes
  odottele nyt jonkin fixaajan tuomio vielä... javan voisi ainakin päivittää uudempaan versioon.
- sasesi
  2008-05-11 18:00:11
  uusi lok tässä kirjoitti:
  onko yhtään parempi?
  
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:49:03, on 10.5.2008
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal
  
  Running processes:
  C:\Windows\System32\smss.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\wininit.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\services.exe
  C:\Windows\system32\lsass.exe
  C:\Windows\system32\lsm.exe
  C:\Windows\system32\winlogon.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\SLsvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  C:\Windows\system32\Dwm.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\Windows\Explorer.EXE
  C:\Windows\RtHDVCpl.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Acer\Empowering Technology\SysMonitor.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Logitech\Gaming Software\LWEMon.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Program Files\Spyware Doctor\pctsTray.exe
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\Program Files\Windows Sidebar\sidebar.exe
  C:\Windows\ehome\ehtray.exe
  C:\Windows\System32\spoolsv.exe
  C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Windows\ehome\ehmsas.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  C:\Windows\system32\svchost.exe
  C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  C:\Program Files\Spyware Doctor\pctsAuxs.exe
  C:\Program Files\Spyware Doctor\pctsSvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\SearchIndexer.exe
  C:\Windows\system32\WUDFHost.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\Windows\System32\mobsync.exe
  C:\Program Files\Windows Media Player\wmpnetwk.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  C:\Windows\system32\conime.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O1 - Hosts: ::1 localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
  O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
  O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
  O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
  O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  O4 - HKLM\..\Run: [Skytel] Skytel.exe
  O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
  O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
  O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
  O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Empowering Technology Launcher.lnk = ?
  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
  O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
  O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  
  --
  End of file - 12264 bytes
  sitten hyvän sään aikana käyttämään vaikka Mozilla Firefoxia sillä Internet Explorerista ne troijalaiset sisään pääsevät?
  
  Lataa ja asenna http://www.mozilla.com
- kone yhtään
  2008-05-11 21:37:25
  uusi lok tässä kirjoitti:
  onko yhtään parempi?
  
  Logfile of Trend Micro HijackThis v2.0.2
  Scan saved at 20:49:03, on 10.5.2008
  Platform: Windows Vista SP1 (WinNT 6.00.1905)
  MSIE: Internet Explorer v7.00 (7.00.6001.18000)
  Boot mode: Normal
  
  Running processes:
  C:\Windows\System32\smss.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\wininit.exe
  C:\Windows\system32\csrss.exe
  C:\Windows\system32\services.exe
  C:\Windows\system32\lsass.exe
  C:\Windows\system32\lsm.exe
  C:\Windows\system32\winlogon.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\SLsvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\Ati2evxx.exe
  c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  C:\Windows\system32\Dwm.exe
  C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  C:\Windows\Explorer.EXE
  C:\Windows\RtHDVCpl.exe
  C:\Program Files\Common Files\Symantec Shared\ccApp.exe
  C:\Acer\Empowering Technology\SysMonitor.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe
  C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
  C:\Program Files\Logitech\Gaming Software\LWEMon.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
  C:\Program Files\Spyware Doctor\pctsTray.exe
  C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
  C:\Program Files\Windows Sidebar\sidebar.exe
  C:\Windows\ehome\ehtray.exe
  C:\Windows\System32\spoolsv.exe
  C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\Windows Media Player\wmpnscfg.exe
  C:\Windows\ehome\ehmsas.exe
  C:\Windows\system32\taskeng.exe
  C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
  C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  C:\Program Files\Logitech\SetPoint\SetPoint.exe
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  C:\Acer\Empowering Technology\ACER.EMPOWERING.FRAMEWORK.SUPERVISOR.EXE
  C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  C:\Windows\system32\svchost.exe
  C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  C:\Program Files\Spyware Doctor\pctsAuxs.exe
  C:\Program Files\Spyware Doctor\pctsSvc.exe
  C:\Windows\system32\svchost.exe
  C:\Windows\System32\svchost.exe
  C:\Windows\system32\SearchIndexer.exe
  C:\Windows\system32\WUDFHost.exe
  C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
  C:\Windows\System32\mobsync.exe
  C:\Program Files\Windows Media Player\wmpnetwk.exe
  C:\Windows\system32\wbem\unsecapp.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  C:\Windows\system32\conime.exe
  C:\Program Files\Internet Explorer\ieuser.exe
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Windows\system32\Macromed\Flash\FlashUtil9f.exe
  C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
  C:\Windows\system32\wbem\wmiprvse.exe
  
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.suomi24.fi/
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
  R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
  O1 - Hosts: ::1 localhost
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
  O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
  O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
  O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
  O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
  O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll
  O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
  O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
  O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
  O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
  O4 - HKLM\..\Run: [osCheck] "c:\Program Files\Norton Internet Security\osCheck.exe"
  O4 - HKLM\..\Run: [Acer Empowering Technology Monitor] C:\Acer\Empowering Technology\SysMonitor.exe
  O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
  O4 - HKLM\..\Run: [Skytel] Skytel.exe
  O4 - HKLM\..\Run: [PlayMovie] "C:\Program Files\Acer Arcade Live\Acer PlayMovie\PMVService.exe"
  O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe
  O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
  O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
  O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
  O4 - HKLM\..\Run: [NeroFilterCheck] C:\Windows\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
  O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
  O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
  O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
  O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
  O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
  O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
  O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
  O4 - HKCU\..\Run: [Packard Bell Data Secure] C:\Program Files\Packard Bell Data Secure\PBDataSecure.exe
  O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
  O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
  O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
  O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEM')
  O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')
  O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
  O4 - Global Startup: Empowering Technology Launcher.lnk = ?
  O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
  O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
  O4 - Global Startup: PCM Media Sharing.lnk = C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
  O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
  O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
  O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
  O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
  O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
  O23 - Service: Acer HomeMedia Connect Service - CyberLink - C:\Program Files\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\CLMSServer.exe
  O23 - Service: ePerformance Service (AcerMemUsageCheckService) - Unknown owner - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
  O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
  O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
  O23 - Service: eDataSecurity Service - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe
  O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
  O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
  O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
  O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
  O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
  O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
  O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
  O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\Windows\system32\pr2ah4nc.exe
  O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
  O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
  O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
  O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
  O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
  O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
  O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
  
  --
  End of file - 12264 bytes
  "jouhevampi" vai tökkiikö vielä? Mikä on keskusmuistin määrä 2gigaa on kyllä minimi Vistassa. Sitten noita prosesseja voisi vähentää, auttaa kyllä kummasti. Poista ad-aware ja spyware doctor, kyllä noilla aiemmin mainituilla ohjelmilla löytyy enemmän pöpöjä kuin noilla kahdella.
- toimii kohtuullisesti
  2008-05-11 21:55:47
  kone yhtään kirjoitti:
  "jouhevampi" vai tökkiikö vielä? Mikä on keskusmuistin määrä 2gigaa on kyllä minimi Vistassa. Sitten noita prosesseja voisi vähentää, auttaa kyllä kummasti. Poista ad-aware ja spyware doctor, kyllä noilla aiemmin mainituilla ohjelmilla löytyy enemmän pöpöjä kuin noilla kahdella.
  Nykyykö tossa lokissa vielä kriittistä, uskaltaako tällä jo pankkiin? Rammia on 3 gigaa

Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

Takaisin ylös

Luetuimmat keskustelut

Kotkalainen Demari Riku Pirinen vangittu Saksassa lapsipornosta
https://www.kymensanomat.fi/paikalliset/8081054 Kotkalainen Demari Riku Pirinen vangittu Saksassa lapsipornon hallussapi
20.11.2024 20:43Kotka
123
3134
Vanhalle ukon rähjälle
Satutit mua niin paljon kun erottiin. Oletko todella niin itsekäs että kuvittelet että huolisin sut kaiken tapahtuneen
21.11.2024 00:39Ikävä
37
2496
Olen tosi outo....
Päättelen palstajuttujen perusteella mitä mieltä minun kaipauksen kohde minusta on. Joskus kuvittelen tänne selkeitä tap
20.11.2024 00:07Ikävä
30
2435
Maisa on SALAKUVATTU huumepoliisinsa kanssa!
https://www.seiska.fi/vain-seiskassa/ensimmainen-yhteiskuva-maisa-torpan-ja-poliisikullan-lahiorakkaus-roihuaa/1525663
21.11.2024 09:27Kotimaiset julkkisjuorut
111
2159
Oletko sä luovuttanut
Mun suhteeni
20.11.2024 22:38Ikävä
114
1700
Hommaatko kinkkua jouluksi?
Itse tein pakastimeen n. 3Kg:n murekkeen sienillä ja juustokuorrutuksella. Voihan se olla, että jonkun pienen, valmiin k
20.11.2024 06:48Sinkut
172
1406
Nurmossa kuoli 2 Lasta..
Autokolarissa. Näin kertovat iltapäivälehdet juuri nyt. 22.11. Ja aina ennen Joulua näitä tulee. . .
22.11.2024 12:41Seinäjoki
26
1345
Aatteleppa ite!
Jos ei oltaisikaan nyt NATOssa, olisimme puolueettomana sivustakatsojia ja elelisimme tyytyväisenä rauhassa maassamme.
20.11.2024 17:34Maailman menoa
291
1239
Mikko Koivu yrittää pestä mustan valkoiseksi
Ilmeisesti huomannut, että Helenan tukijoukot kasvaa kasvamistaan. Riistakamera paljasti hiljattain kylmän totuuden Mi
21.11.2024 20:14Kotimaiset julkkisjuorut
279
1231
Onko se ikä
Alkanut haitata?
20.11.2024 03:29Ikävä
62
1077

yks loki

Vastaukset

ajaa ewido... kirjoitti:

uusi lok tässä kirjoitti:

uusi lok tässä kirjoitti:

uusi lok tässä kirjoitti:

kone yhtään kirjoitti:

Luetuimmat keskustelut

Kotkalainen Demari Riku Pirinen vangittu Saksassa lapsipornosta

Vanhalle ukon rähjälle

Olen tosi outo....

Maisa on SALAKUVATTU huumepoliisinsa kanssa!

Oletko sä luovuttanut

Hommaatko kinkkua jouluksi?

Nurmossa kuoli 2 Lasta..

Aatteleppa ite!

Mikko Koivu yrittää pestä mustan valkoiseksi

Onko se ikä

Joel Harkimo seuraa Martina Aitolehden jalanjälkiä!

Ernest Lawson paljastaa, mitä tapahtuu Nelli-rakkaan kanssa sunnuntai-iltaisin: "Jos vaimo ei ole.."

Miksi pankkitunnuksilla kaikkialle

Susanna Laine avoimena - Ei "seurustele" tästä erityisestä syystä Farmi-kisaajien kanssa: "En ole.."

Bachelor Suomi: Sinkkunainen Ada avaa sanaisen arkkunsa bachelor-Joonaksen toimista: "Miksen...?"

Maisa on SALAKUVATTU huumepoliisinsa kanssa!

Ensitreffit Hai rehellisenä - Tämä intiimiyden muoto puuttui suhteesta Annan kanssa: "Meillä ei..."

Vessahätä mainittu! Metsäpeikko eli Atte Kilpinen teki paljastuksia Masked Singer -kulissien takaa

Hommaatko kinkkua jouluksi?

Omalääkäri hallituksen utopia?