Apuva..

Goofy

2004-10-15 20:52:22

Kone toimii aika hitaasti ja pieniä ongelmia ilmenee. Aattelin kysyä neuvoa viisaammilta. Viitsisikö joku auttaa. Kiitos jo etukäteen!!

Logfile of HijackThis v1.97.7
Scan saved at 20:44:58, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\RadioSvr.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Lataukset\DC \´Sälää\DCPlusPlus.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Lataukset\Mozilla\mozilla.exe
C:\Lataukset\DC \FileLists\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37919.4280555556
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

346

Äänestä

Vastaukset

Juu
2004-10-15 21:14:49
Pistä uus logi tolla uusimmalla versiolla

http://koti.mbnet.fi/pattaya1/HijackThis.exe

Jos tuo MessengerPlus3 on asennettu sillä sponsoriohjelmalla,niin poista se ennen sitä uutta logia.
HJT
2004-10-15 21:16:50
linkistä uudenpi HjT ja laita uusi logi sillä, asenna se omaan kansioon esim. C:/Hjt/HijackThis.exe
- Goofy
  2004-10-15 21:20:08
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
- HJT
  2004-10-15 21:47:03
  Goofy kirjoitti:
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  Poista se Messenger plus3 Lisää/Poista sovelluksessa.
  
  Sulje selain ja muut ikkunat laita merkki noiden eteen ja paina FIX
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  
  Poista vikasietotilassa nuo
  C:\Program Files\---Tuo---Messenger Plus! 3\MsgPlus.exe"
  C:\Program Files\Common Files\---Tuo---PSD Tools\blengine.exe
  C:\Program Files\---Tuo---AIM Toolbar\AIMBar.dll/aimsearch.htm
  C:\Program Files\---Tuo---AIM95\aim.exe
  
  Normaalikäynnistys ja laita uusi logi
Goofy
2004-10-15 22:47:59
Parhaan taitoni mukaan koitin tehdä sanomasi asiat. Tässä uusin logi. Miltäs näyttää?

Logfile of HijackThis v1.98.2
Scan saved at 22:44:47, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\RadioSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HTJ\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
- HJT
  2004-10-15 23:23:56
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
- Goofy
  2004-10-16 07:49:19
  HJT kirjoitti:
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
  Täytyy nyt seurailla vähän aikaa, mutta kone tuntuu toimivan heti aremmin. Otin sen viimeisenkin pois, kun en sitä osoitetta tuntenut. Mutta kiitos sinulle avusta paljon!

Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

Takaisin ylös

Luetuimmat keskustelut

Ei se mene ohi ajan kanssa
Näin se vaan on.
07.06.2025 00:36Ikävä
129
2138
Ajattelen sinua nyt
Ajattelen sinua hyvin todennäköisesti myös huomenna. Sitten voi mennä viikko, että ajattelen sinua vain iltaisin ja aamu
08.06.2025 20:16Ikävä
23
1573
Olen huolissani
Että joku päivä ihastut/rakastut siskooni. Ja itseasiassa haluaisin, ettei hän olisi mitenkään sinun tyyppiäsi ja pitäis
07.06.2025 16:51Ikävä
70
1201
Vaistoan ettei sulla kaikki hyvin
Odotatko että se loppuu kokonaan ja avaat vasta linjan. Niin monen asian pitäisi muuttua että menisi loppu elämä kivasti
08.06.2025 19:28Ikävä
10
1167
Yritys Kannus
Mää vaan ihmettelen, julkijuopottelua. Eikö tosiaan oo parempaa hommaa, koittas saada oikeasti jotain aikaiseksi. Hävett
08.06.2025 07:01Kannus
12
1117
Oletko täällä mies?
Mitä mietit? ❤️ varmistan vielä, että onhan kaikki ok meidän välillä?
08.06.2025 21:08Ikävä
88
982
Eikö ole jo ihan sama luovuttaa
Meidän suhde ei ikinä toimisi.
08.06.2025 13:26Ikävä
82
852
Mies kadonnut
Kukas siellä kolarissa on kadonnut
08.06.2025 16:05Kolari
17
847
Kuin sonnilauma
Taas on Virkatiellä kova meteli keskellä päivää. Ei siinä kyllä toisia asukkaita yhtään ajatella. Tullaan yhden asuntoon
07.06.2025 13:54Kuhmo
16
751
Syrjintäskandaali Lieksan kaupungin johdossa
Ylen valpas toimittaja kirjoittaa: Lieksan kaupunki kieltäytyi hyväksymästä Vihreiden venäläistaustaista ehdokasta Lieks
07.06.2025 11:10Lieksa
107
691

Apuva..

Vastaukset

Goofy kirjoitti:

HJT kirjoitti:

Luetuimmat keskustelut

Ei se mene ohi ajan kanssa

Ajattelen sinua nyt

Olen huolissani

Vaistoan ettei sulla kaikki hyvin

Yritys Kannus

Oletko täällä mies?

Eikö ole jo ihan sama luovuttaa

Mies kadonnut

Kuin sonnilauma

Syrjintäskandaali Lieksan kaupungin johdossa

Lasten hyväksikäyttö netissä - Joka 3. nuori on saanut seksuaalisen yhteydenoton pedofiililtä

Poliisi: Kymmenhenkinen pohjalaisperhe ollut vuoden kateissa kansainvälinen etsintäkuulutus Poliis

GALLUP: Kenet julkkiskisaajan haluaisit nähdä TTK-tanssiparketilla tänä syksynä?

Au pair -työ Thaimaassa herättää kiivasta keskustelua somessa: "4cm torakoita, huumeita, tauteja..."

Hyvää Puolustusvoimain lippujuhlan päivää! Mitä isänmaallisuus sinulle merkitsee?

Kuka on uusi diili-isäntä?

Tiedätkö, mikä on umami? Entä minkä muotoista pastaa on farfalle? Tässä kiva tietovisa!

EU:n uusin idea - jatkossa joudut tunnistautumaan kun katsot PORNOA!

Paperimiehestä näyttelijäksi - Mikko Töyssy ja epätavallinen tarina

Miksi ihmiset eivät pysty laihtumaan?