Apuva..

Goofy

2004-10-15 20:52:22

Kone toimii aika hitaasti ja pieniä ongelmia ilmenee. Aattelin kysyä neuvoa viisaammilta. Viitsisikö joku auttaa. Kiitos jo etukäteen!!

Logfile of HijackThis v1.97.7
Scan saved at 20:44:58, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\RadioSvr.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Lataukset\DC \´Sälää\DCPlusPlus.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Lataukset\Mozilla\mozilla.exe
C:\Lataukset\DC \FileLists\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37919.4280555556
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

402

Äänestä

Vastaukset

Juu
2004-10-15 21:14:49
Pistä uus logi tolla uusimmalla versiolla

http://koti.mbnet.fi/pattaya1/HijackThis.exe

Jos tuo MessengerPlus3 on asennettu sillä sponsoriohjelmalla,niin poista se ennen sitä uutta logia.
HJT
2004-10-15 21:16:50
linkistä uudenpi HjT ja laita uusi logi sillä, asenna se omaan kansioon esim. C:/Hjt/HijackThis.exe
- Goofy
  2004-10-15 21:20:08
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
- HJT
  2004-10-15 21:47:03
  Goofy kirjoitti:
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  Poista se Messenger plus3 Lisää/Poista sovelluksessa.
  
  Sulje selain ja muut ikkunat laita merkki noiden eteen ja paina FIX
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  
  Poista vikasietotilassa nuo
  C:\Program Files\---Tuo---Messenger Plus! 3\MsgPlus.exe"
  C:\Program Files\Common Files\---Tuo---PSD Tools\blengine.exe
  C:\Program Files\---Tuo---AIM Toolbar\AIMBar.dll/aimsearch.htm
  C:\Program Files\---Tuo---AIM95\aim.exe
  
  Normaalikäynnistys ja laita uusi logi
Goofy
2004-10-15 22:47:59
Parhaan taitoni mukaan koitin tehdä sanomasi asiat. Tässä uusin logi. Miltäs näyttää?

Logfile of HijackThis v1.98.2
Scan saved at 22:44:47, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\RadioSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HTJ\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
- HJT
  2004-10-15 23:23:56
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
- Goofy
  2004-10-16 07:49:19
  HJT kirjoitti:
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
  Täytyy nyt seurailla vähän aikaa, mutta kone tuntuu toimivan heti aremmin. Otin sen viimeisenkin pois, kun en sitä osoitetta tuntenut. Mutta kiitos sinulle avusta paljon!

Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

Takaisin ylös

Luetuimmat keskustelut

Jens Ihlen (ex Kukka) poika todistaa oikeudessa
10:49 "Välit ovat olemattomat" Minkälainen isäsi ja sinun välinen suhde on tällä hetkellä? "Minulla ei ole minkäännäkö
11.12.2025 10:53Maailman menoa
264
9922
K-kaupassa on mukava käydä, kun ei tarvitse katsella köyhiä
vasemmistolaisia, joista monet myös varastavat. Mielellään maksaa vähän enemmän tuotteista K-kaupassa, jotka ovat paljon
11.12.2025 10:22Maailman menoa
194
5654
Suomeen ei kuulu ihmiset jotka ei halua kätellä toisia ihmisiä, koska tämä on vääräuskoinen
Nainen joka ei halunnut kätellä Stubbia on selvästi ääripään muslimi, eli sitä sakkia josta niitä ongelmia koituu. Ulos
11.12.2025 12:45Maailman menoa
164
5234
PS:n Purra teki -JÄTTI-VELAT
* * PS:n Purra teki -JÄTTI-VELAT - ! ja jätti MaksuHuolet -Kansan Maksettavaksi -! *
11.12.2025 19:36Maailman menoa
75
4881
Vain vasemmistolaiset rakennemuutokset pelastavat Suomen
Kansaa on ankeutettu viimeiset 30+ vuotta porvarillisella minäminä-talouspolitiikalla, jossa tavalliselta kansalta on ot
13.12.2025 10:21Maailman menoa
1
2475
Ootko sä nainen suuttunut
jostain? Harmi jos tullut väärinkäsityksiä.
11.12.2025 17:58Ikävä
212
2449
Nainen, sanotaan että totuus tekee kipeää
Ehkä mutta se voi olla myös se kaikkein kamalin asia kohdata. Kuplassa on turvallista, kun tietää vähemmän on helpompi.
11.12.2025 04:33Ikävä
12
2279
Valtio lopettaa pienituloisten perheiden kylpylälomien tukemisen
Pienituloiset suomalaiset ovat voineet vuosikymmenten ajan hakea tuettuja lomia terveydellisin, sosiaalisin ja taloudell
11.12.2025 10:15Maailman menoa
353
2015
Menen nyt koisimaan
Ja en ehkä palaa tänne. Asia on nyt loppuunkäsitelty ja totuus tuli ilmi
12.12.2025 02:31Ikävä
21
1695
Minkälainen auto
Kaivatullasi on? Väri/Merkki? :)
11.12.2025 16:59Ikävä
90
1617

Apuva..

Vastaukset

Goofy kirjoitti:

HJT kirjoitti:

Luetuimmat keskustelut

Jens Ihlen (ex Kukka) poika todistaa oikeudessa

K-kaupassa on mukava käydä, kun ei tarvitse katsella köyhiä

Suomeen ei kuulu ihmiset jotka ei halua kätellä toisia ihmisiä, koska tämä on vääräuskoinen

PS:n Purra teki -JÄTTI-VELAT

Vain vasemmistolaiset rakennemuutokset pelastavat Suomen

Ootko sä nainen suuttunut

Nainen, sanotaan että totuus tekee kipeää

Valtio lopettaa pienituloisten perheiden kylpylälomien tukemisen

Menen nyt koisimaan

Minkälainen auto

KL: Mari Hynynen avoimena - Jouni-rakkaan ja Joel-pojan välit ovat nämä!

Kuvat luksus kodista! Janni Hussi esittelyt uuden hulppean kotinsa.

Gallup: Minkä arvosanan 4-10 annat Vain elämää -kaudelle?

Erikoisjoukot-tippuja Mikko Kekäläinen laukoo mokaamisen jälkeen suoraa tekstiä: "Tein..."

Muodostatko mielipiteesi toisesta ihmisestä

Yle: Katri Riihilahti rehellisenä - Sai täysin väärän ensivaikutelman Aki-miehestä: "Ei varmasti..."

Valtio lopettaa pienituloisten perheiden kylpylälomien tukemisen

Miss Suomi Sarah Dzafce joutuu......

Vappu Pimiä täräyttää suorat sanat suomalaisista maajusseista ja maaseudusta!

Jenni Poikelus OUT, Mervi Kallio IN - Matti Rönkä lataa napakan kommentin