Apuva..

Goofy

2004-10-15 20:52:22

Kone toimii aika hitaasti ja pieniä ongelmia ilmenee. Aattelin kysyä neuvoa viisaammilta. Viitsisikö joku auttaa. Kiitos jo etukäteen!!

Logfile of HijackThis v1.97.7
Scan saved at 20:44:58, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\RadioSvr.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Lataukset\DC \´Sälää\DCPlusPlus.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Lataukset\Mozilla\mozilla.exe
C:\Lataukset\DC \FileLists\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37919.4280555556
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

413

Äänestä

Vastaukset

Juu
2004-10-15 21:14:49
Pistä uus logi tolla uusimmalla versiolla

http://koti.mbnet.fi/pattaya1/HijackThis.exe

Jos tuo MessengerPlus3 on asennettu sillä sponsoriohjelmalla,niin poista se ennen sitä uutta logia.
HJT
2004-10-15 21:16:50
linkistä uudenpi HjT ja laita uusi logi sillä, asenna se omaan kansioon esim. C:/Hjt/HijackThis.exe
- Goofy
  2004-10-15 21:20:08
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
- HJT
  2004-10-15 21:47:03
  Goofy kirjoitti:
  Tässä se uusi logi.
  
  Logfile of HijackThis v1.98.2
  Scan saved at 21:19:08, on 15.10.2004
  Platform: Windows XP SP1 (WinNT 5.01.2600)
  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
  
  Running processes:
  C:\WINDOWS\System32\smss.exe
  C:\WINDOWS\system32\winlogon.exe
  C:\WINDOWS\system32\services.exe
  C:\WINDOWS\system32\lsass.exe
  C:\WINDOWS\system32\svchost.exe
  C:\WINDOWS\System32\svchost.exe
  C:\WINDOWS\system32\spoolsv.exe
  C:\WINDOWS\System32\Ati2evxx.exe
  C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
  C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
  C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
  C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
  C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
  C:\Program Files\F-Secure\Common\FSMA32.EXE
  C:\WINDOWS\system32\HPConfig.exe
  C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
  C:\Program Files\F-Secure\Common\FSMB32.EXE
  C:\WINDOWS\system32\RadioSvr.exe
  C:\Program Files\F-Secure\Common\FCH32.EXE
  C:\WINDOWS\Explorer.EXE
  C:\WINDOWS\System32\svchost.exe
  C:\Program Files\F-Secure\Common\FAMEH32.EXE
  C:\Program Files\F-Secure\Common\FNRB32.EXE
  C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
  C:\Program Files\F-Secure\Common\FIH32.EXE
  C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
  C:\WINDOWS\System32\carpserv.exe
  C:\WINDOWS\System32\atiptaxx.exe
  C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
  C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  C:\WINDOWS\system32\dla\tfswctrl.exe
  C:\Program Files\F-Secure\Common\FSM32.EXE
  C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
  C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  C:\Program Files\Logitech\MouseWare\system\em_exec.exe
  C:\Program Files\Messenger Plus! 3\MsgPlus.exe
  C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
  C:\WINDOWS\System32\wuauclt.exe
  C:\Program Files\MSN Messenger\msnmsgr.exe
  C:\Lataukset\Mozilla\mozilla.exe
  C:\HTJ\HijackThis.exe
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
  R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
  O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [CARPService] carpserv.exe
  O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
  O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
  O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
  O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
  O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
  O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
  O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
  O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
  O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
  O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
  O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
  O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
  O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
  O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
  O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
  O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
  O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
  O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
  O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
  O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
  O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
  O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
  O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  Poista se Messenger plus3 Lisää/Poista sovelluksessa.
  
  Sulje selain ja muut ikkunat laita merkki noiden eteen ja paina FIX
  
  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
  R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
  O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
  O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
  O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
  O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
  O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
  O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab
  
  Poista vikasietotilassa nuo
  C:\Program Files\---Tuo---Messenger Plus! 3\MsgPlus.exe"
  C:\Program Files\Common Files\---Tuo---PSD Tools\blengine.exe
  C:\Program Files\---Tuo---AIM Toolbar\AIMBar.dll/aimsearch.htm
  C:\Program Files\---Tuo---AIM95\aim.exe
  
  Normaalikäynnistys ja laita uusi logi
Goofy
2004-10-15 22:47:59
Parhaan taitoni mukaan koitin tehdä sanomasi asiat. Tässä uusin logi. Miltäs näyttää?

Logfile of HijackThis v1.98.2
Scan saved at 22:44:47, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\RadioSvr.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\wuauclt.exe
C:\HTJ\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
- HJT
  2004-10-15 23:23:56
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
- Goofy
  2004-10-16 07:49:19
  HJT kirjoitti:
  kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
  O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
  
  Mites kone toimii?
  Täytyy nyt seurailla vähän aikaa, mutta kone tuntuu toimivan heti aremmin. Otin sen viimeisenkin pois, kun en sitä osoitetta tuntenut. Mutta kiitos sinulle avusta paljon!

Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

Takaisin ylös

Luetuimmat keskustelut

6 kW saunan lämmityksestä kohta 10 euron lisämaksu / kerta
Kokoomuslainen sähköyhtiöiden hallitsema Energiavirasto ehdottaa 5 kW:n rajaa, jonka ylittämisestä tulee lisämaksu. Tark
09.01.2026 11:35Maailman menoa
309
8551
Duunarit hylkäsivät vasemmistoliiton, siitä tuli feministinaisten puolue
Pääluottamusmies Jari Myllykoski liittyi vasemmistoliittoon, koska se oli duunarien puolue. Sitä samaa puoluetta ei enää
10.01.2026 10:36Maailman menoa
199
4676
Olen väsynyt tähän
En osaa lopettaa ja koen huonoa omaatuntoa tästä. Kaikki on muutenkin turhaa ja tekemisesi sattuvat. Tunteita on vain hy
10.01.2026 21:18Ikävä
31
3170
Oppiiko vasemmistolaiset valehtelun jo kotonaan?
Sillä vasemmistolaiset/äärivasemmistolaiset valehtelee ja keksii asioita omasta päästään todella paljon. Esim. joku vas
10.01.2026 10:12Maailman menoa
195
2634
Seuraava hallituspohja - Kokoomus, kepu, persut + KD
Kokoomus saa ainakin 20% kannatuksen ensi vaaleissa, keskusta sanoisin noin 15%, persut todennäköisesti enemmän, ehkä 17
11.01.2026 10:43Maailman menoa
118
2213
Maailman laiskin eläin: persu
Persu ei ole eläessään laittanut rikkaa ristiin itsensä elättämiseen. Luonnossa tuollainen ei olisi mahdollista, mutta s
11.01.2026 11:28Maailman menoa
101
1769
Olenko mies sinun mielestä outo?
Saat vastata rehellisesti.
10.01.2026 18:47Ikävä
51
1766
Millasia unelmia sulla on?
onko unelmia...?
10.01.2026 11:04Ikävä
58
1678
Minneapolisin tapauksesta hyvä video
Runoilijan auto oli poikittain tiellä ja kun poliisit lähestyivät sitä, runotyttö painoi reippaadti kaasua. Auto syöksäh
09.01.2026 19:08Maailman menoa
350
1368
Miten usein toivot
Tai olet toivonut että olisimme lähekkäin vai toivotko ollenkaan?
10.01.2026 23:05Ikävä
170
1354

Apuva..

Vastaukset

Goofy kirjoitti:

HJT kirjoitti:

Luetuimmat keskustelut

6 kW saunan lämmityksestä kohta 10 euron lisämaksu / kerta

Duunarit hylkäsivät vasemmistoliiton, siitä tuli feministinaisten puolue

Olen väsynyt tähän

Oppiiko vasemmistolaiset valehtelun jo kotonaan?

Seuraava hallituspohja - Kokoomus, kepu, persut + KD

Maailman laiskin eläin: persu

Olenko mies sinun mielestä outo?

Millasia unelmia sulla on?

Minneapolisin tapauksesta hyvä video

Miten usein toivot

Tiesitkö? Uusi Bachelor on raivannut tietään määrätietoisesti somessa, myös Böckermanin ex-rakas!

Paljastus: Hengaillaan starttaa la 10.1. - Kisaajakattaus napakymppi mm. Anniina Valtonen

Suomessa on nyt suurin työttömyysprosentti EU:ssa

Vappu Pimiä antaa avokätiset neuvot Suomen sinkuille!

Katja Ståhl ja Mikko Kuustonen "löivät hynttyyt yhteen" - Kolmas kerta toden sanoo!

USA:n Ruokasuositus nyt Maha täynnä lihaa

Gallup: Mikä on ollut mielestäsi paras tv-sarja ikinä?

Ohhoh! Uutisankkuri Kirsi Alm-Siira repäisi - Tämä "perinne" saa kyllä naurulihakset nytkymään!

Johannes Holopainen yllättävässä paikassa Katri Riihilahden kanssa - Onko tämä sitä miltä näyttää?

Kenen julkkiksen kotiin haluaisit päästä Yökylässä-sarjassa? Tämä julkkiskattaus uusissa jaksoissa!