Apuva..

Goofy

Kone toimii aika hitaasti ja pieniä ongelmia ilmenee. Aattelin kysyä neuvoa viisaammilta. Viitsisikö joku auttaa. Kiitos jo etukäteen!!

Logfile of HijackThis v1.97.7
Scan saved at 20:44:58, on 15.10.2004
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\HPConfig.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\RadioSvr.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\System32\carpserv.exe
C:\WINDOWS\System32\atiptaxx.exe
C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Lataukset\DC \´Sälää\DCPlusPlus.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Lataukset\Mozilla\mozilla.exe
C:\Lataukset\DC \FileLists\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: AIM (HKLM)
O9 - Extra button: Real.com (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: Windows Messenger (HKLM)
O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} - http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?37919.4280555556
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

7

325

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • Juu
    • linkistä uudenpi HjT ja laita uusi logi sillä, asenna se omaan kansioon esim. C:/Hjt/HijackThis.exe

      • Goofy

        Tässä se uusi logi.

        Logfile of HijackThis v1.98.2
        Scan saved at 21:19:08, on 15.10.2004
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\System32\Ati2evxx.exe
        C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
        C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
        C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
        C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
        C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
        C:\Program Files\F-Secure\Common\FSMA32.EXE
        C:\WINDOWS\system32\HPConfig.exe
        C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
        C:\Program Files\F-Secure\Common\FSMB32.EXE
        C:\WINDOWS\system32\RadioSvr.exe
        C:\Program Files\F-Secure\Common\FCH32.EXE
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\F-Secure\Common\FAMEH32.EXE
        C:\Program Files\F-Secure\Common\FNRB32.EXE
        C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
        C:\Program Files\F-Secure\Common\FIH32.EXE
        C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
        C:\WINDOWS\System32\carpserv.exe
        C:\WINDOWS\System32\atiptaxx.exe
        C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
        C:\WINDOWS\system32\dla\tfswctrl.exe
        C:\Program Files\F-Secure\Common\FSM32.EXE
        C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
        C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
        C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
        C:\Program Files\Logitech\MouseWare\system\em_exec.exe
        C:\Program Files\Messenger Plus! 3\MsgPlus.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
        C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
        C:\WINDOWS\System32\wuauclt.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\Lataukset\Mozilla\mozilla.exe
        C:\HTJ\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
        O4 - HKLM\..\Run: [CARPService] carpserv.exe
        O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
        O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
        O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
        O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
        O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
        O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
        O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
        O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
        O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
        O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
        O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
        O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
        O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
        O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
        O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
        O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
        O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
        O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
        O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
        O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab


      • Goofy kirjoitti:

        Tässä se uusi logi.

        Logfile of HijackThis v1.98.2
        Scan saved at 21:19:08, on 15.10.2004
        Platform: Windows XP SP1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\System32\Ati2evxx.exe
        C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
        C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
        C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
        C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
        C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
        C:\Program Files\F-Secure\Common\FSMA32.EXE
        C:\WINDOWS\system32\HPConfig.exe
        C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
        C:\Program Files\F-Secure\Common\FSMB32.EXE
        C:\WINDOWS\system32\RadioSvr.exe
        C:\Program Files\F-Secure\Common\FCH32.EXE
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\System32\svchost.exe
        C:\Program Files\F-Secure\Common\FAMEH32.EXE
        C:\Program Files\F-Secure\Common\FNRB32.EXE
        C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
        C:\Program Files\F-Secure\Common\FIH32.EXE
        C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
        C:\WINDOWS\System32\carpserv.exe
        C:\WINDOWS\System32\atiptaxx.exe
        C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
        C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
        C:\WINDOWS\system32\dla\tfswctrl.exe
        C:\Program Files\F-Secure\Common\FSM32.EXE
        C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
        C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
        C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
        C:\Program Files\Logitech\MouseWare\system\em_exec.exe
        C:\Program Files\Messenger Plus! 3\MsgPlus.exe
        C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
        C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
        C:\WINDOWS\System32\wuauclt.exe
        C:\Program Files\MSN Messenger\msnmsgr.exe
        C:\Lataukset\Mozilla\mozilla.exe
        C:\HTJ\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
        O4 - HKLM\..\Run: [CARPService] carpserv.exe
        O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
        O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
        O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
        O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
        O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
        O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
        O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
        O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
        O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
        O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
        O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
        O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
        O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
        O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
        O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
        O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
        O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
        O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
        O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
        O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
        O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
        O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
        O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
        O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
        O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

        Poista se Messenger plus3 Lisää/Poista sovelluksessa.

        Sulje selain ja muut ikkunat laita merkki noiden eteen ja paina FIX

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://channels.aimtoday.com/search/aimtoolbar.jsp
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://channels.aimtoday.com/search/aimtoolbar.jsp
        O3 - Toolbar: AIM Search - {40D41A8B-D79B-43d7-99A7-9EE0F344C385} - C:\Program Files\AIM Toolbar\AIMBar.dll (file missing)
        O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
        O4 - HKCU\..\Run: [BLMessagingIntegration] C:\Program Files\Common Files\PSD Tools\blengine.exe
        O8 - Extra context menu item: &AIM Search - res://C:\Program Files\AIM Toolbar\AIMBar.dll/aimsearch.htm
        O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM95\aim.exe
        O16 - DPF: {FDDCE9FF-1FC6-413C-80B1-37B101FDA1D4} - http://download.buddylinks.net/ShellInstaller.cab

        Poista vikasietotilassa nuo
        C:\Program Files\---Tuo---Messenger Plus! 3\MsgPlus.exe"
        C:\Program Files\Common Files\---Tuo---PSD Tools\blengine.exe
        C:\Program Files\---Tuo---AIM Toolbar\AIMBar.dll/aimsearch.htm
        C:\Program Files\---Tuo---AIM95\aim.exe

        Normaalikäynnistys ja laita uusi logi


    • Goofy

      Parhaan taitoni mukaan koitin tehdä sanomasi asiat. Tässä uusin logi. Miltäs näyttää?

      Logfile of HijackThis v1.98.2
      Scan saved at 22:44:47, on 15.10.2004
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\System32\Ati2evxx.exe
      C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
      C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
      C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
      C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
      C:\Program Files\F-Secure\Common\FSMA32.EXE
      C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
      C:\WINDOWS\system32\HPConfig.exe
      C:\Program Files\F-Secure\Common\FSMB32.EXE
      C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
      C:\WINDOWS\system32\RadioSvr.exe
      C:\WINDOWS\System32\svchost.exe
      C:\Program Files\F-Secure\Common\FCH32.EXE
      C:\Program Files\F-Secure\Common\FAMEH32.EXE
      C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
      C:\Program Files\F-Secure\Common\FNRB32.EXE
      C:\Program Files\F-Secure\Common\FIH32.EXE
      C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\System32\carpserv.exe
      C:\WINDOWS\System32\atiptaxx.exe
      C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe
      C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
      C:\WINDOWS\system32\dla\tfswctrl.exe
      C:\Program Files\F-Secure\Common\FSM32.EXE
      C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
      C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
      C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
      C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
      C:\Program Files\Logitech\MouseWare\system\em_exec.exe
      C:\Program Files\Common Files\Nokia\Services\ServiceLayer.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\HTJ\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.com/telkku.cgi?n=nuoranne&s=055104101095044117&p=0&sivu=0&
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com/info/homepage-o
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O4 - HKLM\..\Run: [CARPService] carpserv.exe
      O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
      O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
      O4 - HKLM\..\Run: [HP TV Now] C:\Program Files\Hewlett-Packard\HP TV Now\HpTvNow.exe /RK
      O4 - HKLM\..\Run: [HP Display Settings] C:\Program Files\Hewlett-Packard\HP Notebook Utilities\hptasks.exe /s
      O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
      O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
      O4 - HKLM\..\Run: [QT4HPOT] C:\PROGRA~1\HEWLET~1\ONE-TO~1\OneTouch.EXE
      O4 - HKLM\..\Run: [HP Presentation Ready] C:\Program Files\Hewlett-Packard\HP Presentation Ready\PresRdy.exe -r
      O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
      O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
      O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [EPSON Stylus C42 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C42 Series" /O6 "USB001" /M "Stylus C42"
      O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Nokia\Nokia PC Suite 5\DataLayer.exe
      O4 - HKLM\..\Run: [Nokia Tray Application] C:\Program Files\Common Files\Nokia\NCLTools\NclTray.exe
      O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
      O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
      O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
      O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\System32\Shdocvw.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
      O14 - IERESET.INF: START_PAGE_URL=http://www.hp.com/info/homepage-o
      O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
      O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://lame.lut.fi/finnhits/AxisCamControl.ocx
      O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab
      O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab


      • Goofy
        HJT kirjoitti:

        kyllä tuo minulle kelpaa, jos et tunne tuota www osoitetta niin fixaa vielä sekin.
        O16 - DPF: {ED5896AC-7F1A-4095-87A8-08206DE7835C} (WingCtl Class) - http://www.idance.co.kr/mysprite/install/Wings2.cab

        Mites kone toimii?

        Täytyy nyt seurailla vähän aikaa, mutta kone tuntuu toimivan heti aremmin. Otin sen viimeisenkin pois, kun en sitä osoitetta tuntenut. Mutta kiitos sinulle avusta paljon!


    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Putin hoiti Suomen natoon ja myös Ruotsin

      Iso kiitos Vladimir Putinille. Hänen ansiosta pääsemme nyt Natoon. Putin halusi Naton lähelle ja nyt sai. Voimme tästä kiittää vain Putinia.
      Maailman menoa
      641
      7847
    2. Niinistö teki hetkessä Suomesta Venäjän ydinaseiden maalitaulun

      Kaiken lisäksi mies vielä lällätteli Putinille eilisessä tiedotustilaisuudessa ja käski katsomaan itseään peiliin. Kyllä vähän asiallisempaa käytöstä
      Maailman menoa
      436
      2127
    3. Voi Stefu ja sun kiivas luonteesi

      Sielä lentelee ullakkohuoneiston ikkunasta daamin vaatteet ja matkalaukut pitkin pihaa. Toisaalta,en ihmettele yhtään että tämä suhde päättyi näin,kyl
      Kotimaiset julkkisjuorut
      222
      2020
    4. Poliisi otti Stefun kiinni!

      Seiska tietää kertoa.
      Kotimaiset julkkisjuorut
      143
      1611
    5. Veikkaus: Miten The Rasmus pärjää Euroviisuissa?

      Euroviisuhuuma on ylimmillään, kun Suomi ja The Rasmus taistelee biisillään Jezebel. Bändi on tikissä, kunhan Lauri Ylösen ääni kantaa. Mitä veikka
      Viihde ja kulttuuri
      51
      1219
    6. Ohhoh! Martina Aitolehti ja seurapiirihurmuri-Jesper ekassa yhteiskuvassa - Sutinaa Mallorcalla!

      Martina Aitolehti ja seurapiirijulkkis-Jesper nauttivat toisistaan varsin vauhdikkaissa merkeissä Mallorcalla. Aitolehti ei ole esitellyt rakastaan vi
      Kotimaiset julkkisjuorut
      25
      1174
    7. Stefanilta tuli taas karu totuus Sofiasta

      Marokkolainen h*o*ra! Voi tsiisus kun mulla on hauskaa! Lumput lentää ikkunasta kun Stefu raivoaa h*uralleen🤣🤣🤣 Nyt ne popparit tulille, tästä tule
      Kotimaiset julkkisjuorut
      95
      1039
    8. Ootko onnellinen kun ei tarvitse

      nähdä tätä tyhmää naamaa enää koskaan? Multa se särkee sydämen, mutta minkäs teen. Vaikka olisi kuinka sinnikäs eikä hellittäisi, se ei aina auta.
      Ikävä
      65
      823
    9. Oletko nähnyt eroottiset kohuleffat? Fifty Shades Of Grey -trilogia tv:stä

      Fifty Shades -trilogia starttaa, kun nuori opiskelijanainen Anastasia tapaa rikkaan liikemiehen. Seksisuhdehan siitä starttaa, höystettynä sadistisill
      Suhteet
      6
      701
    10. Sofia matkii Martinaa

      Sofia etsii omaa lippisjonnea mäkkäreistä ja itiksestä. Tuskin löytää yhtä komeaa.
      Kotimaiset julkkisjuorut
      133
      672
    Aihe