Spyware????

Rike

Sain konnen tässä kunnossa "korjattavksi", eli jotain oli jo poistettu, mutta jatkuvasti edelleen alakulmassa vilkkuu "security alert" ja koti sivut tuntuvat joutuneen kaappauksen uhriksi. Josko joku ehtisi katsomaan mikä mättää.

Logfile of HijackThis v1.99.1
Scan saved at 16:42:20, on 10.12.2005
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\mssearchnet.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\hphmon05.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\wuauclt.exe
C:\imuroinnit\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://elisa.net/paketti/haku.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://laajakaista.elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighter.exe" monitor
O4 - HKLM\..\Run: [SpyFighterUpdate] "C:\Program Files\SpyFighter\AutoUpdate.exe" silent
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Palvelut - {233524F8-A793-4AFE-91D4-CC17ABE2FC78} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {88F6E377-5ED3-4BE5-B935-681A80775E00} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {A45A3E40-E57C-4537-8F9F-8B985AEF15D9} - http://tuki.elisa.net/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} (VacPro.internazionale_ver15) - http://advnt01.com/dialer/internazionale_ver15.CAB
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Gear Security Service -turvapalvelu (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

8

474

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • Fixaaja

      Poista lisää/poista sovellus-kohdasta (ohjauspaneeli):

      Spyware Stormer
      SpyFighter

      Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked):

      O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
      O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
      O4 - HKLM\..\Run: [SpyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighter.exe" monitor
      O4 - HKLM\..\Run: [SpyFighterUpdate] "C:\Program Files\SpyFighter\AutoUpdate.exe" silent
      O4 - Startup: PowerReg Scheduler.exe
      O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} (VacPro.internazionale_ver15) - http://advnt01.com/dialer/internazionale_ver15.CAB

      Hae smitrem täältä -> http://noahdfear.geekstogo.com/click counter/click.php?id=1
      Tallenna työpöydälle ja tuplaklikkaa sitä, jolloin se luo smitRem-kansion työpöydälle.

      Laita piilotiedostot näkyviin, ohje ->
      http://keskustelu.afterdawn.com/thread_view.cfm/248944

      Käynnistä vikasietotilaan (F8 käynnistyksen yhteydessä).

      Poista nämä:

      C:\Program Files\==>Spyware StormerSpyFighterALCXMNTR.EXE

    • Juu

      Poista Lisää\Poista panelista jos näkyy

      Spyware Stormer
      SpyFighter

      Ota smitrem ja säästä se työpöydälle

      http://noahdfear.geekstogo.com/click counter/click.php?id=1

      Tuplaklikkaa sitä ja Start niin saat smitrem kansion työpöydälle

      Käynnistä sitte kone vikasietotilassa.

      Scannaa Hijackillä merkkaa nuo rivit jos näkyy ja paina Fix checked

      O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
      O4 - HKLM\..\Run: [Spyware Stormer] C:\Program Files\Spyware Stormer\SpywareStormer.Exe
      O4 - HKLM\..\Run: [SpyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighter.exe" monitor
      O4 - HKLM\..\Run: [SpyFighterUpdate] "C:\Program Files\SpyFighter\AutoUpdate.exe" silent
      O4 - Startup: PowerReg Scheduler.exe
      O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} (VacPro.internazionale_ver15) - http://advnt01.com/dialer/internazionale_ver15.CAB

      Sitte poista jos löytyy

      C:\Program Files\Spyware Stormer\ < kansio
      C:\Program Files\SpyFighter\ < kansio

      Sitte avaa smitrem kansio ja tuplaklikkaa RunThis.bat ja seuraa ohjeita.

      Käynnistä sitte normaalisti ja lähetä uus Hijack logi ja smitrem logi (C:\smitfiles.txt.)

      • Juu

        Täälähän oli jo resepti.


    • Rike

      Tässä loki putsauksen jälkeen, ainakaan vielä ei ole pompannut silmille mitään.

      Logfile of HijackThis v1.99.1
      Scan saved at 18:18:58, on 10.12.2005
      Platform: Windows XP SP1 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\Explorer.EXE
      C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
      C:\windows\system\hpsysdrv.exe
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\WINDOWS\System32\hphmon05.exe
      C:\HP\KBD\KBD.EXE
      C:\Program Files\iTunes\iTunesHelper.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Common Files\Real\Update_OB\realsched.exe
      C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      C:\WINDOWS\System32\rundll32.exe
      C:\Program Files\D-Tools\daemon.exe
      C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
      C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      C:\Program Files\WinZip\WZQKPICK.EXE
      C:\WINDOWS\System32\gearsec.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\ZoneLabs\vsmon.exe
      C:\Program Files\iPod\bin\iPodService.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\WINDOWS\System32\wuauclt.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\imuroinnit\HijackThis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://laajakaista.elisa.net/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q304&bd=pavilion&pf=desktop
      R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://elisa.net/
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
      O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
      O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
      O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
      O4 - HKLM\..\Run: [HPHUPD05] c:\Program Files\HP\{45B6180B-DCAB-4093-8EE8-6164457517F0}\hphupd05.exe
      O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.exe
      O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
      O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
      O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
      O4 - HKLM\..\Run: [VTTimer] VTTimer.exe
      O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
      O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [UpdateManager] "c:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
      O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
      O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 -lock
      O4 - HKLM\..\Run: [EPSON Stylus Photo RX420 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9CE.EXE /P31 "EPSON Stylus Photo RX420 Series" /O6 "USB001" /M "Stylus Photo RX420"
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HPPAVI~1\Pavilion\XPHWWBS4\plugin\bin\pchbutton.exe
      O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
      O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
      O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
      O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
      O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
      O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
      O9 - Extra button: Palvelut - {233524F8-A793-4AFE-91D4-CC17ABE2FC78} - http://service.kolumbus.fi/ (file missing) (HKCU)
      O9 - Extra button: SMS-viesti - {88F6E377-5ED3-4BE5-B935-681A80775E00} - http://sms.kolumbus.fi/ (file missing) (HKCU)
      O9 - Extra button: Tuki - {A45A3E40-E57C-4537-8F9F-8B985AEF15D9} - http://tuki.elisa.net/ (file missing) (HKCU)
      O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
      O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
      O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: Gear Security Service -turvapalvelu (GEARSecurity) - GEAR Software - C:\WINDOWS\System32\gearsec.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

      Ja sitten tämä toinen.

      smitRem © log file
      version 2.8

      by noahdfear

      Microsoft Windows XP [versio 5.1.2600]

      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      checking for ShudderLTD key

      ShudderLTD key not present!

      checking for PSGuard.com key

      PSGuard.com key not present!

      spyaxe uninstaller NOT present
      ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

      Existing Pre-run Files

      ~~~ Program Files ~~~

      ~~~ Shortcuts ~~~

      ~~~ Favorites ~~~

      ~~~ system32 folder ~~~

      1024 dir
      msvol.tlb
      ld****.tmp
      mssearchnet.exe
      ncompat.tlb
      mscornet.exe

      • Rike

        smitRem © log file
        version 2.8

        by noahdfear

        Microsoft Windows XP [versio 5.1.2600]

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        checking for ShudderLTD key

        ShudderLTD key not present!

        checking for PSGuard.com key

        PSGuard.com key not present!

        spyaxe uninstaller NOT present
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Existing Pre-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        1024 dir
        msvol.tlb
        ld****.tmp
        mssearchnet.exe
        ncompat.tlb
        mscornet.exe

        ~~~ Icons in System32 ~~~

        ts.ico
        ot.ico

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
        Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
        Killing PID 1100 'explorer.exe'
        Killing PID 1100 'explorer.exe'

        Starting registry repairs

        Deleting files

        Remaining Post-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        ~~~ Icons in System32 ~~~

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~ Wininet.dll ~~~

        CLEAN! :)


      • Fiksaaja
        Rike kirjoitti:

        smitRem © log file
        version 2.8

        by noahdfear

        Microsoft Windows XP [versio 5.1.2600]

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        checking for ShudderLTD key

        ShudderLTD key not present!

        checking for PSGuard.com key

        PSGuard.com key not present!

        spyaxe uninstaller NOT present
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Existing Pre-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        1024 dir
        msvol.tlb
        ld****.tmp
        mssearchnet.exe
        ncompat.tlb
        mscornet.exe

        ~~~ Icons in System32 ~~~

        ts.ico
        ot.ico

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
        Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
        Killing PID 1100 'explorer.exe'
        Killing PID 1100 'explorer.exe'

        Starting registry repairs

        Deleting files

        Remaining Post-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        ~~~ Icons in System32 ~~~

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~ Wininet.dll ~~~

        CLEAN! :)

        Kunnossa on. Sisäänkirjautuminen ei jostain syystä onnistu, niin nimimerkki näyttää oudolta :( Alkuperäinen Fixaaja silti olen.


      • Fixaaja
        Rike kirjoitti:

        smitRem © log file
        version 2.8

        by noahdfear

        Microsoft Windows XP [versio 5.1.2600]

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        checking for ShudderLTD key

        ShudderLTD key not present!

        checking for PSGuard.com key

        PSGuard.com key not present!

        spyaxe uninstaller NOT present
        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Existing Pre-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        1024 dir
        msvol.tlb
        ld****.tmp
        mssearchnet.exe
        ncompat.tlb
        mscornet.exe

        ~~~ Icons in System32 ~~~

        ts.ico
        ot.ico

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

        Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03
        Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org
        Killing PID 1100 'explorer.exe'
        Killing PID 1100 'explorer.exe'

        Starting registry repairs

        Deleting files

        Remaining Post-run Files

        ~~~ Program Files ~~~

        ~~~ Shortcuts ~~~

        ~~~ Favorites ~~~

        ~~~ system32 folder ~~~

        ~~~ Icons in System32 ~~~

        ~~~ Windows directory ~~~

        ~~~ Drive root ~~~

        ~~~ Miscellaneous Files/folders ~~~

        ~~~ Wininet.dll ~~~

        CLEAN! :)

        Eli vahvistetaan myös "virallisesti", että lokit on kunnossa :)


      • Rike
        Fixaaja kirjoitti:

        Eli vahvistetaan myös "virallisesti", että lokit on kunnossa :)

        kone näyttää toimivan.


    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Mihin Ilkka Kanerva kuoli?

      Kun näin jokin aika sitten kuvan riutuneen näköisestä Kanervasta, sanoin vaimolle että haimasyövältä vaikuttaa. Vaimon isä oli kuollut kyseiseen tauti
      Maailman menoa
      403
      30820
    2. Martinan lapset JÄLLEEN valjastettu valkopesureiksi

      Ei tuo nainen todellakaan täysillä käy. Vauvakin tajuaa että kysymykset ja vastaukset ovat Martinan itsensä tekemiä, lapset vastaa mitä on käsketty. J
      Kotimaiset julkkisjuorut
      476
      4186
    3. Sofia Belorf ja Sonja Aiello

      Viihtyvät yhdessä dinnerillä. Pienet piirit. Mitä ajatuksia herättää ?
      Kotimaiset julkkisjuorut
      97
      2725
    4. Stefu LOISTAVAA!

      Ilmeisesti joku vedonlyönti tms, selvinpäin-elämästä👍👍👍 ilmankos ei ole Sofiaa näkynyt. Miten tän parin nyt käy, kun viimi ei maksettuna enää virta
      Kotimaiset julkkisjuorut
      133
      1892
    5. Teille, Venäjällä pelottelijat

      Oletatteko ja väitättekö te, että Venäjä pystyisi tuosta vain miehittämään Suomen?
      Maailman menoa
      590
      1657
    6. Ilkka Kanerva on kuollut

      74-vuotiaana.
      Maailman menoa
      86
      1593
    7. Kakista se ulos nainen vihdoin viimein

      Että haluat, kummatkin halutaan. Otan sinut kuumaan syleilyyn sitten.
      Ikävä
      75
      1565
    8. Ujostuttaa eräs aikuinen mies...

      Mitä se tämmönen on... tuo mies aiheuttaa minulle ylimääräsiä tykytyksiä... Rohkeampana pyytäsin häntä ulos mut jospa hän... Miten mun vaistot ilmoit
      Ikävä
      59
      1500
    9. Jos me käytäs nainen

      Ulkona niin mitkä olisi ne kolme asiaa joita tahtoisit kysyä tai kertoa minulle?
      Ikävä
      72
      1245
    Aihe