Kone takkuilee

Viestiketju Virukset ja haittaohjelmat - HijackThis -logit -osiossa. Ketjun avasi Satu74 08.03.2007.

  1. Satu74

    Satu74 Guest

    Viime aikoina kone on alkanut hidastelemaan ja varsinkin Firefox syö tehoja. Suorittimen prossat pomppaa sataan eikä mikään ei toimi vähään aikaan. Löytyiskö HJT:sta jotain? Itse en näistä ymmärrä mitään, joten pyydän teiltä viisaammilta apua.

    Logfile of HijackThis v1.99.1
    Scan saved at 21:17:15, on 8.3.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Elisa\Avustaja\Elisa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Program Files\Messenger\msmsgs.exe
    C:\HJT\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Elisa Avustaja Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [WinSvr] C:\WINDOWS\system32\WinSvr.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [Elisa Avustaja] "C:\Program Files\Elisa\Avustaja\Elisa.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'itime.dll' missing
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://i.grab.com/media/6512bd/games/files/1115/popcaploader_v6.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
    O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
     
    Satu74, 08.03.2007
    #1
  2.  
  3. Auttaja

    Auttaja Guest

    Avaa HijackThis ja fixaa seuraavat rivit (merkkaamalla ja painamalla fix checked)

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredit...html?p=ZNfox000
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab

    *******************
    Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
    http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
    http://download.bleepingcomputer.com/sUBs/ComboFix.exe

    2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
    3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
    Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
    **************

    Laita uusi HJT-logi
     
    Auttaja, 08.03.2007
    #2
  4. Satu74

    Satu74 Guest

    Tässäpä tämä

    "Lampi1" - 07-03-08 22:05:41 Service Pack 2
    ComboFix 07-03-08 - Running from: "C:\Documents and Settings\Lampi1\Ty”p”yt„"

    (((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


    C:\WINDOWS\system32\SVKP.sys


    ((((((((((((((((((((((((((((((( Files Created from 2007-02-08 to 2007-03-08 ))))))))))))))))))))))))))))))))))


    2007-03-08 10:37 <KANSIO> d-------- C:\Program Files\CCleaner
    2007-03-08 08:23 <KANSIO> d-------- C:\DOCUME~1\Lampi1\DoctorWeb
    2007-03-08 07:56 <KANSIO> d-------- C:\HJT
    2007-03-08 07:48 <KANSIO> d-------- C:\Program Files\SiSoftware
    2007-03-05 19:55 <KANSIO> d-------- C:\Program Files\Common Files\PCSuite
    2007-03-05 19:55 <KANSIO> d-------- C:\Program Files\Common Files\Nokia
    2007-03-05 19:53 <KANSIO> d-------- C:\Program Files\PC Connectivity Solution
    2007-02-28 17:23 6,815,744 --a------ C:\DOCUME~1\Lampi1\ntuser.dat
    2007-02-27 15:21 <KANSIO> d-------- C:\Program Files\Elisa
    2007-02-27 15:21 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Elisa
    2007-02-21 19:27 <KANSIO> d-------- C:\Program Files\Magic Vines
    2007-02-11 11:25 <KANSIO> d-------- C:\Program Files\Windows Live Toolbar
    2007-02-11 11:25 <KANSIO> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Live Toolbar


    (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


    2007-03-08 22:04 -------- d-------- C:\Program Files\spamihilator
    2007-03-08 21:32 -------- d-------- C:\Program Files\mozilla thunderbird
    2007-03-08 17:39 2085244 --a------ C:\WINDOWS\system32\msmaindb.dll
    2007-03-08 10:16 -------- d-------- C:\Program Files\msn messenger
    2007-03-08 10:16 -------- d-------- C:\Program Files\Common Files\sandlot shared
    2007-03-05 19:56 -------- d-------- C:\DOCUME~1\Lampi1\APPLIC~1\nokia
    2007-03-05 19:55 -------- d-------- C:\Program Files\nokia
    2007-03-05 19:43 -------- d-------- C:\DOCUME~1\Lampi1\APPLIC~1\pc suite
    2007-03-05 19:18 -------- d-------- C:\Program Files\revconnect
    2007-03-05 19:06 -------- d-------- C:\Program Files\emule
    2007-03-02 07:32 -------- d-------- C:\Program Files\super granny 3
    2007-02-11 11:25 -------- d---s---- C:\DOCUME~1\Lampi1\APPLIC~1\microsoft
    2007-02-06 13:43 -------- d-------- C:\Program Files\microsoft activesync
    2007-02-05 11:07 -------- d-------- C:\Program Files\snooper
    2007-02-03 12:29 -------- d-------- C:\Program Files\granny in paradise
    2007-02-03 09:01 -------- d-------- C:\DOCUME~1\Lampi1\APPLIC~1\nokia multimedia player
    2007-01-31 07:24 -------- d--h----- C:\Program Files\installshield installation information
    2007-01-31 07:23 -------- d-------- C:\Program Files\cyberlink
    2007-01-31 07:20 -------- d-------- C:\Program Files\windows media bonus pack for windows xp
    2007-01-29 10:26 -------- d-------- C:\Program Files\jewel of atlantis
    2007-01-23 07:17 -------- d-------- C:\Program Files\the filmmachine
    2007-01-21 14:10 -------- d-------- C:\DOCUME~1\Lampi1\APPLIC~1\image zone express
    2007-01-19 12:53 51056 --a------ C:\WINDOWS\system32\sirenacm.dll
    2007-01-16 07:55 -------- d-------- C:\Program Files\spamfighter
    2007-01-15 19:32 689280 --a------ C:\WINDOWS\system32\aswboot.exe
    2007-01-15 19:26 23352 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
    2007-01-15 19:25 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
    2007-01-15 19:23 90112 --a------ C:\WINDOWS\system32\avastss.scr
    2007-01-10 19:29 -------- d-------- C:\Program Files\Common Files\ankiro
    2007-01-10 19:28 -------- d-------- C:\Program Files\Common Files\application


    (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

    *Note* empty entries & legit default entries are not shown

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
    "CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
    "MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
    "Spamihilator"="\"C:\\Program Files\\Spamihilator\\spamihilator.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
    "avast!"="C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe"
    "SmcService"="C:\\PROGRA~1\\Sygate\\SPF\\smc.exe -startgui"
    "ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
    "WinSvr"="C:\\WINDOWS\\system32\\WinSvr.exe"
    "SPAMfighter Agent"="\"C:\\Program Files\\SPAMfighter\\SFAgent.exe\" update delay 60"
    "Elisa Avustaja"="\"C:\\Program Files\\Elisa\\Avustaja\\Elisa.exe\""

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
    "Installed"="1"
    "NoChange"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
    "Installed"="1"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Adobe Gamma Loader.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Käynnistä-valikko\\Ohjelmat\\Käynnistys\\Adobe Gamma Loader.lnk"
    "backup"="C:\\WINDOWS\\pss\\Adobe Gamma Loader.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\COMMON~1\\Adobe\\CALIBR~1\\ADOBEG~1.EXE "
    "item"="Adobe Gamma Loader"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Adobe Reader Speed Launch.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Käynnistä-valikko\\Ohjelmat\\Käynnistys\\Adobe Reader Speed Launch.lnk"
    "backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE "
    "item"="Adobe Reader Speed Launch"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Käynnistä-valikko^Ohjelmat^Käynnistys^Microsoft Office.lnk]
    "path"="C:\\Documents and Settings\\All Users\\Käynnistä-valikko\\Ohjelmat\\Käynnistys\\Microsoft Office.lnk"
    "backup"="C:\\WINDOWS\\pss\\Microsoft Office.lnkCommon Startup"
    "location"="Common Startup"
    "command"="C:\\PROGRA~1\\MICROS~2\\Office\\OSA9.EXE -b -l"
    "item"="Microsoft Office"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InCD]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="InCD"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Ahead\\InCD\\InCD.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="iTunesHelper"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="msmsgs"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NBJ]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NBJ"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Ahead\\Nero BackItUp\\NBJ.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="NeroCheck"
    "hkey"="HKLM"
    "command"="C:\\WINDOWS\\system32\\NeroCheck.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="qttask"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="PDVDServ"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="jusched"
    "hkey"="HKLM"
    "command"="C:\\Program Files\\Java\\jre1.5.0_06\\bin\\jusched.exe"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="realsched"
    "hkey"="HKLM"
    "command"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
    "inimapping"="0"

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
    "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
    "item"="AdobeUpdateManager"
    "hkey"="HKCU"
    "command"="\"C:\\Program Files\\Adobe\\Acrobat 7.0\\Reader\\AdobeUpdateManager.exe\" AcRdB7_0_7 -reboot 1"
    "inimapping"="0"


    [HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
    "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
    "PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
    "DisableClock"=dword:00000000
    "NoDispCPL"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
    "NoSetFolders"=dword:00000000
    "NoSetTaskbar"=dword:00000000
    "NoSaveSettings"=dword:00000000
    "NoRun"=dword:00000000
    "NoFind"=dword:00000000
    "NoMultiIE"=dword:00000000
    "LWA"=dword:00000000
    "LWB"=dword:00000000
    "LWC"=dword:00000000
    "LWD"=dword:00000000
    "LWE"=dword:00000000
    "LWF"=dword:00000000
    "LWG"=dword:00000000
    "LWH"=dword:00000000
    "LWI"=dword:00000000
    "LWJ"=dword:00000000
    "LWK"=dword:00000000
    "LWL"=dword:00000000
    "LWM"=dword:00000000
    "LWN"=dword:00000000
    "LWO"=dword:00000000
    "LWP"=dword:00000000
    "LWQ"=dword:00000000
    "LWR"=dword:00000000
    "LWS"=dword:00000000
    "LWT"=dword:00000000
    "LWU"=dword:00000000
    "LWV"=dword:00000000
    "LWW"=dword:00000000
    "LWX"=dword:00000000
    "LWY"=dword:00000000
    "LWZ"=dword:00000000

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
    "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

    [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
    LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
    NetworkService REG_MULTI_SZ DnsCache\0\0
    rpcss REG_MULTI_SZ RpcSs\0\0
    imgsvc REG_MULTI_SZ StiSvc\0\0
    termsvcs REG_MULTI_SZ TermService\0\0
    HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
    DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0




    ~ ~ ~ ~ ~ ~ ~ ~ Hijackthis Backups ~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~

    backup-20070308-220241-442
    O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
    backup-20070308-220241-628
    O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZNfox000
    backup-20070308-220241-943
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    backup-20070308-220241-860
    R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
    backup-20070308-220241-639
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    backup-20070308-081934-243
    O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
    backup-20070308-081934-588
    O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
    backup-20070308-081934-670
    R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)

    Contents of the 'Scheduled Tasks' folder
    C:\WINDOWS\tasks\Levyn eheytys.job
    C:\WINDOWS\tasks\Levyn uudelleenj„rjest„minen.job
    C:\WINDOWS\tasks\Tarkistetaan Windows Live -ty”kalurivin p„ivitykset.job


    ********************************************************************

    catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006
    http://www.gmer.net

    scanning hidden processes ...

    scanning hidden services ...

    scanning hidden autostart entries ...

    HKCU\Software\Microsoft\Windows\CurrentVersion\Run
    MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background?g?e
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
    MsnMsgr = "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background?g?e

    scanning hidden files ...

    scan completed successfully
    hidden processes: 0
    hidden services: 0
    hidden files: 0

    ********************************************************************

    Completion time: 07-03-08 22:08:35



    Logfile of HijackThis v1.99.1
    Scan saved at 22:14:36, on 8.3.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Elisa\Avustaja\Elisa.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Mozilla Thunderbird\thunderbird.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\WINDOWS\system32\wuauclt.exe
    C:\HJT\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Elisa Avustaja Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [WinSvr] C:\WINDOWS\system32\WinSvr.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [Elisa Avustaja] "C:\Program Files\Elisa\Avustaja\Elisa.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'itime.dll' missing
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://i.grab.com/media/6512bd/games/files/1115/popcaploader_v6.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
    O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

     
    Moderaattorin viimeksi muokkaama: 08.03.2007
    Satu74, 08.03.2007
    #3
  5. Auttaja

    Auttaja Guest

    Lataa Atribunen ATF Cleaner

    Ohjeet;

    Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.Main:n[/b] alla valitse: Select All
    Klikkaa Empty Selected valintaa. Jos käytät FireFoxia selaimenasiKlikkaa Firefox yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
    [/list]Jos käytät Operaa selaimenasiKlikkaa Opera yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa taas.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
    Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
    Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)

    ****************

    Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilastai]

    Ohje AVG Anti-Spyware 7.5:n käyttöön
    Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis työkalun toimintaa.

    Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

    Lataa AVG Anti-Spyware 7.5 http://www.ewido.net/en/download/
    ja tallenna ohjelma työpöydällesi.
    • Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
    • Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
    • Käynnistä AVG Anti-Spyware.
    • Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

    o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

    • Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
    • Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
    • Sitten "Reports" valikon alta:

    o Laita täppi kohtaan "Automatically generate report after every scan"
    o Ota täppi pois kohdasta"Only if threats were found"

    • Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
    • "Resident shield is", muuta tila active:sta inactive:ksi
    • Sulje ohjelma, ÄLÄ skannaa vielä.
    Käynnistä koneesi vikasietotilaan,

    sammuta ja käynnistä
    käynnistyksen yhteydessä naputtele F8
    valitse nuoli näppäimellä vikasietotila
    paina enter ja enter

    HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
    • Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
    • Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
    • Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

    Kun skannaus on valmis:
    TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
    • Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
    • Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
    [​IMG]
    • Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
    • Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
    • Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.

    ++++++++++++++++

    Javan päivitys ja välimuistin tyhjennys

    1. Klikkaa Käynnistä > Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
    2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
    Niissä pitäisi olla seuraava kuva vieressä: [​IMG]
    3. Valitse kaikki entiset Java versiosi ja valitse Poista.
    4. Asenna uusin Java päivitys seuraavasta linkistä..

    http://java.sun.com/javase/downloads/index.jsp

    Rullaa alas kohteeseen Java Runtime Environment (JRE) 6

    Paina Download

    Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna

    5. Käynnistä kone uudelleen asennuksen jälkeen:

    6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
    7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files nappia.

    (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
    Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liusäädintä isommalle).

    8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

    Applications and Applets

    Trace and Log Files

    Ok

    9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
    Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.
    10. Klikkaa OK jättääksesi Java asetusikkunasi.

    +++++++++++++++++++

    Aja CCleaner:

    Lataa tästä CCleaner v1.37.456 - Basic, jossa ei ole Yahoo! Toolbaria.

    Laita asetukset näin:
    Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.

    Aja puhdistaja > Tutki > Puhdista oikea alakulma
    Aja virheet > Etsi rekisterin virheitä > Korjaa rekisterin virheet.

    ++++++++++

    Laita näiden jälkeen uusin logi ja avg:n raportti :)
     
    Auttaja, 08.03.2007
    #4
  6. Satu74

    Satu74 Guest

    Muuten hyvä, mutta kone ei suostu käynnistymään vikasietotilassa. Raksuttaa vähän aikaa ja sitten ilmoittaa Windows ei käynnisty oikein jne.
     
    Satu74, 09.03.2007
    #5
  7. Auttaja

    Auttaja Guest

    Tee sitten normaalitilassa, ei hätää.
     
    Auttaja, 09.03.2007
    #6
  8. Satu74

    Satu74 Guest

    Tässä uusin HJT (sitäkö tarkoitit?)

    Logfile of HijackThis v1.99.1
    Scan saved at 9:51:06, on 9.3.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Ahead\InCD\InCDsrv.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\SPAMfighter\SFAgent.exe
    C:\Program Files\Elisa\Avustaja\Elisa.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Spamihilator\spamihilator.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\msiexec.exe
    C:\WINDOWS\system32\wscntfy.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\HJT\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O2 - BHO: Elisa Avustaja Plugin - {DB87CDE1-EF9C-44EB-A42F-6D0B3C72C516} - C:\Program Files\Elisa\Avustaja\IEFixItNowPlugin.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [WinSvr] C:\WINDOWS\system32\WinSvr.exe
    O4 - HKLM\..\Run: [SPAMfighter Agent] "C:\Program Files\SPAMfighter\SFAgent.exe" update delay 60
    O4 - HKLM\..\Run: [Elisa Avustaja] "C:\Program Files\Elisa\Avustaja\Elisa.exe"
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [Spamihilator] "C:\Program Files\Spamihilator\spamihilator.exe"
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?15f0f94c192b4facb4431d8f332f9b35
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
    O9 - Extra button: Matkaviestimen suosikkien luominen - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra 'Tools' menuitem: Matkaviestimen suosikkien luominen... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O10 - Broken Internet access because of LSP provider 'itime.dll' missing
    O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://i.grab.com/media/6512bd/games/files/1115/popcaploader_v6.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\Win32\RpcDataSrv.exe
    O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XI.SP1a\RpcSandraSrv.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe


    Ja AVG:n raportti näyttää tältä

    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 9:30:40 9.3.2007

    + Scan result:



    C:\System Volume Information\_restore{9824C909-26A9-4CCB-BD6C-25BEB48D485E}\RP543\A0051316.dll -> Adware.BHO : Cleaned with backup (quarantined).
    C:\Documents and Settings\Lampi1\DoctorWeb\Quarantine\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{9824C909-26A9-4CCB-BD6C-25BEB48D485E}\RP543\A0051198.dll -> Adware.Minibug : Cleaned with backup (quarantined).
    :mozilla.352:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.353:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.135:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.136:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.137:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.142:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.143:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.144:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.145:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.146:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.147:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.346:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.446:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.53:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.54:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.6:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.7:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.336:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Addcontrol : Cleaned.
    :mozilla.467:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.468:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.469:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.470:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.471:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
    :mozilla.472:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.473:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adserver : Cleaned.
    :mozilla.158:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.159:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.113:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.114:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.115:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.116:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.129:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.215:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
    :mozilla.60:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.61:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.62:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.63:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.64:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.65:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.66:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.453:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.454:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.455:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.456:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.393:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.12:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.154:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.155:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.160:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.161:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.162:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.163:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.164:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.73:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.74:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.75:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.34:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.43:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.295:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
    :mozilla.296:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned.
    :mozilla.241:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.243:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.266:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.299:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.333:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.408:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
    :mozilla.259:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Information : Cleaned.
    :mozilla.452:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.134:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.79:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.252:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.253:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.254:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.255:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.389:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.390:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.248:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.249:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.250:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
    :mozilla.257:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.258:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.394:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.395:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
    :mozilla.148:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.149:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.150:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.151:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.152:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.153:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.464:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.212:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.213:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
    :mozilla.373:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
    :mozilla.222:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.223:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.387:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.388:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.240:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned.
    :mozilla.201:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.202:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.203:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.21:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.22:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.23:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.24:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.25:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.26:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.33:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned.
    :mozilla.220:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.441:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.442:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.443:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.444:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.367:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.13:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.14:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.15:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.16:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.17:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.18:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.19:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.20:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.27:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.28:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.29:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.30:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.31:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.32:C:\Documents and Settings\Niko\Application Data\Mozilla\Firefox\Profiles\vb2o5icy.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


    ::Report end

     
    Satu74, 09.03.2007
    #7
  9. Satu74

    Satu74 Guest

    Pitäisikö tälle tehdä vielä jotain vai onko kone nyt puhdas?
     
    Satu74, 09.03.2007
    #8
  10. Hujo

    Hujo Guest

    scannaa hjt:llä merkkaa paina fix checked

    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://i.grab.com/media/6512bd/games/fil...aploader_v6.cab


    1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
    2. Valitse ominaisuudet
    3. Valitse järjestelmän palauttaminen välilehti
    4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
    5. Paina Käytä
    6. Paina ok
    7. Sammuta ja käynnistä
    8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
    9. Käytä ja OK
     
    Hujo, 09.03.2007
    #9
  11. Satu74

    Satu74 Guest

    Kiitos tuhannesti Auttajalle ja Hujolle *Tarjoaa virtuaalipullakahvit*.
     
    Satu74, 09.03.2007
    #10
  12. Auttaja

    Auttaja Guest

    Oleppa hyvä, hörppii kahvia :)
     
    Auttaja, 09.03.2007
    #11

Jaa tämä sivu