hjt loki tarkastettavaks

kone vähän hitaampi kuin aikaisemmin. malwarebytes anti-malware löysi kolme virusta mutta tuli joku ongelma ja se sulkeutu yhtäkkiä. tässä hjt loki

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:22:13, on 23.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\hp\kbd\kbd.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=71&bd=Pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=71&bd=Pavilion&pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-21-596094998-3356688659-1954296768-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Miksu')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll C:\Windows\system32\guard32.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 6479 bytes

EDIT:kirjoitus virhe

 

please help me!!

 

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

tässä tää combofix logi

ComboFix 08-08-25.01 - Miika 26.08.2008 17:42:12.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1035.18.375 [GMT 3:00]
Running from: C:\Users\Miksu\Desktop\ComboFix.exe
* Created a new restore point
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Windows\system32\info.txt

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-07-26 to 2008-08-26 )))))))))))))))))
.

2008-08-26 16:55 . 2008-08-26 16:55 <KANSIO> d-------- C:\Users\All Users\Yahoo! Companion
2008-08-26 16:55 . 2008-08-26 16:55 <KANSIO> d-------- C:\ProgramData\Yahoo! Companion
2008-08-26 16:48 . 2008-08-26 16:48 <KANSIO> d-------- C:\Program Files\Yahoo!
2008-08-26 16:48 . 2008-08-26 16:53 <KANSIO> d-------- C:\Program Files\CCleaner
2008-08-26 13:51 . 2008-08-26 13:51 <KANSIO> d-------- C:\Program Files\GALA-NET
2008-08-23 22:21 . 2008-08-23 22:21 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-08-23 10:10 . 2008-08-23 10:10 23,600 --a------ C:\Windows\System32\drivers\TVICHW32.SYS
2008-08-21 12:34 . 2008-08-21 12:34 <KANSIO> d-------- C:\Program Files\Lavalys
2008-08-19 14:55 . 2008-08-19 14:55 <KANSIO> d-------- C:\Users\All Users\ATI
2008-08-19 14:55 . 2008-08-19 14:55 <KANSIO> d-------- C:\ProgramData\ATI
2008-08-19 14:51 . 2008-08-22 14:59 <KANSIO> d-------- C:\Program Files\ATI
2008-08-19 13:59 . 2004-09-28 11:13 526,184 --a------ C:\Windows\System32\XceedCry.dll
2008-08-19 13:59 . 2005-01-12 11:19 456,536 --a------ C:\Windows\System32\XCEEDZIP.DLL
2008-08-19 13:59 . 2004-03-09 00:00 224,016 --a------ C:\Windows\System32\Tabctl32.ocx
2008-08-19 13:59 . 2004-03-09 00:00 152,848 --a------ C:\Windows\System32\Comdlg32.ocx
2008-08-19 13:59 . 2004-03-09 00:00 132,880 --a------ C:\Windows\System32\Msinet.ocx
2008-08-19 13:59 . 2004-08-11 15:55 110,602 --a------ C:\Windows\System32\xcdsfx32.bin
2008-08-17 21:23 . 2008-08-17 21:23 143,104 --a------ C:\Windows\System32\guard32.dll
2008-08-17 21:23 . 2008-08-17 21:23 85,008 --a------ C:\Windows\System32\drivers\cmdguard.sys
2008-08-17 21:23 . 2008-08-17 21:23 25,104 --a------ C:\Windows\System32\drivers\cmdhlp.sys
2008-08-17 11:04 . 2008-08-26 14:06 <KANSIO> d-------- C:\Windows\System32\drivers\Avg
2008-08-17 11:04 . 2008-08-17 11:04 96,520 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-08-17 11:04 . 2008-08-17 11:04 69,128 --a------ C:\Windows\System32\drivers\avgwfpx.sys
2008-08-17 11:04 . 2008-08-17 11:04 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-08-17 11:00 . 2008-08-17 11:04 <KANSIO> d-------- C:\Users\All Users\Avg8
2008-08-17 11:00 . 2008-08-17 11:04 <KANSIO> d-------- C:\ProgramData\Avg8
2008-08-16 13:14 . 2008-07-16 04:32 2,048 --a------ C:\Windows\System32\tzres.dll
2008-08-16 13:10 . 2008-06-27 04:55 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-08-16 13:10 . 2008-06-27 07:15 827,392 --a------ C:\Windows\System32\wininet.dll
2008-08-16 13:10 . 2008-04-10 08:12 738,304 --a------ C:\Windows\System32\inetcomm.dll
2008-08-16 13:10 . 2008-06-19 06:31 361,984 --a------ C:\Windows\System32\IPSECSVC.DLL
2008-08-16 13:10 . 2008-04-18 08:48 269,312 --a------ C:\Windows\System32\es.dll
2008-08-16 13:02 . 2008-08-16 13:02 0 --a------ C:\Windows\ativpsrm.bin
2008-08-16 12:37 . 2008-08-16 12:37 <KANSIO> d-------- C:\Users\All Users\PC Drivers HeadQuarters
2008-08-16 12:37 . 2008-08-16 12:37 <KANSIO> d-------- C:\ProgramData\PC Drivers HeadQuarters
2008-08-15 21:08 . 2008-08-15 21:19 <KANSIO> d-------- C:\Windows\.mpr_file_store_32
2008-08-15 20:41 . 2008-08-19 14:57 24 --a------ C:\Users\Miksu\jagex_runescape_preferences.dat
2008-08-15 20:40 . 2008-08-15 20:40 <KANSIO> d-------- C:\.jagex_cache_32
2008-08-14 13:38 . 2008-08-14 13:38 <KANSIO> d-------- C:\Program Files\Alcohol Soft
2008-08-14 13:22 . 2008-08-14 13:22 716,272 --a------ C:\Windows\System32\drivers\sptd.sys
2008-08-13 12:54 . 2008-08-13 12:54 <KANSIO> d-------- C:\Users\Miksu\AppData\Roaming\ZoomBrowser EX
2008-08-13 12:50 . 2008-08-13 12:50 <KANSIO> d-------- C:\Users\All Users\ZoomBrowser
2008-08-13 12:50 . 2008-08-13 12:50 <KANSIO> d-------- C:\ProgramData\ZoomBrowser
2008-08-13 12:48 . 2008-08-13 12:51 <KANSIO> d-------- C:\Program Files\Canon
2008-08-13 12:41 . 2008-08-13 12:41 <KANSIO> d-------- C:\Users\All Users\CanonCP
2008-08-13 12:41 . 2008-08-13 12:41 <KANSIO> d-------- C:\ProgramData\CanonCP
2008-08-13 12:39 . 2008-08-13 12:39 <KANSIO> d-------- C:\Program Files\Common Files\Canon
2008-08-12 11:26 . 2008-08-12 11:26 <KANSIO> d-------- C:\Users\All Users\Adobe
2008-08-12 11:26 . 2008-08-12 11:26 <KANSIO> d-------- C:\Program Files\Common Files\Adobe
2008-08-09 13:26 . 2008-08-09 13:26 <KANSIO> d-------- C:\Program Files\Common Files\Steam
2008-08-09 10:39 . 2008-08-09 10:39 <KANSIO> d-------- C:\Users\Miika\AppData\Roaming\uTorrent
2008-08-08 16:00 . 2008-08-08 16:00 <KANSIO> d-------- C:\Users\All Users\ifolor
2008-08-08 16:00 . 2008-08-08 16:00 <KANSIO> d-------- C:\ProgramData\ifolor
2008-08-08 16:00 . 2008-08-08 16:00 <KANSIO> d-------- C:\Program Files\ifolor
2008-08-08 15:11 . 2008-08-08 15:11 <KANSIO> d-------- C:\Users\Miksu\AppData\Roaming\Malwarebytes
2008-08-08 15:08 . 2008-08-08 15:08 <KANSIO> d-------- C:\Users\Miika\AppData\Roaming\Malwarebytes
2008-08-08 15:07 . 2008-08-08 15:07 <KANSIO> d-------- C:\Users\All Users\Malwarebytes
2008-08-08 15:07 . 2008-08-08 15:07 <KANSIO> d-------- C:\ProgramData\Malwarebytes
2008-08-08 15:07 . 2008-08-23 21:11 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-08 15:07 . 2008-08-17 15:01 38,472 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-08-08 15:07 . 2008-08-17 15:01 17,144 --a------ C:\Windows\System32\drivers\mbam.sys
2008-08-05 01:25 . 2008-08-05 01:25 54,156 --ah----- C:\Windows\QTFont.qfn
2008-08-05 01:25 . 2008-08-05 01:25 1,409 --a------ C:\Windows\QTFont.for
2008-08-04 22:44 . 2008-08-04 22:44 <KANSIO> d-------- C:\Program Files\uTorrent
2008-08-03 19:40 . 2008-08-03 19:40 <KANSIO> d-------- C:\Program Files\Common Files\Apple
2008-08-02 14:02 . 2008-08-02 14:02 <KANSIO> d-------- C:\Users\Miksu\AppData\Roaming\Comodo
2008-08-02 13:55 . 2008-08-17 21:23 <KANSIO> d-------- C:\Users\Miika\AppData\Roaming\Comodo
2008-08-02 13:55 . 2008-08-18 09:43 <KANSIO> d-------- C:\Users\All Users\comodo
2008-08-02 13:55 . 2008-08-18 09:43 <KANSIO> d-------- C:\ProgramData\comodo
2008-08-02 13:55 . 2008-08-17 21:23 <KANSIO> d-------- C:\Program Files\COMODO
2008-08-02 11:34 . 2008-08-02 11:34 <KANSIO> d-------- C:\Users\All Users\MailFrontier
2008-08-02 11:34 . 2008-08-02 11:34 <KANSIO> d-------- C:\ProgramData\MailFrontier
2008-08-02 11:34 . 2008-08-02 11:34 4,212 ---h----- C:\Windows\System32\zllictbl.dat
2008-08-02 11:33 . 2008-08-02 11:41 <KANSIO> d-------- C:\Windows\System32\ZoneLabs
2008-08-02 11:31 . 2008-08-02 11:41 <KANSIO> d-------- C:\Windows\Internet Logs
2008-07-31 00:06 . 2008-08-16 13:37 24 --a------ C:\Users\Miika\jagex_runescape_preferences.dat

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-26 10:51 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-08-23 19:00 --------- d-----w C:\Program Files\RevConnect
2008-08-23 06:35 --------- d-----w C:\Users\Miika\AppData\Roaming\ATI
2008-08-22 15:21 103,736 ----a-w C:\Windows\System32\PnkBstrB.exe
2008-08-19 11:52 --------- d-----w C:\Program Files\ATI Technologies
2008-08-16 10:12 --------- d-----w C:\Program Files\Windows Mail
2008-08-14 10:33 --------- d-----w C:\ProgramData\Roxio
2008-08-12 08:49 5,100 ----a-w C:\Users\Miksu\AppData\Roaming\wklnhst.dat
2008-08-08 12:06 --------- d-----w C:\Users\Miksu\AppData\Roaming\uTorrent
2008-08-05 11:02 --------- d-----w C:\Program Files\a-squared Free
2008-07-30 21:04 --------- d-----w C:\Program Files\Java
2008-07-24 07:41 22,328 ----a-w C:\Windows\system32\drivers\PnkBstrK.sys
2008-07-15 11:26 --------- d-----w C:\Users\Miika\AppData\Roaming\ImTOO Software Studio
2008-07-13 20:31 0 ---ha-w C:\Windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2008-07-13 00:01 --------- d-----w C:\Users\Miika\AppData\Roaming\iolo
2008-07-13 00:01 --------- d-----w C:\ProgramData\iolo
2008-07-13 00:01 --------- d-----w C:\ProgramData\Crucial
2008-07-13 00:01 --------- d-----w C:\Program Files\Crucial
2008-07-12 07:15 --------- d-----w C:\ProgramData\TEMP
2008-07-11 12:25 174 --sha-w C:\Program Files\desktop.ini
2008-07-11 12:16 --------- d-----w C:\Program Files\Windows Sidebar
2008-07-11 12:16 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-07-11 12:16 --------- d-----w C:\Program Files\Windows Defender
2008-07-11 12:16 --------- d-----w C:\Program Files\Windows Calendar
2008-07-11 11:51 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-07-11 11:51 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-07-04 06:35 3,847,168 ----a-w C:\Windows\system32\drivers\atikmdag.sys
2008-07-04 03:37 421,888 ----a-w C:\Windows\System32\ATIDEMGX.dll
2008-07-04 03:37 331,776 ----a-w C:\Windows\System32\atipdlxx.dll
2008-07-04 03:37 266,240 ----a-w C:\Windows\System32\Oemdspif.dll
2008-07-04 03:37 159,744 ----a-w C:\Windows\System32\atitmmxx.dll
2008-07-04 03:36 43,520 ----a-w C:\Windows\System32\ati2edxx.dll
2008-07-04 03:36 270,336 ----a-w C:\Windows\System32\Ati2evxx.dll
2008-07-04 03:35 692,224 ----a-w C:\Windows\System32\Ati2evxx.exe
2008-07-04 03:21 3,691,008 ----a-w C:\Windows\System32\atiumdag.dll
2008-07-04 03:03 4,427,264 ----a-w C:\Windows\System32\atiumdva.dll
2008-07-04 02:52 9,306,112 ----a-w C:\Windows\System32\atioglxx.dll
2008-07-04 02:50 50,688 ----a-w C:\Windows\System32\amdpcom32.dll
2008-07-04 02:50 42,496 ----a-w C:\Windows\System32\atiadlxx.dll
2008-07-04 02:33 53,248 ----a-w C:\Windows\system32\drivers\ati2erec.dll
2008-06-29 14:55 --------- d-----w C:\ProgramData\Apple Computer
2008-06-29 14:53 --------- d-----w C:\ProgramData\Symantec
2008-06-29 14:53 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-06-29 14:52 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-06-26 03:29 801,280 ----a-w C:\Windows\System32\NaturalLanguage6.dll
2008-06-26 01:45 2,644,480 ----a-w C:\Windows\System32\NlsLexicons0009.dll
2008-06-26 01:45 12,240,896 ----a-w C:\Windows\System32\NlsLexicons0007.dll
2008-05-27 05:21 1,582,592 ----a-w C:\Windows\System32\tquery.dll
2008-05-27 05:21 1,418,240 ----a-w C:\Windows\System32\mssrch.dll
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\SearchFilterHost.exe
2008-05-27 05:17 87,552 ----a-w C:\Windows\System32\mssitlb.dll
2008-05-27 05:17 754,176 ----a-w C:\Windows\System32\propsys.dll
2008-05-27 05:17 60,416 ----a-w C:\Windows\System32\msscntrs.dll
2008-05-27 05:17 6,103,040 ----a-w C:\Windows\System32\chtbrkr.dll
2008-05-27 05:17 34,816 ----a-w C:\Windows\System32\msscb.dll
2008-05-27 05:17 32,768 ----a-w C:\Windows\System32\mssprxy.dll
2008-05-27 05:17 313,344 ----a-w C:\Windows\System32\thawbrkr.dll
2008-05-27 05:17 301,568 ----a-w C:\Windows\System32\srchadmin.dll
2008-05-27 05:17 194,560 ----a-w C:\Windows\System32\offfilt.dll
2008-05-27 05:17 143,872 ----a-w C:\Windows\System32\korwbrkr.dll
2008-05-27 05:17 11,776 ----a-w C:\Windows\System32\msshooks.dll
2008-05-27 05:17 1,671,680 ----a-w C:\Windows\System32\chsbrkr.dll
2008-05-27 04:59 18,904 ----a-w C:\Windows\System32\StructuredQuerySchemaTrivial.bin
2008-05-27 04:59 106,605 ----a-w C:\Windows\System32\StructuredQuerySchema.bin
2007-12-24 17:33 22,328 ----a-w C:\Users\Miika\AppData\Roaming\PnkBstrK.sys
2007-11-14 13:42 0 ----a-w C:\Users\Miika\AppData\Roaming\wklnhst.dat
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-19 10:33 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 10:33 125952]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 10:33 202240]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" [2005-08-11 15:30 249856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 16:42 65536]
"KBD"="C:\HP\KBD\KbdStub.EXE" [2006-12-08 18:16 65536]
"WPCUMI"="C:\Windows\system32\WpcUmi.exe" [2006-11-02 15:35 176128]
"OrderReminder"="C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe" [2005-03-18 14:18 98304]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-08-17 11:04 1232152]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [2008-08-17 21:23 1655552]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 12:17 61440]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 15:30 81920]
"RtHDVCpl"="RtHDVCpl.exe" [2006-11-09 13:57 3784704 C:\Windows\RtHDVCpl.exe]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [2008-04-23 03:38:16 29696]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"LogonHoursAction"= 2 (0x2)
"DontDisplayLogonHoursWarnings"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=avgrsstx.dll C:\Windows\system32\guard32.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.avis"= ff_acm.acm
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2007-10-19 21:16 286720 C:\Program Files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
--a------ 2006-07-14 00:41 20034600 C:\Program Files\Skype\Phone\Skype.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
--a------ 2008-06-10 04:27 144784 C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
--a------ 2007-10-10 08:28 36352 C:\Program Files\Winamp\winampa.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{099A0453-BA35-417B-AAE1-65DA31DC382D}"= UDP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{AA170C67-C19D-4CF1-883F-092E5EDBA3B8}"= TCP:C:\Program Files\Skype\Phone\Skype.exe:Skype
"{BA67CD49-FD5F-42BC-909E-90688E2BD3CF}"= UDP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{DC1AF8F6-2F47-4A8B-AFE5-4EDFAEC8F047}"= TCP:C:\Windows\System32\PnkBstrA.exenkBstrA
"{1D71414A-C5E9-482C-B270-CFAC76E83417}"= UDP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{F63C8690-9F62-4927-AAAD-4D06EAA50EA4}"= TCP:C:\Windows\System32\PnkBstrB.exenkBstrB
"{69FC746F-0F09-4BCC-92E4-47D7E260899A}"= UDP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{9A0A79A9-BC57-47C9-AD28-F94CB044C987}"= TCP:C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:Call of Duty(R) 4 - Modern Warfare(TM)
"{98D06207-EFF2-4D0F-9A7F-DAF57290BC81}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"TCP Query User{45ED9340-47FA-44BA-BDE3-CE2B837736BF}C:\\kaikkee\\ohjelmia\\bitlord\\bitlord.exe"= UDP:C:\kaikkee\ohjelmia\bitlord\bitlord.exe:BitLord
"UDP Query User{FD74B184-A060-49AB-9A13-BBC4A2A20BBD}C:\\kaikkee\\ohjelmia\\bitlord\\bitlord.exe"= TCP:C:\kaikkee\ohjelmia\bitlord\bitlord.exe:BitLord
"TCP Query User{24E5CCA8-1F38-4E28-83B6-F8A49B339D99}C:\\program files\\revconnect\\dcplusplus.exe"= UDP:C:\program files\revconnect\dcplusplus.exeC++
"UDP Query User{933DAF7A-3C74-4E7B-9F50-50EA90F4519F}C:\\program files\\revconnect\\dcplusplus.exe"= TCP:C:\program files\revconnect\dcplusplus.exeC++
"TCP Query User{10D49528-0535-4C1D-A411-503D66C202C6}C:\\program files\\utorrent\\utorrent.exe"= UDP:C:\program files\utorrent\utorrent.exe:uTorrent
"UDP Query User{9A90C261-0226-4EDA-BE5F-F4423F576823}C:\\program files\\utorrent\\utorrent.exe"= TCP:C:\program files\utorrent\utorrent.exe:uTorrent
"{C063C2FB-4A49-4D7C-A1C9-585E8E564D6C}"= C:\Program Files\AVG\AVG8\avgemc.exe:avgemc.exe
"{6F897679-AF8D-4069-A88E-91830C25A242}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe

R1 AvgLdx86;AVG Free AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-08-17 11:04]
R1 cmdGuard;COMODO Firewall Pro Sandbox Driver;C:\Windows\system32\DRIVERS\cmdguard.sys [2008-08-17 21:23]
R1 cmdHlp;COMODO Firewall Pro Helper Driver;C:\Windows\system32\DRIVERS\cmdhlp.sys [2008-08-17 21:23]
R2 avg8emc;AVG Free8 E-mail Scanner;C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-17 11:04]
R2 avg8wd;AVG Free8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-17 11:04]
R3 atikmdag;atikmdag;C:\Windows\system32\DRIVERS\atikmdag.sys [2008-07-04 09:35]
R3 AvgWfpX;AVG Free8 Firewall Driver x86;C:\Windows\system32\Drivers\avgwfpx.sys [2008-08-17 11:04]
R3 Ph3xIB32;Philips 713x Inbox PCI TV Card;C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2006-11-06 11:14]
S3 3xHybrid;ASUSTek SAA713x PCI Card;C:\Windows\system32\DRIVERS\3xHybrid.sys [2006-09-19 19:57]
S3 P1130VID;Creative WebCam NX Pro;C:\Windows\system32\DRIVERS\P1130Vid.sys [2004-05-04 06:48]
S3 Steam Client Service;Steam Client Service;C:\Program Files\Common Files\Steam\SteamService.exe [2008-08-09 13:25]

*Newly Created Service* - CATCHME
*Newly Created Service* - EAGLENT
*Newly Created Service* - PROCEXP90
.
- - - - ORPHANS REMOVED - - - -

MSConfigStartUp-iTunesHelper - C:\Program Files\iTunes\iTunesHelper.exe


.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\Miika\AppData\Roaming\Mozilla\Firefox\Profiles\g8i6md16.default\
FireFox -: prefs.js - STARTUP.HOMEPAGE - www.google.fi
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-26 17:46:04
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\system32\winlogon.exe
-> C:\Windows\system32\guard32.dll

PROCESS: C:\Windows\system32\lsass.exe
-> C:\Windows\system32\guard32.dll
.
Completion time: 2008-08-26 17:47:09
ComboFix-quarantined-files.txt 2008-08-26 14:47:04

Pre-Run: 206,111,428,608 tavua vapaana
Post-Run: 206,079,266,816 tavua vapaana

270 --- E O F --- 2008-08-22 11:42:29

 

Jos koneella on Malwarebytes' Anti-Malware ennestään suorita ensin päivitys aja sen jälkeen

 

tässä malwarebytes antimalware loki

Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1088
Windows 6.0.6001 Service Pack 1

22:19:54 26.8.2008
mbam-log-08-26-2008 (22-19-54).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 119504
Kulunut aika: 48 minute(s), 17 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)


tässä uusi hijackthis loki

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:21:59, on 26.8.2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\wpcumi.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\hp\kbd\kbd.exe
C:\Windows\system32\CF15466.exe
C:\Windows\system32\conime.exe
C:\Windows\Explorer.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=FI_FI&c=71&bd=Pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [WPCUMI] C:\Windows\system32\WpcUmi.exe
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'Paikallinen palvelu')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'Verkkopalvelu')
O4 - HKUS\S-1-5-21-596094998-3356688659-1954296768-1001\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User 'Miksu')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~1.0_0\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll C:\Windows\system32\guard32.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - Unknown owner - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 6947 bytes

 

mites kone toimii

==========

Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaner.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

 

kone toimii ihan hyvin. ccleaner on ollut käytössä jo pidemmän aikaa ja sitä on tullut ajeltua useamman kerran.

 

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

 

OTmoveit ajettu. olisiko vielä jotain mitä olisi syytä tehdä??

 

ootellaan uusia viruksia

 

juu..no kiitos avusta