Kone oudon jumissa ja vikana varmaan tuo välkkyvä

-kemisti- · 17.11.2006

@hujo (vai sanonko palli : Olis varmaan hyvä poistaa vundon dll:t?

2006-11-16 02:22 692,276 --a------ C:\WINDOWS\system32\ssqrp.dll
2006-11-16 02:18 692,276 --a------ C:\WINDOWS\system32\gebca.dll
2006-11-16 02:17 692,276 --a------ C:\WINDOWS\system32\awvvt.dll
2006-11-16 02:13 692,276 --a------ C:\WINDOWS\system32\jkhhf.dll
2006-11-16 02:12 692,276 --a------ C:\WINDOWS\system32\ssttr.dll
2006-11-16 02:08 692,276 --a------ C:\WINDOWS\system32\vtutr.dll
2006-11-16 02:06 692,276 --a------ C:\WINDOWS\system32\pmkjh.dll
2006-11-16 02:03 692,276 --a------ C:\WINDOWS\system32\awtsq.dll
2006-11-16 02:01 692,276 --a------ C:\WINDOWS\system32\jkkjh.dll
2006-11-16 01:58 692,276 --a------ C:\WINDOWS\system32\ddcca.dll
2006-11-16 01:56 692,276 --a------ C:\WINDOWS\system32\awvtr.dll
2006-11-16 01:53 692,276 --a------ C:\WINDOWS\system32\mljjh.dll
2006-11-16 01:51 692,276 --a------ C:\WINDOWS\system32\jkhfd.dll
2006-11-16 01:47 692,276 --a------ C:\WINDOWS\system32\ssqpn.dll
2006-11-16 01:46 692,276 --a------ C:\WINDOWS\system32\sstqo.dll
2006-11-16 01:42 692,276 --a------ C:\WINDOWS\system32\jkkli.dll
2006-11-16 01:41 692,276 --a------ C:\WINDOWS\system32\ddabx.dll
2006-11-16 01:37 692,276 --a------ C:\WINDOWS\system32\vtstq.dll
2006-11-16 01:36 692,276 --a------ C:\WINDOWS\system32\gebcy.dll
2006-11-16 01:32 692,276 --a------ C:\WINDOWS\system32\pmnnk.dll
2006-11-16 01:31 692,276 --a------ C:\WINDOWS\system32\awvtq.dll
2006-11-16 01:27 692,276 --a------ C:\WINDOWS\system32\jkhfc.dll
2006-11-16 01:25 692,276 --a------ C:\WINDOWS\system32\awvvs.dll
2006-11-16 01:22 692,276 --a------ C:\WINDOWS\system32\mljgd.dll
2006-11-16 01:20 692,276 --a------ C:\WINDOWS\system32\jkhhe.dll
2006-11-16 01:17 692,276 --a------ C:\WINDOWS\system32\ssttu.dll
2006-11-16 01:15 692,276 --a------ C:\WINDOWS\system32\vtutu.dll
2006-11-16 01:12 692,276 --a------ C:\WINDOWS\system32\geede.dll
2006-11-16 01:10 692,276 --a------ C:\WINDOWS\system32\pmkjk.dll
2006-11-16 01:07 692,276 --a------ C:\WINDOWS\system32\awtst.dll
2006-11-16 01:05 692,276 --a------ C:\WINDOWS\system32\jkkjk.dll
2006-11-16 01:02 692,276 --a------ C:\WINDOWS\system32\vtsqr.dll
2006-11-16 01:00 692,276 --a------ C:\WINDOWS\system32\jkklj.dll
2006-11-16 00:57 692,276 --a------ C:\WINDOWS\system32\pmkjg.dll
2006-11-16 00:55 692,276 --a------ C:\WINDOWS\system32\sstqn.dll
2006-11-16 00:51 692,276 --a------ C:\WINDOWS\system32\vturo.dll
2006-11-16 00:49 692,276 --a------ C:\WINDOWS\system32\geebx.dll
2006-11-16 00:46 692,276 --a------ C:\WINDOWS\system32\awvvw.dll
2006-11-16 00:44 692,276 --a------ C:\WINDOWS\system32\gebya.dll
2006-11-16 00:41 692,276 --a------ C:\WINDOWS\system32\ssqpq.dll
2006-11-16 00:39 692,276 --a------ C:\WINDOWS\system32\awvtu.dll
2006-11-16 00:36 692,276 --a------ C:\WINDOWS\system32\mljgh.dll
2006-11-16 00:34 692,276 --a------ C:\WINDOWS\system32\vtstt.dll
2006-11-16 00:31 692,276 --a------ C:\WINDOWS\system32\jkhfg.dll
2006-11-16 00:29 692,276 --a------ C:\WINDOWS\system32\pmnnn.dll
2006-11-16 00:26 692,276 --a------ C:\WINDOWS\system32\ssttq.dll
2006-11-16 00:24 692,276 --a------ C:\WINDOWS\system32\pmkhe.dll
2006-11-16 00:21 692,276 --a------ C:\WINDOWS\system32\awtsp.dll
2006-11-16 00:19 692,276 --a------ C:\WINDOWS\system32\vturs.dll
2006-11-16 00:16 692,276 --a------ C:\WINDOWS\system32\awvvv.dll
2006-11-16 00:14 692,276 --a------ C:\WINDOWS\system32\vtutq.dll
2006-11-16 00:11 692,276 --a------ C:\WINDOWS\system32\ddccc.dll
2006-11-16 00:09 692,276 --a------ C:\WINDOWS\system32\geedd.dll
2006-11-16 00:06 692,276 --a------ C:\WINDOWS\system32\pmkjj.dll
2006-11-16 00:03 692,276 --a------ C:\WINDOWS\system32\jkkjj.dll
2006-11-16 00:01 692,276 --a------ C:\WINDOWS\system32\ssqpp.dll
2006-11-15 23:58 692,276 --a------ C:\WINDOWS\system32\vtsqq.dll
2006-11-15 23:55 692,276 --a------ C:\WINDOWS\system32\gebyy.dll
2006-11-15 23:53 692,276 --a------ C:\WINDOWS\system32\jkhff.dll
2006-11-15 23:50 692,276 --a------ C:\WINDOWS\system32\vtutt.dll
2006-11-15 23:48 692,276 --a------ C:\WINDOWS\system32\pmnll.dll
2006-11-15 23:45 692,276 --a------ C:\WINDOWS\system32\geebc.dll
2006-11-15 23:43 692,276 --a------ C:\WINDOWS\system32\ddabb.dll
2006-11-15 23:40 692,276 --a------ C:\WINDOWS\system32\ddcyy.dll
2006-11-15 23:38 692,276 --a------ C:\WINDOWS\system32\vturr.dll
2006-11-15 23:35 692,276 --a------ C:\WINDOWS\system32\mljgf.dll
2006-11-15 23:33 692,276 --a------ C:\WINDOWS\system32\geeba.dll
2006-11-15 23:30 692,276 --a------ C:\WINDOWS\system32\sstqp.dll
2006-11-15 23:28 692,276 --a------ C:\WINDOWS\system32\ddcyw.dll
2006-11-15 23:25 692,276 --a------ C:\WINDOWS\system32\vturp.dll
2006-11-15 23:23 692,276 --a------ C:\WINDOWS\system32\mllmn.dll
2006-11-15 23:20 692,276 --a------ C:\WINDOWS\system32\geeda.dll
2006-11-15 23:18 692,276 --a------ C:\WINDOWS\system32\ddccd.dll
2006-11-15 23:15 692,276 --a------ C:\WINDOWS\system32\gebyv.dll
2006-11-15 23:12 692,276 --a------ C:\WINDOWS\system32\ddaba.dll
2006-11-15 23:09 692,276 --a------ C:\WINDOWS\system32\ssqrr.dll
2006-11-15 23:07 692,276 --a------ C:\WINDOWS\system32\vtsts.dll
2006-11-15 23:04 692,276 --a------ C:\WINDOWS\system32\gebyx.dll
2006-11-15 23:02 692,276 --a------ C:\WINDOWS\system32\jkhhi.dll
2006-11-15 22:59 692,276 --a------ C:\WINDOWS\system32\sstqq.dll
2006-11-15 22:57 692,276 --a------ C:\WINDOWS\system32\awtqp.dll
2006-11-15 22:54 692,276 --a------ C:\WINDOWS\system32\gebcb.dll
2006-11-15 22:52 692,276 --a------ C:\WINDOWS\system32\pmkji.dll
2006-11-15 22:49 692,276 --a------ C:\WINDOWS\system32\mljjj.dll
2006-11-15 22:47 692,276 --a------ C:\WINDOWS\system32\jkhhh.dll
2006-11-15 22:44 692,276 --a------ C:\WINDOWS\system32\jkklm.dll
2006-11-15 22:42 692,276 --a------ C:\WINDOWS\system32\pmnli.dll
2006-11-15 22:39 692,276 --a------ C:\WINDOWS\system32\ddayw.dll
2006-11-15 22:37 692,276 --a------ C:\WINDOWS\system32\awtsr.dll
2006-11-15 22:34 692,276 --a------ C:\WINDOWS\system32\jkhfe.dll
2006-11-15 22:32 692,276 --a------ C:\WINDOWS\system32\ddayy.dll
2006-11-15 22:29 692,276 --a------ C:\WINDOWS\system32\gebcc.dll
2006-11-15 22:27 692,276 --a------ C:\WINDOWS\system32\ssqrs.dll
2006-11-15 22:24 692,276 --a------ C:\WINDOWS\system32\mljjk.dll
2006-11-15 22:22 692,276 --a------ C:\WINDOWS\system32\jkkjg.dll
2006-11-15 22:19 692,276 --a------ C:\WINDOWS\system32\geeby.dll
2006-11-15 22:17 692,276 --a------ C:\WINDOWS\system32\sstqr.dll
2006-11-15 22:14 692,276 --a------ C:\WINDOWS\system32\sstts.dll
2006-11-15 22:12 692,276 --a------ C:\WINDOWS\system32\gebyw.dll
2006-11-15 22:09 692,276 --a------ C:\WINDOWS\system32\ddccb.dll
2006-11-15 22:06 692,276 --a------ C:\WINDOWS\system32\mlljh.dll
2006-11-15 22:01 692,276 --a------ C:\WINDOWS\system32\awvts.dll
2006-11-15 21:58 692,276 --a------ C:\WINDOWS\system32\mljge.dll
2006-11-15 21:56 692,276 --a------ C:\WINDOWS\system32\mljji.dll
2006-11-15 21:53 692,276 --a------ C:\WINDOWS\system32\ssqpm.dll
2006-11-15 21:51 692,276 --a------ C:\WINDOWS\system32\pmnnm.dll
2006-11-15 21:48 692,276 --a------ C:\WINDOWS\system32\mllmm.dll
2006-11-15 21:46 692,276 --a------ C:\WINDOWS\system32\ddayv.dll
2006-11-15 21:43 692,276 --a------ C:\WINDOWS\system32\ddcya.dll
2006-11-15 21:41 692,276 --a------ C:\WINDOWS\system32\pmnlj.dll
2006-11-15 21:38 692,276 --a------ C:\WINDOWS\system32\awtqq.dll
2006-11-15 21:36 692,276 --a------ C:\WINDOWS\system32\pmkhf.dll
2006-11-15 21:33 692,276 --a------ C:\WINDOWS\system32\mljgg.dll
2006-11-15 21:31 692,276 --a------ C:\WINDOWS\system32\mllml.dll
2006-11-15 21:28 692,276 --a------ C:\WINDOWS\system32\pmkhi.dll
2006-11-15 21:26 692,276 --a------ C:\WINDOWS\system32\awvvu.dll
2006-11-15 20:00 692,276 --a------ C:\WINDOWS\system32\pmkhg.dll
2006-11-15 19:10 588 --a------ C:\WINDOWS\system32\ddaya.dll
2006-11-15 19:05 588 --a------ C:\WINDOWS\system32\vtuts.dll
2006-11-15 18:59 588 --a------ C:\WINDOWS\system32\awtqr.dll
2006-11-15 18:54 588 --a------ C:\WINDOWS\system32\mlljg.dll
2006-11-15 18:25 588 --a------ C:\WINDOWS\system32\vturq.dll
2006-11-15 18:19 588 --a------ C:\WINDOWS\system32\mlljj.dll
2006-11-15 18:14 588 --a------ C:\WINDOWS\system32\mlljk.dll
2006-11-15 18:09 588 --a------ C:\WINDOWS\system32\ddccy.dll
2006-11-15 18:03 588 --a------ C:\WINDOWS\system32\awtqo.dll
2006-11-15 17:58 588 --a------ C:\WINDOWS\system32\vtsqp.dll
2006-11-15 17:52 588 --a------ C:\WINDOWS\system32\ssttt.dll
2006-11-15 17:47 588 --a------ C:\WINDOWS\system32\awtqn.dll
2006-11-15 17:41 588 --a------ C:\WINDOWS\system32\vtsqo.dll
2006-11-15 17:36 588 --a------ C:\WINDOWS\system32\jkhhg.dll
2006-11-15 17:30 588 --a------ C:\WINDOWS\system32\pmkhh.dll
2006-11-15 17:25 588 --a------ C:\WINDOWS\system32\pmnlm.dll
2006-11-15 17:19 588 --a------ C:\WINDOWS\system32\mljjg.dll
2006-11-15 17:14 588 --a------ C:\WINDOWS\system32\ddaby.dll
2006-11-15 17:08 588 --a------ C:\WINDOWS\system32\jkklk.dll
2006-11-15 17:03 588 --a------ C:\WINDOWS\system32\ddcyx.dll
2006-11-15 16:57 588 --a------ C:\WINDOWS\system32\vtstr.dll
2006-11-15 16:52 588 --a------ C:\WINDOWS\system32\geedc.dll
2006-11-15 16:46 588 --a------ C:\WINDOWS\system32\jkkll.dll
2006-11-15 16:41 588 --a------ C:\WINDOWS\system32\mllji.dll
2006-11-15 16:35 588 --a------ C:\WINDOWS\system32\awvtt.dll
2006-11-15 16:30 588 --a------ C:\WINDOWS\system32\geebb.dll
2006-11-15 16:24 588 --a------ C:\WINDOWS\system32\jkkji.dll
2006-11-15 16:19 588 --a------ C:\WINDOWS\system32\ssqro.dll
2006-11-15 16:13 588 --a------ C:\WINDOWS\system32\vtsqn.dll
2006-11-15 16:07 588 --a------ C:\WINDOWS\system32\vtstu.dll
2006-11-15 16:02 588 --a------ C:\WINDOWS\system32\awtss.dll
2006-11-15 15:56 588 --a------ C:\WINDOWS\system32\gebcd.dll
2006-11-15 15:51 588 --a------ C:\WINDOWS\system32\ddcyv.dll
2006-11-15 15:45 588 --a------ C:\WINDOWS\system32\geedb.dll
2006-11-15 15:40 588 --a------ C:\WINDOWS\system32\ddayx.dll
2006-11-15 15:34 588 --a------ C:\WINDOWS\system32\mllmj.dll
2006-11-15 15:29 588 --a------ C:\WINDOWS\system32\ddabc.dll
2006-11-15 15:23 588 --a------ C:\WINDOWS\system32\pmnno.dll
2006-11-15 15:12 588 --a------ C:\WINDOWS\system32\ssqpo.dll
2006-11-15 15:06 588 --a------ C:\WINDOWS\system32\ssqrq.dll
2006-11-15 14:55 588 --a------ C:\WINDOWS\system32\mllmk.dll
2006-11-15 14:50 588 --a------ C:\WINDOWS\system32\pmnnl.dll
2006-11-15 04:25 40,973 ---hs---- C:\WINDOWS\system32\qommnmj.dll
2006-11-15 02:13 40,973 ---hs---- C:\WINDOWS\system32\iifccaa.dll
2006-11-14 23:16 40,973 ---hs---- C:\WINDOWS\system32\efcbaya.dll
2006-11-14 15:33 692,276 --a------ C:\WINDOWS\system32\pmnlk.dll
2006-11-14 11:54 40,973 ---hs---- C:\WINDOWS\system32\tuvusss.dll

@tottoro:

Poista nuo dll:t, fixaa nämä:

O4 - HKLM\..\Run: [jfwdufm.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\jfwdufm.dll,aqbbalf
O4 - HKLM\..\Run: [eoybail.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\eoybail.dll,vvduxwb
O4 - HKLM\..\Run: [dhprfth.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\dhprfth.dll,apuztb
O4 - HKLM\..\Run: [hxxwdwi.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\hxxwdwi.dll,ftckxlb
O4 - HKLM\..\Run: [eqypshg.dll] C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\eqypshg.dll,wceomb
O4 - HKLM\..\Run: [ERS_check] "C:\Program Files\Common Files\ers_startupmon.exe"
O4 - Startup: .protected
O20 - Winlogon Notify: pmnkihg - pmnkihg.dll (file missing)

ja lähetä sitten uusi combon loki & uusi HjT-loki.

AfterDawn

Hujo · 17.11.2006

@-kemisti- Hyvä olisi poistaa: T: Hujo

@tottoro

Lataa KillBox http://www.killbox.net/downloads/KillBox.exe

Tallenna työpöydälle. Jolloin ilmestyy kuvake KillBox.exe

Avaa KillBox ja laita "täppi" kohtaan Delete on Reboot sekä paina kohdasta All Files niin ,että se alkaa "vilkkumaan" vihreänä.

Kopioi tuosta alta kaikki yhtäaikaa

C:\WINDOWS\system32\ssqrp.dll
C:\WINDOWS\system32\gebca.dll
C:\WINDOWS\system32\awvvt.dll
C:\WINDOWS\system32\jkhhf.dll
C:\WINDOWS\system32\ssttr.dll
C:\WINDOWS\system32\vtutr.dll
C:\WINDOWS\system32\pmkjh.dll
C:\WINDOWS\system32\awtsq.dll
C:\WINDOWS\system32\jkkjh.dll
C:\WINDOWS\system32\ddcca.dll
C:\WINDOWS\system32\awvtr.dll
C:\WINDOWS\system32\mljjh.dll
C:\WINDOWS\system32\jkhfd.dll
C:\WINDOWS\system32\ssqpn.dll
C:\WINDOWS\system32\sstqo.dll
C:\WINDOWS\system32\jkkli.dll
C:\WINDOWS\system32\ddabx.dll
C:\WINDOWS\system32\vtstq.dll
C:\WINDOWS\system32\gebcy.dll
C:\WINDOWS\system32\pmnnk.dll
C:\WINDOWS\system32\awvtq.dll
C:\WINDOWS\system32\jkhfc.dll
C:\WINDOWS\system32\awvvs.dll
C:\WINDOWS\system32\mljgd.dll
C:\WINDOWS\system32\jkhhe.dll
C:\WINDOWS\system32\ssttu.dll
C:\WINDOWS\system32\vtutu.dll
C:\WINDOWS\system32\geede.dll
C:\WINDOWS\system32\pmkjk.dll
C:\WINDOWS\system32\awtst.dll
C:\WINDOWS\system32\jkkjk.dll
C:\WINDOWS\system32\vtsqr.dll
C:\WINDOWS\system32\jkklj.dll
C:\WINDOWS\system32\pmkjg.dll
C:\WINDOWS\system32\sstqn.dll
C:\WINDOWS\system32\vturo.dll
C:\WINDOWS\system32\geebx.dll
C:\WINDOWS\system32\awvvw.dll
C:\WINDOWS\system32\gebya.dll
C:\WINDOWS\system32\ssqpq.dll
C:\WINDOWS\system32\awvtu.dll
C:\WINDOWS\system32\mljgh.dll
C:\WINDOWS\system32\vtstt.dll
C:\WINDOWS\system32\jkhfg.dll
C:\WINDOWS\system32\pmnnn.dll
C:\WINDOWS\system32\ssttq.dll
C:\WINDOWS\system32\pmkhe.dll
C:\WINDOWS\system32\awtsp.dll
C:\WINDOWS\system32\vturs.dll
C:\WINDOWS\system32\awvvv.dll
C:\WINDOWS\system32\vtutq.dll
C:\WINDOWS\system32\ddccc.dll
C:\WINDOWS\system32\geedd.dll
C:\WINDOWS\system32\pmkjj.dll
C:\WINDOWS\system32\jkkjj.dll
C:\WINDOWS\system32\ssqpp.dll
C:\WINDOWS\system32\vtsqq.dll
C:\WINDOWS\system32\gebyy.dll
C:\WINDOWS\system32\jkhff.dll
C:\WINDOWS\system32\vtutt.dll
C:\WINDOWS\system32\pmnll.dll
C:\WINDOWS\system32\geebc.dll
C:\WINDOWS\system32\ddabb.dll
C:\WINDOWS\system32\ddcyy.dll
C:\WINDOWS\system32\vturr.dll
C:\WINDOWS\system32\mljgf.dll
C:\WINDOWS\system32\geeba.dll
C:\WINDOWS\system32\sstqp.dll
C:\WINDOWS\system32\ddcyw.dll
C:\WINDOWS\system32\vturp.dll
C:\WINDOWS\system32\mllmn.dll
C:\WINDOWS\system32\geeda.dll
C:\WINDOWS\system32\ddccd.dll
C:\WINDOWS\system32\gebyv.dll
C:\WINDOWS\system32\ddaba.dll
C:\WINDOWS\system32\ssqrr.dll
C:\WINDOWS\system32\vtsts.dll
C:\WINDOWS\system32\gebyx.dll
C:\WINDOWS\system32\jkhhi.dll
C:\WINDOWS\system32\sstqq.dll
C:\WINDOWS\system32\awtqp.dll
C:\WINDOWS\system32\gebcb.dll
C:\WINDOWS\system32\pmkji.dll
C:\WINDOWS\system32\mljjj.dll
C:\WINDOWS\system32\jkhhh.dll
C:\WINDOWS\system32\jkklm.dll
C:\WINDOWS\system32\pmnli.dll
C:\WINDOWS\system32\ddayw.dll
C:\WINDOWS\system32\awtsr.dll
C:\WINDOWS\system32\jkhfe.dll
C:\WINDOWS\system32\ddayy.dll
C:\WINDOWS\system32\gebcc.dll
C:\WINDOWS\system32\ssqrs.dll
C:\WINDOWS\system32\mljjk.dll
C:\WINDOWS\system32\jkkjg.dll
C:\WINDOWS\system32\geeby.dll
C:\WINDOWS\system32\sstqr.dll
C:\WINDOWS\system32\sstts.dll
C:\WINDOWS\system32\gebyw.dll
C:\WINDOWS\system32\ddccb.dll
C:\WINDOWS\system32\mlljh.dll
C:\WINDOWS\system32\awvts.dll
C:\WINDOWS\system32\mljge.dll
C:\WINDOWS\system32\mljji.dll
C:\WINDOWS\system32\ssqpm.dll
C:\WINDOWS\system32\pmnnm.dll
C:\WINDOWS\system32\mllmm.dll
C:\WINDOWS\system32\ddayv.dll
C:\WINDOWS\system32\ddcya.dll
C:\WINDOWS\system32\pmnlj.dll
C:\WINDOWS\system32\awtqq.dll
C:\WINDOWS\system32\pmkhf.dll
C:\WINDOWS\system32\mljgg.dll
C:\WINDOWS\system32\mllml.dll
C:\WINDOWS\system32\pmkhi.dll
C:\WINDOWS\system32\awvvu.dll
C:\WINDOWS\system32\pmkhg.dll
C:\WINDOWS\system32\ddaya.dll
C:\WINDOWS\system32\vtuts.dll
C:\WINDOWS\system32\awtqr.dll
C:\WINDOWS\system32\mlljg.dll
C:\WINDOWS\system32\vturq.dll
C:\WINDOWS\system32\mlljj.dll
C:\WINDOWS\system32\mlljk.dll
C:\WINDOWS\system32\ddccy.dll
C:\WINDOWS\system32\awtqo.dll
C:\WINDOWS\system32\vtsqp.dll
C:\WINDOWS\system32\ssttt.dll
C:\WINDOWS\system32\awtqn.dll
C:\WINDOWS\system32\vtsqo.dll
C:\WINDOWS\system32\jkhhg.dll
C:\WINDOWS\system32\pmkhh.dll
C:\WINDOWS\system32\pmnlm.dll
C:\WINDOWS\system32\mljjg.dll
C:\WINDOWS\system32\ddaby.dll
C:\WINDOWS\system32\jkklk.dll
C:\WINDOWS\system32\ddcyx.dll
C:\WINDOWS\system32\vtstr.dll
C:\WINDOWS\system32\geedc.dll
C:\WINDOWS\system32\jkkll.dll
C:\WINDOWS\system32\mllji.dll
C:\WINDOWS\system32\awvtt.dll
C:\WINDOWS\system32\geebb.dll
C:\WINDOWS\system32\jkkji.dll
C:\WINDOWS\system32\ssqro.dll
C:\WINDOWS\system32\vtsqn.dll
C:\WINDOWS\system32\vtstu.dll
C:\WINDOWS\system32\awtss.dll
C:\WINDOWS\system32\gebcd.dll
C:\WINDOWS\system32\ddcyv.dll
C:\WINDOWS\system32\geedb.dll
C:\WINDOWS\system32\ddayx.dll
C:\WINDOWS\system32\mllmj.dll
C:\WINDOWS\system32\ddabc.dll
C:\WINDOWS\system32\pmnno.dll
C:\WINDOWS\system32\ssqpo.dll
C:\WINDOWS\system32\ssqrq.dll
C:\WINDOWS\system32\mllmk.dll
C:\WINDOWS\system32\pmnnl.dll
C:\WINDOWS\system32\qommnmj.dll
C:\WINDOWS\system32\iifccaa.dll
C:\WINDOWS\system32\efcbaya.dll
C:\WINDOWS\system32\pmnlk.dll
C:\WINDOWS\system32\tuvusss.dll

Valitse ylhäältä valikosta File ja sitten Paste from Clipboard.

Riville Full Path of File to Delete ilmestyy jokin annetuista poluista ja tiedosto näkyy rivin alapuolella sinisellä merkittynä jos se löytyy koneelta.Paina tämän jälkeen oikealla olevaa punaista ympyrää jossa on valkoinen rasti.

Haluatko buutata nyt ? Vastaa tähän Kyllä

Tämän jälkeen kone buuttaa itsensä. Jos ei buuttaa niin suorita toimenpide itse "käsin

tottoro · 18.11.2006

En saa Fixattua tota 04 - Startup: .protected koska en tiedä millä nimellä se on task managerissa..se pitäis kuulemma ekaks sammuttaa task managerin kautta ja sit ajaa HJT uusiks..

tottoro · 18.11.2006

En saa tota killbox:ia toimimaan..kun yritän käynnistää sen se sanoo :" ´MSCOMCTL.OCX´or one of its dependencies not correctly registered: File is missing or invalid"

tottoro · 18.11.2006

Latasin uuden Killboxin ja nyt se sanoo kun olen laittanut kaikki jutut mitä sanoit että pitää laittaa niin "PendingFileNameOperations Registry Data has been removed by external process!"

tottoro · 18.11.2006

Kertokaas mulle kumpi kannattaa poistaa AVG vai Antivir ?

tottoro · 19.11.2006

presario 8000 - 06-11-19 7:38:46,84 Service Pack 2
ComboFix 06.11.9 - Running from: "C:\Documents and Settings\presario 8000\Ty”p”yt„\Uusi kansio"

((((((((((((((((((((((((((((((( Files Created from 2006-10-19 to 2006-11-19 ))))))))))))))))))))))))))))))))))

2006-11-19 02:17 28,672 --a------ C:\WINDOWS\system32\drivers\CO_Mon.sys
2006-11-17 06:47 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2006-11-14 23:31 15,360 --a------ C:\WINDOWS\system32\BASSMOD.dll
2006-11-14 05:03 3,874 --a------ C:\WINDOWS\system32\tmp.reg
2006-11-14 04:40 57,384 --a------ C:\WINDOWS\system32\avsda.dll
2006-11-14 04:40 32,768 --a------ C:\WINDOWS\system32\drivers\avgntdd.sys
2006-11-14 04:40 14,848 --a------ C:\WINDOWS\system32\drivers\avgntmgr.sys
2006-11-14 04:08 1,060,864 --a------ C:\WINDOWS\system32\mfc71.dll
2006-11-04 14:14 1,245,696 --a------ C:\WINDOWS\system32\msxml4.dll
2006-10-30 23:47 14 --a------ C:\WINDOWS\system32\systeminfo.dll
2006-10-26 15:08 40,960 --a------ C:\WINDOWS\system32\frapsvid.dll
2006-10-26 13:41 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe
2006-10-26 13:40 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2006-10-23 22:47 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2006-10-23 22:47 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2006-10-23 22:47 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2006-10-23 22:47 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2006-10-23 22:47 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2006-10-23 22:47 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2006-10-23 22:46 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2006-10-23 11:41 104,064 -ra------ C:\WINDOWS\system32\drivers\wceusbsh.sys
2006-10-23 11:38 77,899 --a------ C:\WINDOWS\system32\rapi.dll
2006-10-23 11:38 65,615 --a------ C:\WINDOWS\system32\pmailext.dll
2006-10-23 11:38 65,613 --a------ C:\WINDOWS\system32\ppvexp.dll
2006-10-23 11:38 57,423 --a------ C:\WINDOWS\system32\MsgStRPC.dll
2006-10-23 11:38 36,942 --a------ C:\WINDOWS\system32\ppcload.dll
2006-10-23 11:38 24,653 --a------ C:\WINDOWS\system32\ceutil.dll
2006-10-23 11:38 24,652 --a------ C:\WINDOWS\system32\uicom.dll
2006-10-23 11:38 114,688 --a------ C:\WINDOWS\system32\malslib.dll
2006-10-23 10:56 53,248 --a------ C:\WINDOWS\Sti305.exe
2006-10-23 10:56 307,200 --a------ C:\WINDOWS\vidcap32.Exe
2006-10-23 10:32 81,920 -ra------ C:\WINDOWS\system32\VM305STI.dll
2006-10-23 10:32 61,440 --a------ C:\WINDOWS\VM305_STI.exe
2006-10-23 10:32 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-10-23 10:32 49,152 -ra------ C:\WINDOWS\amcap.exe
2006-10-23 10:32 392,316 -ra------ C:\WINDOWS\system32\drivers\usbVM305.sys
2006-10-23 10:32 114,688 -ra------ C:\WINDOWS\VM305Cap.exe

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))

2006-11-19 07:39 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Azureus
2006-11-19 02:58 -------- d-------- C:\Program Files\WinRAR
2006-11-19 02:58 -------- d-------- C:\Program Files\SmartFTP Client 2.0
2006-11-19 02:57 -------- d-------- C:\Program Files\Multimedia Card Reader
2006-11-19 02:57 -------- d-------- C:\Program Files\MSN Messenger
2006-11-19 02:57 -------- d-------- C:\Program Files\Microsoft ActiveSync
2006-11-19 02:56 -------- d-------- C:\Program Files\Internet Explorer
2006-11-19 02:54 -------- d-------- C:\Program Files\AntiVir PersonalEdition Classic
2006-11-19 01:50 -------- d-------- C:\Program Files\Java
2006-11-17 06:47 -------- d-------- C:\Program Files\Grisoft
2006-11-17 06:40 -------- d-------- C:\Program Files\Common Files
2006-11-17 02:26 -------- d-------- C:\Program Files\MSXML 4.0
2006-11-15 04:36 -------- d-------- C:\Program Files\Lavasoft
2006-11-15 04:36 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Lavasoft
2006-11-15 04:16 -------- d-------- C:\Program Files\Uniblue
2006-11-15 04:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Uniblue
2006-11-14 23:29 -------- d--h----- C:\Program Files\InstallShield Installation Information
2006-11-14 23:13 -------- d-------- C:\Program Files\Activision
2006-11-14 17:01 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\DriveCleaner 2006 Free
2006-11-14 04:36 -------- d-------- C:\Program Files\AntiVir PersonalEdition Premium
2006-11-14 04:10 0 --a------ C:\Program Files\Common Files\err.log
2006-11-14 03:24 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2006-11-13 17:08 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Skype
2006-11-13 16:20 -------- d-------- C:\Program Files\THQ
2006-11-12 01:42 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\SmartFTP
2006-11-02 15:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Ahead
2006-11-02 15:01 -------- d-------- C:\Program Files\Common Files\Ahead
2006-11-02 14:44 -------- d-------- C:\Program Files\Nero
2006-11-02 13:16 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\MSN6
2006-10-30 23:47 -------- d-------- C:\Program Files\DVD X Studios
2006-10-30 23:45 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\BSplayer
2006-10-30 23:41 -------- d-------- C:\Program Files\Webteh
2006-10-30 23:30 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\dvdcss
2006-10-26 11:28 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\InstallShield
2006-10-26 10:45 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\AdobeUM
2006-10-24 11:04 -------- d-------- C:\Program Files\ViaMichelin
2006-10-23 13:54 -------- d-------- C:\Program Files\Skype
2006-10-23 11:41 -------- d---s---- C:\Documents and Settings\presario 8000\Application Data\Microsoft
2006-10-23 11:39 -------- d-------- C:\Program Files\Common Files\Microsoft Shared
2006-10-23 11:39 -------- d-------- C:\Program Files\AvantGo Connect
2006-10-23 10:56 -------- d-------- C:\Program Files\Vimicro
2006-10-23 10:56 -------- d-------- C:\Program Files\Common Files\InstallShield
2006-10-23 09:24 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Nokia Multimedia Player
2006-10-23 09:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Nokia
2006-10-23 09:22 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Datalayer
2006-10-23 09:20 -------- d-------- C:\Program Files\Nokia
2006-10-23 09:20 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\PC Suite
2006-10-23 09:19 -------- d-------- C:\Program Files\Common Files\PCSuite
2006-10-23 09:19 -------- d-------- C:\Program Files\Common Files\Nokia
2006-10-22 22:16 -------- d-------- C:\Program Files\Apple Software Update
2006-10-22 13:00 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Identities
2006-10-21 16:17 -------- d-------- C:\Program Files\Microsoft AutoRoute
2006-10-21 16:16 -------- d-------- C:\Program Files\Microsoft Office
2006-10-21 16:14 -------- d-------- C:\Program Files\DAEMON Tools
2006-10-21 12:35 -------- d-------- C:\Program Files\Azureus
2006-10-20 00:40 -------- d-------- C:\Program Files\Winamp
2006-10-18 13:14 -------- d-------- C:\Program Files\QuickTime
2006-10-15 02:28 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\BitTorrent
2006-10-13 14:37 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2006-10-13 04:10 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Media Player Classic
2006-10-13 03:29 -------- d-------- C:\Program Files\Common Files\NSV
2006-10-13 03:24 -------- d-------- C:\Program Files\Combined Community Codec Pack
2006-10-13 03:20 -------- d-------- C:\Program Files\XP Codec Pack
2006-10-12 22:31 -------- d-------- C:\Program Files\Common Files\Java
2006-10-12 02:36 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-11 22:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\DivX
2006-10-11 12:23 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Adobe
2006-10-10 14:15 -------- d-------- C:\Program Files\Windows Media Player
2006-10-09 23:25 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Apple Computer
2006-10-09 21:41 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\vlc
2006-10-09 21:34 -------- d-------- C:\Program Files\VideoLAN
2006-10-08 18:15 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Ventrilo
2006-10-06 17:48 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Help
2006-10-06 15:48 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Macromedia
2006-10-06 14:59 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Sun
2006-10-06 13:37 611064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-10-06 10:29 -------- d-------- C:\Program Files\Messenger
2006-10-06 10:23 -------- d-------- C:\Program Files\Outlook Express
2006-10-06 10:23 -------- d-------- C:\Program Files\Common Files\System
2006-10-06 09:52 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\AVG7
2006-10-06 09:50 778656 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2006-10-06 09:50 4992 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2006-10-06 09:50 4288 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2006-10-06 09:50 27904 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2006-10-06 09:50 -------- d--h----- C:\Program Files\WindowsUpdate
2006-10-04 09:05 -------- d-------- C:\Program Files\Creative
2006-10-04 09:03 -------- d-------- C:\Documents and Settings\presario 8000\Application Data\Creative
2006-10-02 22:15 16384 --a------ C:\WINDOWS\system32\ac3config.exe
2006-09-29 13:44 -------- d-------- C:\Program Files\Common Files\Adobe
2006-09-29 13:42 -------- d-------- C:\Program Files\Adobe
2006-09-29 13:41 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2006-09-29 13:41 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2006-09-29 13:14 62 --ahs---- C:\Documents and Settings\presario 8000\Application Data\desktop.ini
2006-09-29 13:14 -------- d-------- C:\Program Files\Movie Maker
2006-09-29 13:14 -------- d-------- C:\Program Files\Common Files\SpeechEngines
2006-09-29 13:14 -------- d-------- C:\Program Files\Common Files\ODBC
2006-09-29 13:11 -------- d-------- C:\Program Files\Windows NT
2006-09-29 13:11 -------- d-------- C:\Program Files\NetMeeting
2006-09-29 12:56 -------- d-------- C:\Program Files\Common Files\Nero
2006-09-29 12:46 -------- d--h----- C:\Program Files\Uninstall Information
2006-09-29 12:42 0 -rahs---- C:\MSDOS.SYS
2006-09-29 12:42 0 -rahs---- C:\IO.SYS
2006-09-29 12:42 0 --a------ C:\CONFIG.SYS
2006-09-29 12:42 0 --a------ C:\AUTOEXEC.BAT
2006-09-29 12:42 -------- d-------- C:\Program Files\xerox
2006-09-29 12:42 -------- d-------- C:\Program Files\microsoft frontpage
2006-09-29 12:41 -------- d-------- C:\Program Files\Online Services
2006-09-29 12:40 -------- d-------- C:\Program Files\ComPlus Applications
2006-09-29 12:40 -------- d-------- C:\Program Files\Common Files\Services
2006-09-29 12:40 -------- d-------- C:\Program Files\Common Files\MSSoap
2006-09-29 12:39 -------- d-------- C:\Program Files\MSN Gaming Zone
2006-09-29 12:39 -------- d-------- C:\Program Files\MSN
2006-09-13 07:03 1084416 --------- C:\WINDOWS\system32\msxml3.dll
2006-08-25 17:49 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2006-08-25 05:47 129784 --------- C:\WINDOWS\system32\pxafs.dll
2006-08-25 05:47 115880 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-08-21 14:26 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-08-21 11:14 23040 --a------ C:\WINDOWS\system32\fltmc.exe

(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BitTorrent"="\"D:\\bittorrent.exe\" --force_start_minimized"
"PcSync"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\PcSync2.exe /NoDialog"
"H/PC Connection Agent"="\"C:\\Program Files\\Microsoft ActiveSync\\WCESCOMM.EXE\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
"AVG7_EMC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgemc.exe"
"CTHelper"="CTHELPER.EXE"
"MpsOnn"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\MpsOnn.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"PCSuiteTrayApplication"="C:\\Program Files\\Nokia\\Nokia PC Suite 6\\LaunchApplication.exe -onlytray"
"DataLayer"="C:\\Program Files\\Common Files\\PCSuite\\DataLayer\\DataLayer.exe"
"BigDog305"="C:\\WINDOWS\\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)"
"Sunkist2k"="C:\\Program Files\\Multimedia Card Reader\\shwicon2k.exe"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"avgnt"="\"C:\\Program Files\\AntiVir PersonalEdition Classic\\avgnt.exe\" /min"
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000000

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\System32\\CTFMON.EXE"
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\AppleSoftwareUpdate.job

Completion time: 06-11-19 7:39:35.54
C:\ComboFix.txt ... 06-11-19 07:39
C:\ComboFix2.txt ... 06-11-17 06:44

tottoro · 19.11.2006

Logfile of HijackThis v1.99.1
Scan saved at 7:42:44, on 19.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\presario 8000\Työpöytä\Uusi kansio\HijackThis_v1.99.1.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1AAF2D66-52EA-8B39-5863-07D40A54AD1F} - C:\WINDOWS\system32\awpxxab.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\pmnkihg.dll (file missing)
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: .protected
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

-kemisti- · 19.11.2006

@tottoro:

Fixaa nämä:

O2 - BHO: (no name) - {1AAF2D66-52EA-8B39-5863-07D40A54AD1F} - C:\WINDOWS\system32\awpxxab.dll (file missing)
O2 - BHO: (no name) - {CFE9E8A8-38C0-4EF8-AEC2-5035EFE81030} - C:\WINDOWS\system32\pmnkihg.dll (file missing)

Aja smitfraudfix uudelleen vikasietotilassa optiolla 2 ja lähetä sen loki ja uusi HjT-loki tänne.

tottoro · 20.11.2006

Logfile of HijackThis v1.99.1
Scan saved at 13:58:32, on 20.11.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Sygate\SPF\smc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\WINDOWS\VM305_STI.EXE
C:\Program Files\Multimedia Card Reader\shwicon2k.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Documents and Settings\presario 8000\Työpöytä\Uusi kansio\HijackThis_v1.99.1.exe
C:\WINDOWS\System32\imapi.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [MpsOnn] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\MpsOnn.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [BigDog305] C:\WINDOWS\VM305_STI.EXE VIMICRO USB PC Camera (ZC0305)
O4 - HKLM\..\Run: [Sunkist2k] C:\Program Files\Multimedia Card Reader\shwicon2k.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitTorrent] "D:\bittorrent.exe" --force_start_minimized
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\WCESCOMM.EXE"
O4 - Startup: .protected
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - http://go.divx.com/plugin/DivXBrowserPlugin.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

tottoro · 20.11.2006

SmitFraudFix v2.122

Scan done at 13:55:55,18, ma 20.11.2006
Run from C:\Documents and Settings\presario 8000\Ty”p”yt„\Uusi kansio\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process

»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri

»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files

»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» End

Hujo · 20.11.2006

avg ja antivir koneella kumpi käytössä ?

Poista noista toinen lisää poista sovelutuksesta

Lähetä:
Uusi Hjt-loki

tottoro · 20.11.2006

Kummatkin..kumman poistan ?

Hujo · 20.11.2006

Tuota jos olisin tuossa vaiheessa.

Lataisin koneelle avastin setupin valmiiksi ja poistaisin kummatkin.
Avasti pitää rekisteröidä
Netti yhteyshän ei saa olla silloin päällä. Nettipiuha pitää irroitaa.

Taitaisin jättää noista AVG:n

avasti on taas siintä hyvä että suomenkielinen ja pystyy säätelemään
Mikä tärkein Ne päivitykset

Jos Avasti alkoi kiinostamaan
http://www.download.fi/tyopoytaohjelmat/haittaohjelmien_poisto/avast4home.cfm

Avast rekisteröinti
Linkki

Kirjaudu tai liity jäseneksi

Kone oudon jumissa ja vikana varmaan tuo välkkyvä

-kemisti- Active member

Hujo Guest

tottoro Member

tottoro Member

tottoro Member

tottoro Member

tottoro Member

tottoro Member

-kemisti- Active member

tottoro Member

tottoro Member

Hujo Guest

tottoro Member

Hujo Guest

Jaa tämä sivu

Kirjaudu tai liity jäseneksi

Kone oudon jumissa ja vikana varmaan tuo välkkyvä

-kemisti- Active member

Hujo Guest

tottoro Member

tottoro Member

tottoro Member

tottoro Member

tottoro Member

tottoro Member

-kemisti- Active member

tottoro Member

tottoro Member

Hujo Guest

tottoro Member

Hujo Guest

Jaa tämä sivu

Hyödyllisiä hakuja