Hijackthis apua

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by gsa, Mar 26, 2007.

  1. gsa

    gsa Member

    Joined:
    Jan 5, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    11
    Kone alkanut hidastumaan kummasti ja epäilen, että on viiruksia koneella. Jos joku jaksaisi tarkastaa login ;)

    Logfile of HijackThis v1.99.1
    Scan saved at 19:14:53, on 26.3.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    D:\ohjelmat\ewido anti-spyware 4.0\guard.exe
    D:\ohjelmat\ewido\security suite\ewidoctrl.exe
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\ohjelmat\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    D:\ohjelmat\DAEMON Tools\daemon.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\WINDOWS\System32\msiexec.exe
    C:\Documents and Settings\Antti Saunamäki\Työpöytä\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.fi/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\ohjelmat\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [CloneCDTray] "D:\ohjelmat\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "D:\ohjelmat\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\ohjelmat\DAEMON Tools\daemon.exe" -lang 1033
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Microsoft Works Kalenterin muistutukset.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\npjpi150_09.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\ohjelmat\ewido anti-spyware 4.0\guard.exe
    O23 - Service: ewido security suite control - ewido networks - D:\ohjelmat\ewido\security suite\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ISSvc (ISSVC) - Unknown owner - C:\Program Files\Norton Internet Security\ISSVC.exe (file missing)
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4ss.exe
     
    gsa, Mar 26, 2007
    #1
  2. tomato71

    tomato71 Regular member

    Joined:
    Apr 30, 2006
    Messages:
    1,151
    Likes Received:
    0
    Trophy Points:
    46
    Moi!
    Lokissa ei ihmeitä
    Missä virustorjunta ?? ilmasen saat -->tästä
    Poistetaan nortonin jämä

    Paina Käynnistä ---> Suorita -->kirjoita sc stop ISSVC (pamauta enteriä )
    Paina Käynnistä ---> Suorita -->kirjoita sc delete ISSVC (pamauta enteriä )

    Käynnistä kone uudelleen

    Poista kansio C:\Program Files\Norton Internet Security

    tarkistetaan että ei ole örkkejä....

    Skannaa koneesi Kaspersky Online Skannerilla
    Käytä Internet Explorer
    Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
    • Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
    • Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
    • Klikkaa nyt asetuksia, Scan Settings
    • Tarkista asetuksista, että seuraavat ovat valittuina:

      o Scan using the following Anti-Virus database:

      + Extended (Jos valittavissa, muuten valitse Standard)

      o Scan Options:

      + Scan Archives
      + Scan Mail Bases
    • Klikkaa OK
    • Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
    • Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
    • Klikkaa nyt Save as Text-painiketta.
    • Tallenna tiedosto työpöydällesi.
    • Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
    [/size]

    ja päivitä java...

    Javan päivitys ja välimuistin tyhjennys:

    1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
    2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
    Niissä pitäisi olla seuraava kuva vieressä: [​IMG]
    3. Valitse kaikki entiset Java versiosi ja valitse Poista.
    4. Asenna uusin Java päivitys seuraavasta linkistä..
    5. Käynnistä kone uudelleen asennuksen jälkeen:

    http://java.sun.com/javase/downloads/index.jsp

    Rullaa alas kohteeseen Java Runtime Environment (JRE) 6

    Paina Download

    Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

    6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

    7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

    (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
    Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle    ).

    8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

    *Applications and Applets

    *Trace and Log Files


    Ja paina OK -nappia

    9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
    Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.

    10. Klikkaa OK jättääksesi Java asetusikkunasi.


    Lähetä uusi hjt-loki ja Kasperskyn-loki
     
    tomato71, Mar 26, 2007
    #2
  3. gsa

    gsa Member

    Joined:
    Jan 5, 2004
    Messages:
    28
    Likes Received:
    0
    Trophy Points:
    11
    tossa olisi nyt nämä:





    ASPERSKY ONLINE SCANNER REPORT
    Tuesday, March 27, 2007 6:29:22 PM
    Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
    Kaspersky Online Scanner version: 5.0.93.0
    Kaspersky Anti-Virus database last update: 27/03/2007
    Kaspersky Anti-Virus database records: 286820
    Scan Settings
    Scan using the following antivirus database extended
    Scan Archives true
    Scan Mail Bases true
    Scan Target My Computer
    A:\
    C:\
    D:\
    E:\
    F:\
    Scan Statistics
    Total number of scanned objects 53215
    Number of viruses found 1
    Number of infected objects 1
    Number of suspicious objects 0
    Duration of the scan process 00:49:08

    Infected Object Name Virus Name Last Action
    C:\Documents and Settings\Antti Saunamäki\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Application Data\ApplicationHistory\cli.exe.c88dbd71.ini.inuse Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Sivuhistoria\History.IE5\MSHist012007032720070328\index.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temp\Perflib_Perfdata_2d8.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temp\Perflib_Perfdata_30c.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temp\Perflib_Perfdata_590.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temp\Perflib_Perfdata_ca8.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temp\~DF95D.tmp Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\Antti Saunamäki\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
    C:\Documents and Settings\LocalService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
    C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
    C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
    C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\debug.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\debug.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\error.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\error.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\hips.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\hips.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\ids.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\ids.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\network.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\network.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\system.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\system.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\warning.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\warning.log.idx Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\web.log Object is locked skipped
    C:\ohjelmat\Sunbelt Software\Personal Firewall\logs\web.log.idx Object is locked skipped
    C:\Program Files\mirc\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.616 skipped
    C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    C:\System Volume Information\_restore{9AEDD8D7-E85D-413F-885A-3CECDA45E3CC}\RP789\change.log Object is locked skipped
    C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
    C:\WINDOWS\SchedLgU.Txt Object is locked skipped
    C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
    C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
    C:\WINDOWS\system32\config\ACEEvent.evt Object is locked skipped
    C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\default Object is locked skipped
    C:\WINDOWS\system32\config\default.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SAM Object is locked skipped
    C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY Object is locked skipped
    C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
    C:\WINDOWS\system32\config\software Object is locked skipped
    C:\WINDOWS\system32\config\software.LOG Object is locked skipped
    C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
    C:\WINDOWS\system32\config\system Object is locked skipped
    C:\WINDOWS\system32\config\system.LOG Object is locked skipped
    C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
    C:\WINDOWS\system32\h323log.txt Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
    C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
    C:\WINDOWS\WindowsUpdate.log Object is locked skipped
    D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
    D:\System Volume Information\_restore{9AEDD8D7-E85D-413F-885A-3CECDA45E3CC}\RP789\change.log Object is locked skipped
    Scan process completed.









    Logfile of HijackThis v1.99.1
    Scan saved at 17:08:42, on 28.3.2007
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    D:\ohjelmat\Avast4\aswUpdSv.exe
    D:\ohjelmat\Avast4\ashServ.exe
    D:\ohjelmat\ewido anti-spyware 4.0\guard.exe
    D:\ohjelmat\ewido\security suite\ewidoctrl.exe
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4ss.exe
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4gui.exe
    D:\ohjelmat\Avast4\ashMaiSv.exe
    D:\ohjelmat\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4gui.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\ohjelmat\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    C:\Program Files\Java\jre1.6.0\bin\jusched.exe
    D:\ohjelmat\Avast4\ashDisp.exe
    D:\ohjelmat\DAEMON Tools\daemon.exe
    C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
    C:\Documents and Settings\Antti Saunamäki\Työpöytä\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://msn.fi/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\ohjelmat\SPYBOT~1\SDHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WorksFUD] C:\Program Files\Microsoft Works\wkfud.exe
    O4 - HKLM\..\Run: [Microsoft Works Portfolio] C:\Program Files\Microsoft Works\WksSb.exe /AllUsers
    O4 - HKLM\..\Run: [Microsoft Works Update Detection] C:\Program Files\Microsoft Works\WkDetect.exe
    O4 - HKLM\..\Run: [CloneCDTray] "D:\ohjelmat\CloneCD\CloneCDTray.exe" /s
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [iTunesHelper] "D:\ohjelmat\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
    O4 - HKLM\..\Run: [avast!] D:\ohjelmat\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [DAEMON Tools] "D:\ohjelmat\DAEMON Tools\daemon.exe" -lang 1033
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
    O4 - Global Startup: Microsoft Works Kalenterin muistutukset.lnk = ?
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
    O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\ohjelmat\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - D:\ohjelmat\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - D:\ohjelmat\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - D:\ohjelmat\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:\ohjelmat\ewido anti-spyware 4.0\guard.exe
    O23 - Service: ewido security suite control - ewido networks - D:\ohjelmat\ewido\security suite\ewidoctrl.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:\ohjelmat\Sunbelt Software\Personal Firewall\kpf4ss.exe

     
    gsa, Mar 28, 2007
    #3
  4. tomato71

    tomato71 Regular member

    Joined:
    Apr 30, 2006
    Messages:
    1,151
    Likes Received:
    0
    Trophy Points:
    46
    Lokit OK
    Vielä ongelmia ?
     
    tomato71, Mar 28, 2007
    #4

Share This Page