Hjt-logi, tyttären koneen siivous

jariotus · Nov 16, 2007

Onko poistettavaa ?

Ei sinänsä kone mistään kiukuttele, mutta varmuuden varalta.

Logfile of HijackThis v1.99.1
Scan saved at 16:32:41, on 16.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\EMILIA\Omat tiedostot\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.apocalyptica.com/home/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\EMILIA\Käynnistä-valikko\Ohjelmat\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - http://lumonetti.fi/portaali/Virusskanneri/OLS3/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Cmdiumartaar - COMODO - (no file)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

kiitoksia

tomato71 · Nov 16, 2007

moi
poista vanha hjt
C:\Documents and Settings\EMILIA\Omat tiedostot\HijackThis.exe

ja lataa ja asenna uusin
lähetä uusi loki

Lataa tästä HJTInstall.exe
*Tallenna HJTInstall.exe työpöydällesi.
*Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
*Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
*Klikkaa Install.
*Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
*Kun asennus on valmis, se käynnistää HijackThisin.
*Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
*Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
*Liitä lokin sisältö seuraavaan vastaukseesi.
*ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
*ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.

jariotus · Nov 17, 2007

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:11:07, on 17.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.apocalyptica.com/home/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-507921405-1844237615-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-507921405-1844237615-682003330-1006 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User '?')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\EMILIA\Käynnistä-valikko\Ohjelmat\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - http://lumonetti.fi/portaali/Virusskanneri/OLS3/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Cmdiumartaar - COMODO - (no file)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

--
End of file - 7040 bytes

tomato71 · Nov 17, 2007

tämä on outo O23 - Service: Cmdiumartaar - COMODO - (no file)
asenna Comodo uudestaan ja lähetä uusi hjt-loki

jariotus · Nov 17, 2007

moro

juu, sitä comodo-juttua minäkin ihmettelin ja arvelin, että siihen kiinnität huomion. asennettu uusiksi.

ja tässä hjt :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:11:47, on 17.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.apocalyptica.com/home/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-507921405-1844237615-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-507921405-1844237615-682003330-1006 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User '?')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\EMILIA\Käynnistä-valikko\Ohjelmat\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - http://lumonetti.fi/portaali/Virusskanneri/OLS3/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Cmdiumartaar - COMODO - (no file)
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

--
End of file - 7096 bytes

outoa, aoon tuossa vieläkin

tomato71 · Nov 17, 2007

jaahans....
et ole vahingossa ladannu väärällä kielellä olevaa comodoa ??
poistetaan tuo palvelu,tarkista senjälkeen että comodo toimii kunnolla ja jos on yhtään epäilyä ettei toimi kunnolla niin tee uudelleen asennus

Paina Käynnistä ---> Suorita -->kirjoita(tai kopioi ja liitä) sc stop Cmdiumartaar (pamauta enteriä )
Paina Käynnistä ---> Suorita -->kirjoita(tai kopioi ja liitä) sc delete Cmdiumartaar (pamauta enteriä )

Lataa CCleaner tästä
*Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
*Asennuksen jälkeen aukaise CCleaner.
*Valitse vasemmalta pystyrivistä Options.
*Valitse viereisestä pystyrivistä Settings.
*Language kohtaan valitse Suomi.
Puhdistaja
*Valitse vasemmalta pystyrivistä Puhdistaja.
*Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
*Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.
Rekisterin virheiden korjaus
*Valitse vasemmalta pystyrivistä Virheet.
*Paina alhaalta Etsi rekisterin virheitä.
*Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
*Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
*Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
*Saat vielä varmistus kysymyksen, paina Ok.
*Kun virheet on korjattu, paina Sulje.
*Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia.

Tarkista koneesi F-Securen online skannerilla

Huom, skanneri toimii vain Internet Explorer selaimella

* Lue sivun ohjeet huolella läpi
* Klikkaa Start scanning
* Mikäli saat Internet Explorer -suojausvaroituksen, klikkaa Asenna
* Klikkaa Accept
* Klikkaa Custom Scan
* Säädä asetukset seuraavasti

o "Virus Scan Option" kohdasta valitse Scan whole system
o "Other Scan Option" kohdasta valitse Scan All Files
o Valitse Scan whole system for rootkits
o Valitse Scan whole system for spyware
o Laita ruksi kohtaan Scan inside archives
o Varmista että Use advanced heuristics on valittuna

* Klikkaa Start
* Skannaus käynnistyy kun tarvittavat tiedostot/päivitykset on ladattu
* Odota kärsivällisesti
* Kun sakannaus on suoritettu, klikkaa Automatic cleaning
* Klikkaa Show Report
* Raportti aukeaa selaimessa, kopioi teksti kokonaan
* Liitä kopioitu teksti esim. muistioon tai Wordiin ja tallenna työpöydälle
* Voit sulkea skannerin
* Lähetä raportti viestiketjuusi

Lähetä F-securen raportti ja uusi hjt-loki

jariotus · Nov 17, 2007

Scanning Report
Saturday, November 17, 2007 14:28:00 - 18:31:03

Computer name: KOTI-GQG9FRPB18
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\
Result: 2 malware found
Tracking Cookie (spyware)

* System (Disinfected)

WhenU.SaveNow (spyware)

* System (Disinfected)

Statistics
Scanned:

* Files: 230231
* System: 4244
* Not scanned: 226

Actions:

* Disinfected: 2
* Renamed: 0
* Deleted: 0
* None: 0
* Submitted: 0

Files not scanned:

* ���xNETWORKSERVICE\NTUSER.DAT C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
* C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT
* C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
* C:\DOCUMENTS AND SETTINGS\EMILIA\NTUSER.DAT
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\CA5Z3DC4.
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\MUSIIGGII\K\KOTITEOLLISUUS 1-9\KOTITEOLLISUUS SEKALAINEN\11. TRACK 11.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\MUSIIGGII\A\'ANIME MUSA'\HOWLS_MOVING_CASTLE_-_SULLIMAN_NO_MAHOUJIN_SHIRO_HE_NO.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - ENGLISH\POKEMON CRYSTAL.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - DEUTSCH\POKEMON GOLDENE EDITION.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\BILLY IDOL - HAPPY HOLIDAYS (2006) - ROCK BY FEFE2003.RAR
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\05 KEEP MY HOME IN MY HEART.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\06 THE CHRISTMAS SONG.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\12 CHRISTMAS MEDLEY (KARAOKE).MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\02 - PHANTOM TOUJOU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\04 - GEKIJOU TITLE THEME 2006.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\08 - PHANTOM PU RAISHUU!!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\09 - MIZU NO TAMI NO ISEKI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\10 - REJIENDO OBU AKUUSHA.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\11 - YABOU NI MUKATTE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\14 - SOREZORENO OMOI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\16 - MANAPHY TO ASOBO U!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\19 - SHINDEN NO WARUTSU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\20 - UMI NO OUKAN HE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\21 - SHIZUMI DASU SHINDEN.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\IT'S A COOL COOL CHRISTMAS\IT'S A COOL COOL CHRISTMAS - 01 - GRANDADDY - ALAN PARSONS IN A WINTER WONDERLAND.MP3
* C:\DOCUMENTS AND SETTINGB�zOS���x�GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - ENGLISH\POKEMON CRYSTAL.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - DEUTSCH\POKEMON GOLDENE EDITION.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\BILLY IDOL - HAPPY HOLIDAYS (2006) - ROCK BY FEFE2003.RAR
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\05 KEEP MY HOME IN MY HEART.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\06 THE CHRISTMAS SONG.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\12 CHRISTMAS MEDLEY (KARAOKE).MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\02 - PHANTOM TOUJOU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\04 - GEKIJOU TITLE THEME 2006.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\08 - PHANTOM PU RAISHUU!!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEO\xx�\POCKET MONSTERS MOVIE 9 OST\09 - MIZU NO TAMI NO ISEKI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\10 - REJIENDO OBU AKUUSHA.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\11 - YABOU NI MUKATTE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\14 - SOREZORENO OMOI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\16 - MANAPHY TO ASOBO U!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\19 - SHINDEN NO WARUTSU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DO

Options
Scanning engines:

* F-Secure Libra: 2.4.2, 2007-11-15
* F-Secure AVP: 7.0.171, 2007-11-16
* F-Secure Orion: 1.2.37, 2007-11-16
* F-Secure Blacklight: 1.0.64
* F-Secure Draco: 1.0.35, 0602-150-72
* F-Secure Pegasus: 1.19.0, 2007-10-15

Scanning options:

* Scan all files
* Scan inside archives
* Use Advanced heuristics

Copyright © 1998-2006 Product support |Send virus sample to F-Secure

Scanning Report
Saturday, November 17, 2007 14:28:00 - 18:31:03

Computer name: KOTI-GQG9FRPB18
Scanning type: Scan system for viruses, rootkits, spyware
Target: C:\
Result: 2 malware found
Tracking Cookie (spyware)

* System (Disinfected)

WhenU.SaveNow (spyware)

* System (Disinfected)

Statistics
Scanned:

* Files: 230231
* System: 4244
* Not scanned: 226

Actions:

* Disinfected: 2
* Renamed: 0
* Deleted: 0
* None: 0
* Submitted: 0

Files not scanned:

* ���xNETWORKSERVICE\NTUSER.DAT C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
* C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT
* C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
* C:\DOCUMENTS AND SETTINGS\EMILIA\NTUSER.DAT
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\CA5Z3DC4.
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\MUSIIGGII\K\KOTITEOLLISUUS 1-9\KOTITEOLLISUUS SEKALAINEN\11. TRACK 11.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\MUSIIGGII\A\'ANIME MUSA'\HOWLS_MOVING_CASTLE_-_SULLIMAN_NO_MAHOUJIN_SHIRO_HE_NO.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - ENGLISH\POKEMON CRYSTAL.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - DEUTSCH\POKEMON GOLDENE EDITION.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\BILLY IDOL - HAPPY HOLIDAYS (2006) - ROCK BY FEFE2003.RAR
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\05 KEEP MY HOME IN MY HEART.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\06 THE CHRISTMAS SONG.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\12 CHRISTMAS MEDLEY (KARAOKE).MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\02 - PHANTOM TOUJOU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\04 - GEKIJOU TITLE THEME 2006.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\08 - PHANTOM PU RAISHUU!!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\09 - MIZU NO TAMI NO ISEKI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\10 - REJIENDO OBU AKUUSHA.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\11 - YABOU NI MUKATTE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\14 - SOREZORENO OMOI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\16 - MANAPHY TO ASOBO U!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\19 - SHINDEN NO WARUTSU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\20 - UMI NO OUKAN HE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\21 - SHIZUMI DASU SHINDEN.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\IT'S A COOL COOL CHRISTMAS\IT'S A COOL COOL CHRISTMAS - 01 - GRANDADDY - ALAN PARSONS IN A WINTER WONDERLAND.MP3
* C:\DOCUMENTS AND SETTINGB�zOS���x�GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - ENGLISH\POKEMON CRYSTAL.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\TY�P�YT�\GAMEBOY\POKEMON (INCL. SAPHIRE+RUBY) GAMEBOY ROMS (GBA,GB,GBC) IN ENGLISH+DEUTSCH+TIPPS(DEUTSCH)+EMULATOR\ROM - DEUTSCH\POKEMON GOLDENE EDITION.SAV
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\BILLY IDOL - HAPPY HOLIDAYS (2006) - ROCK BY FEFE2003.RAR
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\05 KEEP MY HOME IN MY HEART.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\06 THE CHRISTMAS SONG.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POKEMON CHRSTMAS BASH\12 CHRISTMAS MEDLEY (KARAOKE).MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\02 - PHANTOM TOUJOU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\04 - GEKIJOU TITLE THEME 2006.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\08 - PHANTOM PU RAISHUU!!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEO\xx�\POCKET MONSTERS MOVIE 9 OST\09 - MIZU NO TAMI NO ISEKI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\10 - REJIENDO OBU AKUUSHA.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\11 - YABOU NI MUKATTE.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\14 - SOREZORENO OMOI.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\16 - MANAPHY TO ASOBO U!.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DOWNLOADS\POCKET MONSTERS MOVIE 9 OST\19 - SHINDEN NO WARUTSU.MP3
* C:\DOCUMENTS AND SETTINGS\EMILIA\OMAT TIEDOSTOT\DO

Options
Scanning engines:

* F-Secure Libra: 2.4.2, 2007-11-15
* F-Secure AVP: 7.0.171, 2007-11-16
* F-Secure Orion: 1.2.37, 2007-11-16
* F-Secure Blacklight: 1.0.64
* F-Secure Draco: 1.0.35, 0602-150-72
* F-Secure Pegasus: 1.19.0, 2007-10-15

Scanning options:

* Scan all files
* Scan inside archives
* Use Advanced heuristics

Copyright © 1998-2006 Product support |Send virus sample to F-Secure

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:36:31, on 17.11.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\CDBurnerXP\NMSAccessU.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Program Files\Logitech\Video\LogiTray.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Video\FxSvr2.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.apocalyptica.com/home/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\S-1-5-21-507921405-1844237615-682003330-1006\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - S-1-5-21-507921405-1844237615-682003330-1006 Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (User '?')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\EMILIA\Käynnistä-valikko\Ohjelmat\IMVU\Run IMVU.lnk (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} - http://lumonetti.fi/portaali/Virusskanneri/OLS3/fscax.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: NMSAccessU - Unknown owner - C:\Program Files\CDBurnerXP\NMSAccessU.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

--
End of file - 7115 bytes

tomato71 · Nov 17, 2007

Loki OK
vielä ongelmia ???
miten comodo toimii ?

jariotus · Nov 18, 2007

Hyvä

Comodo toimii hyvin, ei ongelmaa.
Mikähän se yksi outo nofile-juttu siinä mahtoi olla ?

Kiitoksia jälleen kerran ja hyvää joulunodotusaikaa !

tomato71 · Nov 18, 2007

jaa-a olisi mielenkiintoista tietää mikä se outo palvelu siinä oli
ei ainakaan f-secure löytäny mitään pahempaa

jariotus · Nov 19, 2007

Moi taas

missähäån mahtaa olla häikkää, kun omalla koneella tuo F-secure-skannaus ei onnisu. Vaikka asennan sen active_x komponentin, tulee ilmoitus kesken skannaus valmistelun : an error has occured...

tomato71 · Nov 20, 2007

tuo f-securen online skanni välillä pätkii..
kokeile tämä...

Skannaa koneesi Kaspersky Online Skannerilla
Käytä Internet Explorer
Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.

Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.

Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.

Klikkaa nyt asetuksia, Scan Settings

Tarkista asetuksista, että seuraavat ovat valittuina:

o Scan using the following Anti-Virus database:

+ Extended (Jos valittavissa, muuten valitse Standard)

o Scan Options:

+ Scan Archives
+ Scan Mail Bases

Klikkaa OK

Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer

Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.

Klikkaa nyt Save as Text-painiketta.

Tallenna tiedosto työpöydällesi.

Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.

Log in or Sign up

Hjt-logi, tyttären koneen siivous

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

Share This Page

Log in or Sign up

Hjt-logi, tyttären koneen siivous

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

jariotus Member

tomato71 Regular member

Share This Page

Useful Searches