HJT-loki, Selain takkuilee ja sivut eivät aukea.

kkiko · Dec 12, 2008

Jeps, eli mutsin koneella tuntuu aina kaikki tökkivän ja ylimääräsiä ohjelmia tuntuu olevan enemmän kun laki sallii. Nyt selain on alkanut takkuilla rankemman kerran ja sivuille ei meinaa päästä millään. Toivottavasti lokista löytyy jotain mikä voisi ratkaista vian.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:05:05, on 12.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\VistaDrive\VistaDrive.exe
F:\PROGRA~1\Grisoft\AVG7\avgcc.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
F:\WINDOWS\system32\LVCOMSX.EXE
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
F:\Program Files\Skype\Phone\Skype.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
F:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\PROGRA~1\Grisoft\AVG7\avgw.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Windows Live\Messenger\usnsvc.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VistaDrive] F:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] F:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')
O4 - Startup: OpenOffice.org 2.4.lnk = F:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://F:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 7513 bytes

Hujo · Dec 12, 2008

Lataa Lop S&D täältä

Tuplaklikkaa Lop S&D.exeä
Valitse Suomi kieleksi painamalla U ja Enter.
Tämän jälkeen valitse Optio 1 (Etsi) painamalla 1 ja Enter
Odota, kunnes tarkistus on valmis
Loki avautuu muistioon. Lähetä se seuraavassa viestissäsi. Se löytyy myös sijainnista C:\lopR.txt

================

mikäs xp:n vistan sekoitus sulla on

===============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi

===============

1.Lataa Combofix.exe työpöydällesi yhdestä linkistä:
Combofix1
Combofix2

2. Tuplaklikkaa Combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

=============

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

kkiko · Dec 13, 2008

Käyttiksestä ei oo tosiaan mitään hajua sen kummemmin ku mistään muustakaan kokoonpanosta, käymässä kun olen vain. Alko vain hitaus pistää vihaks!

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Professional ( v5.1.2600 ) Service Pack 2
X86-based PC ( Uniprocessor Free : AMD Athlon(tm) 64 Processor 3000+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Owner ( Administrator )
BOOT : Normal boot
Antivirus : AVG 7.5.552 7.5.552 (Activated)
C:\ (Local Disk) - NTFS - Total:87 Go (Free:71 Go)
D:\ (Local Disk) - NTFS - Total:88 Go (Free:85 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total:9 Go (Free:0 Go)
G:\ (CD or DVD)

"F:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( pe 12.12.2008|21:17 )

--------------------\\ Listaa hakemistoja sijainnissa APPLIC~1

[02.03.2008|20:26] F:\DOCUME~1\ALLUSE~1\APPLIC~1\abelhadigital.com
[05.10.2008|16:23] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple
[05.10.2008|16:24] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[03.03.2008|16:56] F:\DOCUME~1\ALLUSE~1\APPLIC~1\avg7
[05.03.2008|20:23] F:\DOCUME~1\ALLUSE~1\APPLIC~1\CanonBJ
[02.03.2008|20:24] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Grisoft
[02.05.2008|18:50] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Installations
[07.12.2008|20:31] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[02.05.2008|18:52] F:\DOCUME~1\ALLUSE~1\APPLIC~1\PC Suite
[24.08.2008|15:23] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Skype
[03.03.2008|04:17] F:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[26.04.2008|15:48] F:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller

[03.03.2008|04:15] F:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft

[02.03.2008|20:24] F:\DOCUME~1\LOCALS~1\APPLIC~1\AVG7
[03.03.2008|04:20] F:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft

[03.03.2008|04:19] F:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft

[02.03.2008|20:26] F:\DOCUME~1\Owner\APPLIC~1\abelhadigital.com
[02.03.2008|21:29] F:\DOCUME~1\Owner\APPLIC~1\Adobe
[05.10.2008|16:24] F:\DOCUME~1\Owner\APPLIC~1\Apple Computer
[02.03.2008|20:33] F:\DOCUME~1\Owner\APPLIC~1\ATI
[12.12.2008|13:35] F:\DOCUME~1\Owner\APPLIC~1\AVG7
[01.11.2008|10:28] F:\DOCUME~1\Owner\APPLIC~1\Identities
[24.08.2008|09:47] F:\DOCUME~1\Owner\APPLIC~1\Macromedia
[10.04.2008|17:35] F:\DOCUME~1\Owner\APPLIC~1\Media Player Classic
[05.05.2008|14:36] F:\DOCUME~1\Owner\APPLIC~1\Microsoft
[21.06.2008|21:50] F:\DOCUME~1\Owner\APPLIC~1\Mozilla
[02.05.2008|18:54] F:\DOCUME~1\Owner\APPLIC~1\Nokia
[02.05.2008|20:00] F:\DOCUME~1\Owner\APPLIC~1\Nokia Multimedia Player
[12.12.2008|21:03] F:\DOCUME~1\Owner\APPLIC~1\OpenOffice.org2
[02.05.2008|18:52] F:\DOCUME~1\Owner\APPLIC~1\PC Suite
[02.08.2008|20:44] F:\DOCUME~1\Owner\APPLIC~1\Real
[07.12.2008|20:56] F:\DOCUME~1\Owner\APPLIC~1\SecuROM
[12.12.2008|21:16] F:\DOCUME~1\Owner\APPLIC~1\Skype
[21.10.2008|20:35] F:\DOCUME~1\Owner\APPLIC~1\skypePM
[04.03.2008|04:30] F:\DOCUME~1\Owner\APPLIC~1\Sun
[08.08.2008|19:27] F:\DOCUME~1\Owner\APPLIC~1\Winamp

--------------------\\ Ajoitetut tehtävät sijaitsee F:\WINDOWS\Tasks

[10.12.2008 12:26][--a------] F:\WINDOWS\tasks\AppleSoftwareUpdate.job
[12.12.2008 19:00][--a------] F:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
[12.12.2008 21:02][--ah-----] F:\WINDOWS\tasks\SA.DAT
[12.08.2004 08:00][-r-h-----] F:\WINDOWS\tasks\desktop.ini

--------------------\\ Listaa hakemistoja sijainnissa F:\Program Files

[02.03.2008|20:26] F:\Program Files\abelhadigital.com
[10.04.2008|17:35] F:\Program Files\ACE Mega CoDecS Pack
[02.03.2008|20:26] F:\Program Files\Ahead
[05.10.2008|16:23] F:\Program Files\Apple Software Update
[02.03.2008|20:28] F:\Program Files\ATI Technologies
[05.10.2008|16:23] F:\Program Files\Bonjour
[05.03.2008|20:23] F:\Program Files\CanonBJ
[29.10.2008|17:01] F:\Program Files\CCleaner
[05.10.2008|16:23] F:\Program Files\Common Files
[02.05.2008|18:50] F:\Program Files\DIFX
[10.04.2008|17:38] F:\Program Files\ffdshow
[03.03.2008|04:12] F:\Program Files\Foxit
[03.05.2008|16:14] F:\Program Files\Google
[02.03.2008|20:24] F:\Program Files\Grisoft
[07.12.2008|21:02] F:\Program Files\InstallShield Installation Information
[11.12.2008|14:37] F:\Program Files\Internet Explorer
[05.10.2008|16:24] F:\Program Files\iPod
[05.10.2008|16:24] F:\Program Files\iTunes
[29.08.2008|12:07] F:\Program Files\Java
[21.09.2008|12:40] F:\Program Files\Logitech
[23.09.2008|06:07] F:\Program Files\Microsoft CAPICOM 2.1.0.2
[07.12.2008|20:31] F:\Program Files\Microsoft Games for Windows - LIVE
[10.03.2008|21:12] F:\Program Files\Microsoft Office
[26.04.2008|15:56] F:\Program Files\Microsoft SQL Server Compact Edition
[12.12.2008|21:07] F:\Program Files\Mozilla Firefox
[07.12.2008|19:52] F:\Program Files\MSBuild
[04.03.2008|06:26] F:\Program Files\MSXML 6.0
[02.05.2008|18:51] F:\Program Files\Nokia
[03.03.2008|04:12] F:\Program Files\NotePad++
[03.05.2008|15:16] F:\Program Files\OpenOffice.org 2.4
[04.03.2008|06:26] F:\Program Files\Outlook Express
[02.05.2008|18:50] F:\Program Files\PC Connectivity Solution
[03.05.2008|16:18] F:\Program Files\Picasa2
[05.10.2008|16:23] F:\Program Files\QuickTime Alternative
[10.04.2008|17:35] F:\Program Files\Real Alternative
[07.12.2008|19:50] F:\Program Files\Reference Assemblies
[30.08.2008|09:02] F:\Program Files\RevConnect
[05.10.2008|15:36] F:\Program Files\Skype
[12.12.2008|14:04] F:\Program Files\Trend Micro
[03.03.2008|04:20] F:\Program Files\Uninstall Information
[10.04.2008|17:35] F:\Program Files\VistaCodecPack
[07.12.2008|21:00] F:\Program Files\Winamp
[27.04.2008|11:29] F:\Program Files\Windows Live
[26.04.2008|15:57] F:\Program Files\Windows Live Favorites
[26.04.2008|15:57] F:\Program Files\Windows Live Toolbar
[03.03.2008|04:12] F:\Program Files\Windows Media Connect 2
[03.03.2008|04:15] F:\Program Files\Windows Media Player
[03.03.2008|04:12] F:\Program Files\Windows NT
[03.03.2008|04:14] F:\Program Files\WindowsUpdate
[03.03.2008|04:15] F:\Program Files\WinRAR

--------------------\\ Listaa hakemistoja sijainnissa F:\Program Files\Common Files

[02.03.2008|20:26] F:\Program Files\Common Files\Ahead
[05.10.2008|16:23] F:\Program Files\Common Files\Apple
[02.03.2008|20:28] F:\Program Files\Common Files\InstallShield
[04.03.2008|04:27] F:\Program Files\Common Files\Java
[21.09.2008|12:40] F:\Program Files\Common Files\Logitech
[26.04.2008|15:49] F:\Program Files\Common Files\Microsoft Shared
[03.03.2008|04:13] F:\Program Files\Common Files\MSSoap
[02.05.2008|18:51] F:\Program Files\Common Files\Nokia
[02.03.2008|22:08] F:\Program Files\Common Files\ODBC
[02.05.2008|18:51] F:\Program Files\Common Files\PCSuite
[03.03.2008|04:14] F:\Program Files\Common Files\Services
[24.08.2008|15:23] F:\Program Files\Common Files\Skype
[04.03.2008|06:26] F:\Program Files\Common Files\System
[26.04.2008|15:49] F:\Program Files\Common Files\WindowsLiveInstaller

--------------------\\ Process

( 48 Processes )

... OK !

--------------------\\ Etsii S_Lopilla

Lopin kansioita ei löytynyt !

--------------------\\ Etsii Lopin tiedostoja ja kansioita

F:\DOCUME~1\Owner\LOCALS~1\Temp\nsa138.tmp
F:\DOCUME~1\Owner\LOCALS~1\Temp\nsd1D2.tmp
F:\DOCUME~1\Owner\LOCALS~1\Temp\nseFE.tmp
F:\DOCUME~1\Owner\LOCALS~1\Temp\nsh15.tmp
F:\DOCUME~1\Owner\LOCALS~1\Temp\nst2D.tmp
F:\DOCUME~1\Owner\LOCALS~1\Temp\nsx1D5.tmp

--------------------\\ Etsii rekisterikohteita

..... OK !

--------------------\\ Tarkistaa Hosts-tiedostoa

Hosts-tiedosto PUHDAS

--------------------\\ Tarkistaa Catchmella onko piilotettuja tiedostoja

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-12 21:17:57
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Tarkistaa muita infektioita

Muita infektiota ei löytynyt !

[F:351][D:16]-> F:\DOCUME~1\Owner\LOCALS~1\Temp
[F:16][D:0]-> F:\DOCUME~1\Owner\Cookies
[F:2383][D:5]-> F:\DOCUME~1\Owner\LOCALS~1\TEMPOR~1\content.IE5

1 - "F:\Lop SD\LopR_1.txt" - pe 12.12.2008|21:18 - Option : [1]

--------------------\\ Tarkistus valmistui 21:18:33

Malwarebytes' Anti-Malware 1.31
Tietokantaversio: 1497
Windows 5.1.2600 Service Pack 2

13.12.2008 18:07:02
mbam-log-2008-12-13 (18-07-02).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|F:\|)
Tarkistetut kohteet: 94623
Kulunut aika: 22 minute(s), 21 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 0
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 0

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
(Haitallisia kohteita ei löydetty)

ComboFix 08-12-12.05 - Owner 2008-12-13 18:10:12.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.2047.1349 [GMT 2:00]
Running from: f:\documents and settings\Owner\Desktop\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-11-13 to 2008-12-13 )))))))))))))))))))))))))))))))
.

2008-12-13 17:43 . 2008-12-13 17:43 <DIR> d-------- f:\documents and settings\Owner\Application Data\Malwarebytes
2008-12-13 17:43 . 2008-12-13 17:43 <DIR> d-------- f:\documents and settings\All Users\Application Data\Malwarebytes
2008-12-13 17:43 . 2008-12-03 19:52 38,496 --a------ f:\windows\system32\drivers\mbamswissarmy.sys
2008-12-13 17:43 . 2008-12-03 19:52 15,504 --a------ f:\windows\system32\drivers\mbam.sys
2008-12-12 21:16 . 2008-12-12 21:18 <DIR> d-------- F:\Lop SD
2008-12-12 14:04 . 2008-12-12 14:04 <DIR> d-------- f:\program files\Trend Micro
2008-12-11 14:36 . 2008-12-11 14:38 1,393 --a------ f:\windows\imsins.BAK
2008-12-10 11:28 . 2008-10-03 12:15 247,326 --------- f:\windows\system32\dllcache\strmdll.dll
2008-12-07 20:56 . 2008-12-07 20:56 <DIR> dr-h----- f:\documents and settings\Owner\Application Data\SecuROM
2008-12-07 20:31 . 2008-12-07 20:31 <DIR> d-------- f:\windows\system32\xlive
2008-12-07 20:31 . 2008-12-07 20:31 <DIR> d-------- f:\program files\Microsoft Games for Windows - LIVE
2008-12-07 20:31 . 2008-03-05 15:56 3,786,760 --a------ f:\windows\system32\D3DX9_37.dll
2008-12-07 20:31 . 2008-03-05 15:56 1,420,824 --a------ f:\windows\system32\D3DCompiler_37.dll
2008-12-07 20:31 . 2008-02-05 23:07 462,864 --a------ f:\windows\system32\d3dx10_37.dll
2008-12-07 19:52 . 2008-12-07 19:52 <DIR> d-------- f:\program files\MSBuild
2008-12-07 19:50 . 2008-12-07 19:50 <DIR> d-------- f:\windows\system32\XPSViewer
2008-12-07 19:50 . 2008-12-07 19:50 <DIR> d-------- f:\program files\Reference Assemblies
2008-12-07 19:50 . 2006-06-29 13:07 14,048 --------- f:\windows\system32\spmsg2.dll
2008-11-13 18:31 . 2008-11-13 18:31 426 --a------ f:\windows\Disney.ini
2008-11-13 18:30 . 1998-07-30 18:36 303,616 --a------ f:\windows\IsUn040b.exe
2008-11-13 18:26 . 2008-11-13 18:26 <DIR> d-------- F:\EK
2008-11-13 18:26 . 1995-12-19 03:01 94,720 --a------ f:\windows\system32\SH30W32.DLL
2008-11-13 18:26 . 1995-12-03 05:01 44,544 --a------ f:\windows\system32\SH30W16.DLL
2008-11-13 18:26 . 1996-02-23 05:44 42,160 --a------ f:\windows\system32\mbjrf.ttf
2008-11-13 18:26 . 1993-11-19 02:00 30,544 --a------ f:\windows\system32\DIB.DRV
2008-11-13 18:26 . 2008-11-13 18:26 288 --a------ f:\windows\mbjr.ini
2008-11-13 18:21 . 1994-09-21 02:00 12,800 --a------ f:\windows\system32\WING32.DLL
2008-11-13 18:20 . 2008-11-13 18:20 <DIR> d-------- f:\documents and settings\Owner\WINDOWS
2008-11-13 18:20 . 1996-11-06 12:03 300,032 --a------ f:\windows\uninst.exe
2008-11-13 18:20 . 2008-11-13 18:21 159 --a------ f:\windows\KA.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-13 15:42 --------- d-----w f:\documents and settings\Owner\Application Data\Skype
2008-12-13 15:42 --------- d-----w f:\documents and settings\Owner\Application Data\OpenOffice.org2
2008-12-13 10:22 --------- d-----w f:\documents and settings\Owner\Application Data\AVG7
2008-12-07 19:02 --------- d--h--w f:\program files\InstallShield Installation Information
2008-12-07 19:00 --------- d-----w f:\program files\Winamp
2008-10-29 15:01 --------- d-----w f:\program files\CCleaner
2008-10-24 11:25 455,936 ----a-w f:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:25 455,936 ------w f:\windows\system32\dllcache\mrxsmb.sys
2008-10-23 12:51 284,160 ----a-w f:\windows\system32\gdi32.dll
2008-10-23 12:51 284,160 ------w f:\windows\system32\dllcache\gdi32.dll
2008-10-22 03:29 14,303,392 ----a-w f:\windows\system32\xlive.dll
2008-10-22 03:29 13,643,936 ----a-w f:\windows\system32\xlivefnt.dll
2008-10-21 18:35 --------- d-----w f:\documents and settings\Owner\Application Data\skypePM
2008-10-17 00:08 3,593,216 ------w f:\windows\system32\dllcache\mshtml.dll
2008-10-16 13:11 70,656 ------w f:\windows\system32\dllcache\ie4uinit.exe
2008-10-16 13:11 13,824 ------w f:\windows\system32\dllcache\ieudinit.exe
2008-10-16 12:13 202,776 ----a-w f:\windows\system32\wuweb.dll
2008-10-16 12:13 1,809,944 ----a-w f:\windows\system32\wuaueng.dll
2008-10-16 12:12 561,688 ----a-w f:\windows\system32\wuapi.dll
2008-10-16 12:12 323,608 ----a-w f:\windows\system32\wucltui.dll
2008-10-16 12:09 92,696 ----a-w f:\windows\system32\cdm.dll
2008-10-16 12:09 51,224 ----a-w f:\windows\system32\wuauclt.exe
2008-10-16 12:09 43,544 ----a-w f:\windows\system32\wups2.dll
2008-10-16 12:08 34,328 ----a-w f:\windows\system32\wups.dll
2008-10-16 12:06 268,648 ----a-w f:\windows\system32\mucltui.dll
2008-10-16 12:06 208,744 ----a-w f:\windows\system32\muweb.dll
2008-10-15 16:53 339,456 ------w f:\windows\system32\dllcache\netapi32.dll
2008-10-15 07:06 633,632 ------w f:\windows\system32\dllcache\iexplore.exe
2008-10-15 07:04 161,792 ------w f:\windows\system32\dllcache\ieakui.dll
2008-10-03 10:15 247,326 ----a-w f:\windows\system32\strmdll.dll
2008-09-30 14:43 1,286,152 ----a-w f:\windows\system32\msxml4.dll
2008-09-15 12:17 1,846,912 ----a-w f:\windows\system32\win32k.sys
2008-09-15 12:17 1,846,912 ------w f:\windows\system32\dllcache\win32k.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="f:\windows\system32\ctfmon.exe" [2004-08-12 15360]
"MsnMsgr"="f:\program files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"PC Suite Tray"="f:\program files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-04-16 1079808]
"Skype"="f:\program files\Skype\Phone\Skype.exe" [2008-08-11 21741864]
"LogitechSoftwareUpdate"="f:\program files\Logitech\Video\ManifestEngine.exe" [2005-06-08 196608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VistaDrive"="f:\windows\VistaDrive\VistaDrive.exe" [2006-10-06 280779]
"AVG7_CC"="f:\progra~1\Grisoft\AVG7\avgcc.exe" [2008-10-17 590848]
"NeroFilterCheck"="f:\windows\system32\NeroCheck.exe" [2001-07-09 155648]
"ATICCC"="f:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-03 45056]
"SunJavaUpdateSched"="f:\program files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 144784]
"LVCOMSX"="f:\windows\system32\LVCOMSX.EXE" [2005-07-19 221184]
"LogitechVideoRepair"="f:\program files\Logitech\Video\ISStart.exe" [2005-06-08 458752]
"LogitechVideoTray"="f:\program files\Logitech\Video\LogiTray.exe" [2005-06-08 217088]
"AppleSyncNotifier"="f:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-10 116040]
"QuickTime Task"="f:\program files\QuickTime Alternative\QTTask.exe" [2008-05-27 413696]
"iTunesHelper"="f:\program files\iTunes\iTunesHelper.exe" [2008-07-10 289064]

f:\documents and settings\Owner\Start Menu\Programs\Startup\
OpenOffice.org 2.4.lnk - f:\program files\OpenOffice.org 2.4\program\quickstart.exe [2008-03-16 393216]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"ForceClassicControlPanel"= 1 (0x1)
"NoSMConfigurePrograms"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.divxa32"= divxa32.acm

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"f:\\Program Files\\Grisoft\\AVG7\\avginet.exe"=
"f:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"=
"f:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"=
"f:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"f:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"f:\\Program Files\\RevConnect\\DCPlusPlus.exe"=
"f:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"f:\\Program Files\\iTunes\\iTunes.exe"=
"f:\\Program Files\\Skype\\Phone\\Skype.exe"=

*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-12-10 f:\windows\Tasks\AppleSoftwareUpdate.job
- f:\program files\Apple Software Update\SoftwareUpdate.exe [2008-04-11 16:57]

2008-12-13 f:\windows\Tasks\Check Updates for Windows Live Toolbar.job
- f:\program files\Windows Live Toolbar\MSNTBUP.EXE [2007-10-19 10:20]
.
.
------- Supplementary Scan -------
.
uInternet Settings,ProxyOverride = *.local
IE: &Windows Live Search - f:\program files\Windows Live Toolbar\msntb.dll/search.htm
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
FF - ProfilePath - f:\documents and settings\Owner\Application Data\Mozilla\Firefox\Profiles\2mygnf3v.default\
FF - prefs.js: browser.search.defaulturl - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampie7&query=
FF - prefs.js: browser.search.selectedEngine - Google
FF - prefs.js: keyword.URL - hxxp://slirsredirect.search.aol.com/slirs_http/sredir?sredir=2685&invocationType=tb50ffwinampab&query=
FF - plugin: f:\program files\iTunes\Mozilla Plugins\npitunes.dll
FF - plugin: f:\program files\VistaCodecPack\rm\browser\plugins\nppl3260.dll
FF - plugin: f:\program files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 18:10:55
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(760)
f:\windows\system32\Ati2evxx.dll
.
Completion time: 2008-12-13 18:11:31
ComboFix-quarantined-files.txt 2008-12-13 16:11:19

Pre-Run: 1 348 677 632 bytes free
Post-Run: 1,424,482,304 bytes free

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
f:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect

168 --- E O F --- 2008-12-11 20:33:02

SDFix: Version 1.240
Run by Owner on la 13.12.2008 at 18:16

Microsoft Windows XP [Version 5.1.2600]
Running From: F:\Documents and Settings\Owner\Desktop\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Removing Temp Files

ADS Check :

Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-13 18:19:24
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

Remaining Services :

Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"F:\\Program Files\\Grisoft\\AVG7\\avginet.exe"="F:\\Program Files\\Grisoft\\AVG7\\avginet.exe:*:Enabled:avginet.exe"
"F:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe"="F:\\Program Files\\Grisoft\\AVG7\\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"F:\\Program Files\\Grisoft\\AVG7\\avgcc.exe"="F:\\Program Files\\Grisoft\\AVG7\\avgcc.exe:*:Enabled:avgcc.exe"
"F:\\Program Files\\Grisoft\\AVG7\\avgemc.exe"="F:\\Program Files\\Grisoft\\AVG7\\avgemc.exe:*:Enabled:avgemc.exe"
"F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"F:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="F:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"F:\\Program Files\\RevConnect\\DCPlusPlus.exe"="F:\\Program Files\\RevConnect\\DCPlusPlus.exe:*:EnabledC++"
"F:\\Program Files\\Bonjour\\mDNSResponder.exe"="F:\\Program Files\\Bonjour\\mDNSResponder.exe:*:Enabled:Bonjour"
"F:\\Program Files\\iTunes\\iTunes.exe"="F:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"F:\\Program Files\\Skype\\Phone\\Skype.exe"="F:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019"
"F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"="F:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"F:\\Program Files\\Windows Live\\Messenger\\livecall.exe"="F:\\Program Files\\Windows Live\\Messenger\\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

Remaining Files :

Files with Hidden Attributes :

Sat 3 May 2008 6,104,632 A..H. --- "F:\Program Files\Picasa2\setup.exe"
Sun 7 Dec 2008 1,977 ...HR --- "F:\Documents and Settings\Owner\Application Data\SecuROM\UserData\securom_v7_01.bak"

Finished!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:22:23, on 13.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\wuauclt.exe
F:\WINDOWS\VistaDrive\VistaDrive.exe
F:\PROGRA~1\Grisoft\AVG7\avgcc.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
F:\WINDOWS\system32\LVCOMSX.EXE
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
F:\Program Files\Skype\Phone\Skype.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.exe
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
F:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [VistaDrive] F:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: OpenOffice.org 2.4.lnk = F:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://F:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6887 bytes

Hujo · Dec 13, 2008

Lataa JavaRa ja pura se työpöydällesi.

***Sulje kaikki päällä olevat Internet Explorerin ikkunat ennen jatkamista!***

* Tuplaklikkaa JavaRa.exeä käynnistääksesi ohjelma.
* Valitse English pudotusvalikosta valitaksesi kieleksi englannin ja klikkaa Select.
* Klikkaa Remove Older Versions poistaaksesi vanhat Java-versiot koneeltasi.
* Klikkaa Yes kun pyydetään. Kun JavaRa on valmis, se ilmoittaa, että lokitiedosto on luotu. Klikkaa OK.
* Lokitiedosto avautuu. Lähetä sen sisältö seuraavassa viestissäsi.
4. Asenna uusin Java päivitys seuraavasta linkistä..

Lataa täältä uusi java

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6 Update 11
Paina Download
Laita Platform -kohtaan Windows
Ruksaa I agree to the Java SE Runtime Environment 6 License Agreement ja paina Continue
Paina Windows Offline Installationin alapuolella jre-6u4-windows-i586-p.exe

Tallenna tiedosto vaikka työpöydälle ja asenna se.

5. Käynnistä kone uudelleen asennuksen jälkeen.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General-välilehdellä klikkaa Settings. Vedä liukusäädintä (Disk Space) pienemmälle.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Klikkaa Delete Files -nappia. Varmista että kaikki kaksi valintaa ovat rastitettuja:
* Applications and Applets
* Trace and Log Files

Ja paina OK -nappia
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Välilehti Update: ota ruksi pois kohdasta Check for Updates automatically
Valitse Never check
11. Klikkaa Apply ja OK jättääksesi Java asetusikkunasi.

================

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [VistaDrive] F:\WINDOWS\VistaDrive\VistaDrive.exe
O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime Alternative\QTTask.exe" -atboottime

================

Poista vikasiedossa

F:\WINDOWS\VistaDrive

kkiko · Dec 13, 2008

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Sat Dec 13 19:51:09 2008

Found and removed: F:\Program Files\Java\jre1.6.0_03

Found and removed: F:\Program Files\Java\jre1.6.0_05

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\Classes\JavaPlugin.160_05

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_05

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610005

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160050}

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\JavaPlugin.160_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_05

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_05

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_05

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

------------------------------------

Finished reporting.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:49:55, on 13.12.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\System32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\Ati2evxx.exe
F:\WINDOWS\Explorer.EXE
F:\WINDOWS\system32\spoolsv.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files\Java\jre6\bin\jqs.exe
F:\WINDOWS\system32\svchost.exe
F:\PROGRA~1\Grisoft\AVG7\avgcc.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\Java\jre6\bin\jusched.exe
F:\WINDOWS\system32\LVCOMSX.EXE
F:\Program Files\Logitech\Video\LogiTray.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\WINDOWS\system32\ctfmon.exe
F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
F:\Program Files\Skype\Phone\Skype.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.exe
F:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
F:\Program Files\PC Connectivity Solution\ServiceLayer.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Program Files\Logitech\Video\FxSvr2.exe
F:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
F:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\Program Files\ATI Technologies\ATI.ACE\cli.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\WINDOWS\system32\wuauclt.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - F:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - F:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - F:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - F:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [AVG7_CC] F:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [ATICCC] "F:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMSX] F:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "F:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Skype] "F:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot
O4 - Startup: OpenOffice.org 2.4.lnk = F:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O8 - Extra context menu item: &Windows Live Search - res://F:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - F:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - F:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - F:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bonjour-palvelu (Bonjour Service) - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - F:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - F:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: ServiceLayer - Nokia. - F:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6701 bytes

Hujo · Dec 13, 2008

Lataa Tästä Ccleaner
CCleaner v 2.14.750.- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaneri.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaneri tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaneri poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

=================

Mikäs on koneen toiminta

kkiko · Dec 13, 2008

Jees, koneen toiminta on muuten ehkä hieman vikkelämpi, mutta selaimen käyttö on edelleen TODELLA hidasta. Sivut aukeavat usean päivityksen jälkeen hitaasti tai jäävät vaijaiksi. Jatkuvaa "Yhteyden aikakatkaisua" ei meinaa jaksaa enää. Esimerkiksi youtubeen on ihan turha yrittää päästä, selain jähmettyy kokonaan viimeistään videon lataus vaiheessa. Tiedostojen latauksessa ei ole mitään ongelmaa, kunhan pääsee sivulle saakka ja siirtonopeudet ovat hyvät.

Hujo · Dec 13, 2008

Käynnistä > suorita kirjoita msconfig > ok
Käynnistys välilehti

Ota alla olevien edestä ruksi pois

jusched
ISStart
LogiTray
AppleSyncNotifier
PCSuite
ManifestEngine

käytä ja ok
Käynnistä kone uudelleen ja laita pikkuseen neliöön ruksi ja paina sitten vasta ok

kkiko · Dec 14, 2008

Herjaa. "Windows cant find 'msconfig'..." ?

Hujo · Dec 14, 2008

scannaa hjt:llä merkkaaa paina Fix checked

O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] F:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] F:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [AppleSyncNotifier] F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "F:\Program Files\Logitech\Video\ManifestEngine.exe" boot

=============

Sitten vain googlettaan " Windows cant find msconfig "
ja hajet tuohon korjausohjeen.

Log in or Sign up

HJT-loki, Selain takkuilee ja sivut eivät aukea.

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

Share This Page

Log in or Sign up

HJT-loki, Selain takkuilee ja sivut eivät aukea.

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

kkiko Regular member

Hujo Guest

Share This Page

Useful Searches