selain availee sivuja itekseen ,apuja kaivataan ...

painaja · Nov 5, 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:56:22, on 5.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Trust mouse utility\1.0\mouse32a.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lumonetti.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [itch remote] C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1\PokePeak.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1210936874062
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6196 bytes

yaht · Nov 5, 2008

Lataa Malwarebytes' Anti-Malware työpöydällesi.

* Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
* Lopuksi varmistu, että seuraavat on valittu: Päivitä Malwarebytes' Anti-Malware ja Käynnistä Malwarebytes' Anti-Malware ja sen jälkeen klikkaa Lopeta.
* Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
* Kun ohjelma on latautunut, valitse Suorita täysi tarkistus ja klikkaa Tarkista.
* Kun skanni on valmis, klikkaa OK ja sitten Näytä tulokset nähdäksesi tulokset.
* Varmistu, että kaikki on merkitty ja klikkaa Poista valitut.
* Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki löytyy myös
täältä: C:\Documents and Settings\Käyttäjänimi\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
* Lähetä lokin sisältö seuraavassa viestissäsi + uusi hjt-loki.

painaja · Nov 6, 2008

jotain törkyä sieltä vielä löytyi isot kiitokset jo etukäteen
upeaa toimintaa....

Malwarebytes' Anti-Malware 1.30
Tietokantaversio: 1368
Windows 5.1.2600 Service Pack 3

6.11.2008 7:18:36
mbam-log-2008-11-06 (07-18-36).txt

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|F:\|G:\|)
Tarkistetut kohteet: 124158
Kulunut aika: 54 minute(s), 26 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 1
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 0
Saastuneita tiedostoja: 3

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_CURRENT_USER\SOFTWARE\WakeNet (Trojan.Adware) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
(Haitallisia kohteita ei löydetty)

Saastuneita tiedostoja:
F:\Jako 2\Ohjelmat\bs player\BS.Player.Pro.v2.0.Multilingual.Incl.Keymake\CORE10k.EXE (Trojan.Agent) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{F2F6AF78-4307-4ADA-8680-5EC38F1AC486}\RP124\A0022681.exe (Rogue.Installer) -> Quarantined and deleted successfully.
F:\System Volume Information\_restore{F2F6AF78-4307-4ADA-8680-5EC38F1AC486}\RP127\A0022969.exe (Rogue.Installer) -> Quarantined and deleted successfully.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:19:27, on 6.11.2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lumonetti.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SW20] C:\WINDOWS\system32\sw20.exe
O4 - HKLM\..\Run: [SW24] C:\WINDOWS\system32\sw24.exe
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [itch remote] C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1\PokePeak.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1210936874062
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6048 bytes

painaja · Nov 7, 2008

tuo edellinen ei ainakaan poistanu selain-ongelmaa.....

yaht · Nov 7, 2008

Jeps sitten jatketaan.

On suositeltavaa ottaa virustorjunnan reaaliaikainen tarkistus pois päältä ettei se häiritse Lop S&D:n toimintaa; voit laittaa sen takaisin päälle tarkistuksen jälkeen

Lataa Lop S&D täältä

Tuplaklikkaa Lop S&D.exeä
Valitse Suomi kieleksi painamalla U ja Enter.
Tämän jälkeen valitse Optio 1 (Etsi) painamalla 1 ja Enter
Odota, kunnes tarkistus on valmis
Loki avautuu muistioon. Lähetä se seuraavassa viestissäsi. Se löytyy myös sijainnista C:\lopR.txt

painaja · Nov 7, 2008

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3100+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Hartza ( Administrator )
BOOT : Normal boot
Antivirus : dna Nettiturva 7.03 7.03 (Not Activated)
Firewall : dna Nettiturva 7.03 7.03 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:34 Go (Free:26 Go)
D:\ (Local Disk) - NTFS - Total:263 Go (Free:263 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total:232 Go (Free:93 Go)
G:\ (Local Disk) - NTFS - Total:298 Go (Free:53 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [1] ( pe 07.11.2008|16:39 )

--------------------\\ Listaa hakemistoja sijainnissa APPLIC~1

[18.05.2008|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20.10.2008|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16.05.2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[16.05.2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[30.10.2008|18:25] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
[03.11.2008|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06.11.2008|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30.10.2008|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04.11.2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03.11.2008|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16.05.2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16.05.2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[0|tiedosto(a)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\tavua
[14|kansio(ta)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\tavua vapaana

[16.05.2008|12:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\tavua vapaana

[20.05.2008|09:44] C:\DOCUME~1\Hartza\APPLIC~1\Adobe
[19.05.2008|09:59] C:\DOCUME~1\Hartza\APPLIC~1\Ahead
[31.10.2008|15:46] C:\DOCUME~1\Hartza\APPLIC~1\F-Secure
[28.06.2008|18:40] C:\DOCUME~1\Hartza\APPLIC~1\Google
[16.05.2008|14:55] C:\DOCUME~1\Hartza\APPLIC~1\Identities
[18.05.2008|10:04] C:\DOCUME~1\Hartza\APPLIC~1\Macromedia
[06.11.2008|05:52] C:\DOCUME~1\Hartza\APPLIC~1\Malwarebytes
[29.09.2008|17:48] C:\DOCUME~1\Hartza\APPLIC~1\Microsoft
[17.05.2008|18:30] C:\DOCUME~1\Hartza\APPLIC~1\Mozilla
[30.10.2008|18:25] C:\DOCUME~1\Hartza\APPLIC~1\phone 16 ping
[17.05.2008|17:27] C:\DOCUME~1\Hartza\APPLIC~1\Samsung
[04.06.2008|05:48] C:\DOCUME~1\Hartza\APPLIC~1\Sun
[19.05.2008|10:17] C:\DOCUME~1\Hartza\APPLIC~1\Template
[0|tiedosto(a)] C:\DOCUME~1\Hartza\APPLIC~1\tavua
[15|kansio(ta)] C:\DOCUME~1\Hartza\APPLIC~1\tavua vapaana

[16.05.2008|12:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\LOCALS~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\LOCALS~1\APPLIC~1\tavua vapaana

[31.10.2008|15:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\NETWOR~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\NETWOR~1\APPLIC~1\tavua vapaana

--------------------\\ Ajoitetut tehtävät sijaitsee C:\WINDOWS\Tasks

[07.11.2008 14:28][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[07.11.2008 16:00][--ah-----] C:\WINDOWS\tasks\AF9DB831931E2911.job
[07.11.2008 14:25][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[07.11.2008 14:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
[15.09.2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

( AF9DB831931E2911.job )=( c:\docume~1\hartza\applic~1\phone1~1\Regstonsbody.exe )

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files

[18.05.2008|11:16] C:\Program Files\AC3Filter
[05.07.2008|07:46] C:\Program Files\Adobe
[16.05.2008|13:13] C:\Program Files\Agilent-HP
[05.11.2008|11:50] C:\Program Files\CCleaner
[03.11.2008|11:41] C:\Program Files\Common Files
[16.05.2008|12:56] C:\Program Files\ComPlus Applications
[02.11.2008|19:46] C:\Program Files\DC++
[21.10.2008|14:01] C:\Program Files\dna Nettiturva
[30.10.2008|18:28] C:\Program Files\ffdshow
[28.06.2008|18:40] C:\Program Files\Google
[16.05.2008|13:13] C:\Program Files\Hewlett-Packard
[16.05.2008|13:13] C:\Program Files\HP
[17.05.2008|17:17] C:\Program Files\InstallShield Installation Information
[16.10.2008|23:14] C:\Program Files\Internet Explorer
[17.07.2008|12:32] C:\Program Files\Java
[03.11.2008|11:42] C:\Program Files\Lavasoft
[06.11.2008|05:52] C:\Program Files\Malwarebytes' Anti-Malware
[15.08.2008|22:57] C:\Program Files\Messenger
[16.05.2008|12:58] C:\Program Files\microsoft frontpage
[19.05.2008|09:11] C:\Program Files\Microsoft Office
[10.09.2008|07:41] C:\Program Files\Microsoft Works
[16.05.2008|14:31] C:\Program Files\Movie Maker
[24.05.2008|14:00] C:\Program Files\Mozilla Firefox
[16.05.2008|12:55] C:\Program Files\MSN Gaming Zone
[04.07.2008|19:57] C:\Program Files\MSXML 4.0
[19.05.2008|09:55] C:\Program Files\Nero
[16.05.2008|14:30] C:\Program Files\NetMeeting
[20.10.2008|08:53] C:\Program Files\OLYMPUS
[16.05.2008|12:57] C:\Program Files\Online Services
[16.05.2008|14:30] C:\Program Files\Outlook Express
[20.10.2008|08:54] C:\Program Files\QuickTime
[17.05.2008|17:17] C:\Program Files\Samsung
[04.11.2008|12:24] C:\Program Files\Spybot - Search & Destroy
[05.11.2008|12:55] C:\Program Files\Trend Micro
[17.05.2008|11:46] C:\Program Files\Trust mouse utility
[16.05.2008|13:02] C:\Program Files\Uninstall Information
[18.05.2008|11:06] C:\Program Files\Webteh
[30.10.2008|18:25] C:\Program Files\Windows Defender
[16.05.2008|18:06] C:\Program Files\Windows Live
[17.05.2008|09:31] C:\Program Files\Windows Media Connect 2
[17.05.2008|09:31] C:\Program Files\Windows Media Player
[16.05.2008|14:30] C:\Program Files\Windows NT
[16.05.2008|12:57] C:\Program Files\WindowsUpdate
[18.05.2008|09:30] C:\Program Files\WinRAR
[16.05.2008|12:58] C:\Program Files\xerox
[18.05.2008|11:14] C:\Program Files\Xvid
[0|tiedosto(a)] C:\Program Files\tavua
[48|kansio(ta)] C:\Program Files\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files\Common Files

[18.05.2008|09:12] C:\Program Files\Common Files\Adobe
[19.05.2008|10:00] C:\Program Files\Common Files\Ahead
[16.05.2008|13:18] C:\Program Files\Common Files\InstallShield
[04.06.2008|05:46] C:\Program Files\Common Files\Java
[20.10.2008|08:52] C:\Program Files\Common Files\Microsoft Shared
[16.05.2008|12:57] C:\Program Files\Common Files\MSSoap
[16.05.2008|15:50] C:\Program Files\Common Files\ODBC
[16.05.2008|12:57] C:\Program Files\Common Files\Services
[16.05.2008|15:50] C:\Program Files\Common Files\SpeechEngines
[16.05.2008|14:30] C:\Program Files\Common Files\System
[16.05.2008|18:06] C:\Program Files\Common Files\WindowsLiveInstaller
[03.11.2008|11:41] C:\Program Files\Common Files\Wise Installation Wizard
[0|tiedosto(a)] C:\Program Files\Common Files\tavua
[14|kansio(ta)] C:\Program Files\Common Files\tavua vapaana

--------------------\\ Process

( 46 Processes )

IEXPLORE.EXE ~ [PID:132]
IEXPLORE.EXE ~ [PID:284]
IEXPLORE.EXE ~ [PID:3480]

--------------------\\ Etsii S_Lopilla

C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1
C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1\hmrsjfwp.exe
C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1\PokePeak.exe
C:\DOCUME~1\Hartza\APPLIC~1\PHONE1~1\Regs tons body.exe

--------------------\\ Etsii Lopin tiedostoja ja kansioita

C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3\coal test.exe
C:\DOCUME~1\Hartza\APPLIC~1\phone1~1
C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\hmrsjfwp.exe
C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\PokePeak.exe
C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\Regs tons body.exe
C:\WINDOWS\Tasks\AF9DB831931E2911.job

--------------------\\ Etsii rekisterikohteita

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\seek mapi each]
"DisplayName"="CiD Help"
"UninstallString"="C:\\DOCUME~1\\Hartza\\APPLIC~1\\PHONE1~1\\PokePeak.exe -uninstall"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"itch remote"="C:\\DOCUME~1\\Hartza\\APPLIC~1\\PHONE1~1\\PokePeak.exe"
"itch remote"="C:\\DOCUME~1\\Hartza\\APPLIC~1\\PHONE1~1\\PokePeak.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

--------------------\\ Tarkistaa Hosts-tiedostoa

Hosts-tiedosto PUHDAS

--------------------\\ Tarkistaa Catchmella onko piilotettuja tiedostoja

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 16:40:24
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Tarkistaa muita infektioita

Muita infektiota ei löytynyt !

[F:6][D:1]-> C:\DOCUME~1\Hartza\LOCALS~1\Temp
[F:69][D:0]-> C:\DOCUME~1\Hartza\Cookies
[F:1397][D:5]-> C:\DOCUME~1\Hartza\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - pe 07.11.2008|16:41 - Option : [1]

--------------------\\ Tarkistus valmistui 16:41:00

yaht · Nov 7, 2008

Käynnistä Lop S&D

Valitse Optio 3 (Korjaa - Hosts) painamalla 3 ja Enter
ÄLÄ sulje ikkunaa korjauksen aikana!
Loki avautuu muistioon. Lähetä se seuraavassa viestissäsi. Se löytyy myös sijainnista C:\lopR.txt

painaja · Nov 7, 2008

--------------------\\ Lop S&D 4.2.4-9c XP/Vista

Microsoft Windows XP Home Edition ( v5.1.2600 ) Service Pack 3
X86-based PC ( Uniprocessor Free : AMD Sempron(tm) Processor 3100+ )
BIOS : Phoenix - AwardBIOS v6.00PG
USER : Hartza ( Administrator )
BOOT : Normal boot
Antivirus : dna Nettiturva 7.03 7.03 (Not Activated)
Firewall : dna Nettiturva 7.03 7.03 (Activated)
A:\ (USB)
C:\ (Local Disk) - NTFS - Total:34 Go (Free:26 Go)
D:\ (Local Disk) - NTFS - Total:263 Go (Free:263 Go)
E:\ (CD or DVD)
F:\ (Local Disk) - NTFS - Total:232 Go (Free:93 Go)
G:\ (Local Disk) - NTFS - Total:298 Go (Free:53 Go)

"C:\Lop SD" ( MAJ : 01-11-2008|16:30 )
Option : [3] ( pe 07.11.2008|17:09 )

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ Korjaa

Poistettu! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3\coal test.exe
Poistettu! - C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\hmrsjfwp.exe
Poistettu! - C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\PokePeak.exe
Poistettu! - C:\DOCUME~1\Hartza\APPLIC~1\phone1~1\Regs tons body.exe
Poistettu! - C:\WINDOWS\Tasks\AF9DB831931E2911.job
Poistettu! - C:\DOCUME~1\ALLUSE~1\APPLIC~1\Jump Poll Poke Mp3
Poistettu! - C:\DOCUME~1\Hartza\APPLIC~1\phone1~1

\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\

--------------------\\ Listaa hakemistoja sijainnissa APPLIC~1

[18.05.2008|09:13] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe
[20.10.2008|08:54] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
[16.05.2008|14:48] C:\DOCUME~1\ALLUSE~1\APPLIC~1\F-Secure
[16.05.2008|14:47] C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
[03.11.2008|11:43] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Lavasoft
[06.11.2008|05:52] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Malwarebytes
[30.10.2008|17:49] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft
[04.11.2008|12:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
[03.11.2008|11:31] C:\DOCUME~1\ALLUSE~1\APPLIC~1\TEMP
[16.05.2008|13:24] C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
[16.05.2008|18:02] C:\DOCUME~1\ALLUSE~1\APPLIC~1\WLInstaller
[0|tiedosto(a)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\tavua
[13|kansio(ta)] C:\DOCUME~1\ALLUSE~1\APPLIC~1\tavua vapaana

[16.05.2008|12:58] C:\DOCUME~1\DEFAUL~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\DEFAUL~1\APPLIC~1\tavua vapaana

[20.05.2008|09:44] C:\DOCUME~1\Hartza\APPLIC~1\Adobe
[19.05.2008|09:59] C:\DOCUME~1\Hartza\APPLIC~1\Ahead
[31.10.2008|15:46] C:\DOCUME~1\Hartza\APPLIC~1\F-Secure
[28.06.2008|18:40] C:\DOCUME~1\Hartza\APPLIC~1\Google
[16.05.2008|14:55] C:\DOCUME~1\Hartza\APPLIC~1\Identities
[18.05.2008|10:04] C:\DOCUME~1\Hartza\APPLIC~1\Macromedia
[06.11.2008|05:52] C:\DOCUME~1\Hartza\APPLIC~1\Malwarebytes
[29.09.2008|17:48] C:\DOCUME~1\Hartza\APPLIC~1\Microsoft
[17.05.2008|18:30] C:\DOCUME~1\Hartza\APPLIC~1\Mozilla
[17.05.2008|17:27] C:\DOCUME~1\Hartza\APPLIC~1\Samsung
[04.06.2008|05:48] C:\DOCUME~1\Hartza\APPLIC~1\Sun
[19.05.2008|10:17] C:\DOCUME~1\Hartza\APPLIC~1\Template
[0|tiedosto(a)] C:\DOCUME~1\Hartza\APPLIC~1\tavua
[14|kansio(ta)] C:\DOCUME~1\Hartza\APPLIC~1\tavua vapaana

[16.05.2008|12:58] C:\DOCUME~1\LOCALS~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\LOCALS~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\LOCALS~1\APPLIC~1\tavua vapaana

[31.10.2008|15:42] C:\DOCUME~1\NETWOR~1\APPLIC~1\Microsoft
[0|tiedosto(a)] C:\DOCUME~1\NETWOR~1\APPLIC~1\tavua
[3|kansio(ta)] C:\DOCUME~1\NETWOR~1\APPLIC~1\tavua vapaana

--------------------\\ Ajoitetut tehtävät sijaitsee C:\WINDOWS\Tasks

[07.11.2008 14:28][--ah-----] C:\WINDOWS\tasks\MP Scheduled Scan.job
[07.11.2008 14:25][--a------] C:\WINDOWS\tasks\Scheduled scanning task.job
[07.11.2008 14:23][--ah-----] C:\WINDOWS\tasks\SA.DAT
[15.09.2004 14:00][-r-h-----] C:\WINDOWS\tasks\desktop.ini

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files

[18.05.2008|11:16] C:\Program Files\AC3Filter
[05.07.2008|07:46] C:\Program Files\Adobe
[16.05.2008|13:13] C:\Program Files\Agilent-HP
[05.11.2008|11:50] C:\Program Files\CCleaner
[03.11.2008|11:41] C:\Program Files\Common Files
[16.05.2008|12:56] C:\Program Files\ComPlus Applications
[02.11.2008|19:46] C:\Program Files\DC++
[21.10.2008|14:01] C:\Program Files\dna Nettiturva
[30.10.2008|18:28] C:\Program Files\ffdshow
[28.06.2008|18:40] C:\Program Files\Google
[16.05.2008|13:13] C:\Program Files\Hewlett-Packard
[16.05.2008|13:13] C:\Program Files\HP
[17.05.2008|17:17] C:\Program Files\InstallShield Installation Information
[16.10.2008|23:14] C:\Program Files\Internet Explorer
[17.07.2008|12:32] C:\Program Files\Java
[03.11.2008|11:42] C:\Program Files\Lavasoft
[06.11.2008|05:52] C:\Program Files\Malwarebytes' Anti-Malware
[15.08.2008|22:57] C:\Program Files\Messenger
[16.05.2008|12:58] C:\Program Files\microsoft frontpage
[19.05.2008|09:11] C:\Program Files\Microsoft Office
[10.09.2008|07:41] C:\Program Files\Microsoft Works
[16.05.2008|14:31] C:\Program Files\Movie Maker
[24.05.2008|14:00] C:\Program Files\Mozilla Firefox
[16.05.2008|12:55] C:\Program Files\MSN Gaming Zone
[04.07.2008|19:57] C:\Program Files\MSXML 4.0
[19.05.2008|09:55] C:\Program Files\Nero
[16.05.2008|14:30] C:\Program Files\NetMeeting
[20.10.2008|08:53] C:\Program Files\OLYMPUS
[16.05.2008|12:57] C:\Program Files\Online Services
[16.05.2008|14:30] C:\Program Files\Outlook Express
[20.10.2008|08:54] C:\Program Files\QuickTime
[17.05.2008|17:17] C:\Program Files\Samsung
[04.11.2008|12:24] C:\Program Files\Spybot - Search & Destroy
[05.11.2008|12:55] C:\Program Files\Trend Micro
[17.05.2008|11:46] C:\Program Files\Trust mouse utility
[16.05.2008|13:02] C:\Program Files\Uninstall Information
[18.05.2008|11:06] C:\Program Files\Webteh
[30.10.2008|18:25] C:\Program Files\Windows Defender
[16.05.2008|18:06] C:\Program Files\Windows Live
[17.05.2008|09:31] C:\Program Files\Windows Media Connect 2
[17.05.2008|09:31] C:\Program Files\Windows Media Player
[16.05.2008|14:30] C:\Program Files\Windows NT
[16.05.2008|12:57] C:\Program Files\WindowsUpdate
[18.05.2008|09:30] C:\Program Files\WinRAR
[16.05.2008|12:58] C:\Program Files\xerox
[18.05.2008|11:14] C:\Program Files\Xvid
[0|tiedosto(a)] C:\Program Files\tavua
[48|kansio(ta)] C:\Program Files\tavua vapaana

--------------------\\ Listaa hakemistoja sijainnissa C:\Program Files\Common Files

[18.05.2008|09:12] C:\Program Files\Common Files\Adobe
[19.05.2008|10:00] C:\Program Files\Common Files\Ahead
[16.05.2008|13:18] C:\Program Files\Common Files\InstallShield
[04.06.2008|05:46] C:\Program Files\Common Files\Java
[20.10.2008|08:52] C:\Program Files\Common Files\Microsoft Shared
[16.05.2008|12:57] C:\Program Files\Common Files\MSSoap
[16.05.2008|15:50] C:\Program Files\Common Files\ODBC
[16.05.2008|12:57] C:\Program Files\Common Files\Services
[16.05.2008|15:50] C:\Program Files\Common Files\SpeechEngines
[16.05.2008|14:30] C:\Program Files\Common Files\System
[16.05.2008|18:06] C:\Program Files\Common Files\WindowsLiveInstaller
[03.11.2008|11:41] C:\Program Files\Common Files\Wise Installation Wizard
[0|tiedosto(a)] C:\Program Files\Common Files\tavua
[14|kansio(ta)] C:\Program Files\Common Files\tavua vapaana

--------------------\\ Process

( 42 Processes )

... OK !

--------------------\\ Etsii S_Lopilla

Lopin kansioita ei löytynyt !

--------------------\\ Etsii Lopin tiedostoja ja kansioita

C:\DOCUME~1\Hartza\Cookies\hartza@adin.bigpoint[2].txt
C:\DOCUME~1\Hartza\Cookies\hartza@bigpoint[1].txt
C:\DOCUME~1\Hartza\Cookies\hartza@dk.seafight.bigpoint[1].txt
C:\DOCUME~1\Hartza\Cookies\hartza@dk.seafight.bigpoint[1].txt

--------------------\\ Etsii rekisterikohteita

..... OK !

--------------------\\ Tarkistaa Hosts-tiedostoa

Hosts-tiedosto PUHDAS

--------------------\\ Tarkistaa Catchmella onko piilotettuja tiedostoja

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 17:10:27
Windows 5.1.2600 Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden files: 0

--------------------\\ Tarkistaa muita infektioita

Muita infektiota ei löytynyt !

[F:6][D:1]-> C:\DOCUME~1\Hartza\LOCALS~1\Temp
[F:70][D:0]-> C:\DOCUME~1\Hartza\Cookies
[F:1445][D:5]-> C:\DOCUME~1\Hartza\LOCALS~1\TEMPOR~1\content.IE5

1 - "C:\Lop SD\LopR_1.txt" - pe 07.11.2008|16:41 - Option : [1]
2 - "C:\Lop SD\LopR_2.txt" - pe 07.11.2008|17:10 - Option : [3]

--------------------\\ Tarkistus valmistui 17:10:53

yaht · Nov 7, 2008

Lataa CCleaner tästä

- Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
- Asennuksen jälkeen aukaise CCleaner.
- Valitse vasemmalta pystyrivistä Options.
- Valitse viereisestä pystyrivistä Settings.
- Language kohtaan valitse Suomi.

- Käynnistä CCleaner.
- Valitse Valinnat.
- Paina Lisäasetukset.
- Ota ruksi pois kohdasta "Poista vain yli 48 tuntia vanhat tiedostot Windowsin tilapäiskansioista".

Puhdistaja

- Valitse vasemmalta pystyrivistä Puhdistaja.
- Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
- Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus

- Valitse vasemmalta pystyrivistä Rekisteri.
- Paina alhaalta Etsi rekisterin virheitä.
- Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
- Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
- Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
- Saat vielä varmistus kysymyksen, paina Ok.
- Kun virheet on korjattu, paina Sulje.

Nyt voit suljea CCleanerin painamalla oikealta ylhäältä punaista rastia.

Mites nyt kone toimii?

painaja · Nov 7, 2008

taas toimii kuin unelma,eli koneella oli tuo ccleaneri mutta rasti kohdassa "poista vain yli 48...." eikä siten ilmeisesti löytäny aiemmin mitään vaikka tein tarkistuksen-siinäkö vika?
joka tapauksessa iso käsi avusta ja hyvät jatkot....

Log in or Sign up

selain availee sivuja itekseen ,apuja kaivataan ...

painaja Member

yaht Regular member

painaja Member

painaja Member

yaht Regular member

painaja Member

yaht Regular member

painaja Member

yaht Regular member

painaja Member

Share This Page

Log in or Sign up

selain availee sivuja itekseen ,apuja kaivataan ...

painaja Member

yaht Regular member

painaja Member

painaja Member

yaht Regular member

painaja Member

yaht Regular member

painaja Member

yaht Regular member

painaja Member

Share This Page

Useful Searches