Suoritinkäyttö 100%

Joo, näyttää olevan ruuhkaa. Suurin osa niistä ewidon löydöistä on varmaan ihan evästeitä (ainakin toivon niin

 

Juu, kaikenmaailman cookiesseista se selittää.

 

Tuossa vielä tuon Ewidon logi. Scannauksen päätyttyä se ilmoitti ettei onnistu poistamaan noita yllämainittuja filuja, mutta annoin sen poistaa koko kansion.


---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 18:03:49, 26.9.2005
+ Report-Checksum: 3243D64B

+ Scan result:

:mozilla.7:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.9:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Xxxtoolbar : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.40:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.59:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Myaffiliateprogram : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Googleadservices : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adjuggler : Cleaned with backup
:mozilla.146:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Adserver : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Clickhype : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Webtrendslive : Cleaned with backup
:mozilla.183:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.197:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.198:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.215:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.218:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.232:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.246:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Valueclick : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.302:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.333:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.351:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Xhit : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.358:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.367:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.368:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.394:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Trafic : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Juha\Application Data\Mozilla\Firefox\Profiles\a4n6p4sy.default\cookies.txt -> Spyware.Cookie.Counted : Cleaned with backup
D:\build\filerepository\Microsoft-Windows-CoreUserModePnp-DriverCab_4e9013d9\driver.cab/pctspk.exe -> Worm.Bobic.k : Error during cleaning
D:\System Volume Information\_restore{C6641566-548E-48A0-B121-91A77CBD83AB}\RP155\A0032180.exe -> Spyware.MyWebSearch : Cleaned with backup
D:\Windows\Driver Cache\i386\driver.cab/pctspk.exe -> Worm.Bobic.k : Error during cleaning
D:\Windows\WinSxS\x86_microsoft-windows-c..ermodepnp-drivercab_31bf3856ad364e35_6.0.5112.0_neutral_81468488fc3eb132\driver.cab/pctspk.exe -> Worm.Bobic.k : Error during cleaning


::Report End

 

Joo ei tossa muuta kun noi Worm Bobic.K-rivit. Yritä tarkistaa ne tiedostot siellä jotissa, kun sinne vaan pääsee.

 

Okei, ongelma ratkesi. Olin tässä vähän aika sitten innostunu skineillä leikkimään. Sitten vaihdoin Style xp:stä tuohon Windowsblinds:iin. Homma toimikin jonkun aikaa kunnes siinä sekoillessani sekotin vähän skinit miten sattuu ja esim. käynnistäpalkki ei suostunut kuin vaihtamaan väriä. No aattelin että kyllä sen homman joskus korjaa. Sitten tuossa toissa yönä laitoin c:n eheytykseen. Aamulla kun starttasin koneen uudelleen, oli se ihan jumissa, kunne sitten äskettäin tajusin ottaa tuon Windowsblindinsin pois päältä ihan kokeeks. Homma vauhdittuikin heti. ISO KIITOS kuitenkin kaikille keskusteluun vaivautuneille.

Edit: Pikku virheitä

 

Ok. Hyvä homma, että selvisi

 

Voisitteko auttaa minuakin samankaltaisessa ongelmassa, kun en oikein tästä mitään ymmärrä, kun koneen suoritinkäyttö on kokoajan 98-100% vaikka ei olisi mitään irkkiä raskaampaa ohjelmaa käytössä, olen skannannut koneen Spybot-Search&destroylla, ja AVG virusohjelmalla useampaan kertaan, eikä mitään löydy.
Tässä vielä Hijackthisin logi jos yhtään helpottaa.


Logfile of HijackThis v1.99.1
Scan saved at 14:33:03, on 24.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\j2re1.4.1_02\bin\javaw.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\PROGRA~1\MSNMES~1\msnmsgr.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\Program Files\FinnishIRC XP\FIRC.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Opera75\opera.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Jasc Software Inc\Paint Shop Pro 8\Paint Shop Pro.exe
C:\hij\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.lqyedjlkkrudlkzahz.com/R...VGhqSoeo/30uMD/OXKjVMUoNMO1/BHII/in_RKS7X.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ghxnousdkcsv.com/RQQNkzCtaQuloqGVVZ2KSDWfK4x8x_PluaEJ3oixyl4.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsecure/md5auth.srf?lc=1033
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {95704215-9F67-08F6-2A2A-49ADA73933DD} - C:\DOCUME~1\Omistaja\APPLIC~1\MESSLO~1\comp iso.exe
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Math internet mess stupid] C:\Documents and Settings\All Users\Application Data\Bytebluemathinternet\Peak Book.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKLM\..\Run: [stupid find user team] C:\Documents and Settings\All Users\Application Data\GlueBookStupidFind\about media.exe
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [TWO FORD] C:\DOCUME~1\Omistaja\APPLIC~1\OPTION~1\FUNK01ERROR.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

 

Loppejahan siellä on riittävästi ja mese+ syypää.

Poista lisää/poista sovellus-kohdasta:

Messenger Plus! 3

Fixaa HjT:llä ( do a system scan only, merkkaa nämä ja paina fix checked):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.lqyedjlkkrudlkzahz.com/RQQNkzCtaQsODwuzbD9Jz_3VGhqSoeo...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ghxnousdkcsv.com/RQQNkzCtaQuloqGVVZ2KSDWfK4x8x_PluaEJ3...
O2 - BHO: (no name) - {95704215-9F67-08F6-2A2A-49ADA73933DD} - C:\DOCUME~1\Omistaja\APPLIC~1\MESSLO~1\comp iso.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [Math internet mess stupid] C:\Documents and Settings\All Users\Application Data\Bytebluemathinternet\Peak Book.exe
O4 - HKLM\..\Run: [stupid find user team] C:\Documents and Settings\All Users\Application Data\GlueBookStupidFind\about media.exe
O4 - HKCU\..\Run: [TWO FORD] C:\DOCUME~1\Omistaja\APPLIC~1\OPTION~1\FUNK01ERROR.exe

Laita piilotiedostot näkyviin, ohje -> http://www.xtra.co.nz/help/0,,4155-1916458,00.html

Käynnistä vikasietotilaan (F8 käynnistyken yhteydessä) ja poista:

C:\DOCUME~1\Omistaja\APPLIC~1\==>MESSLO~1<==
C:\Program Files\==>Messenger Plus! 3<==
C:\Documents and Settings\All Users\Application Data\==>Bytebluemathinternet<==
C:\Documents and Settings\All Users\Application Data\==>GlueBookStupidFind<==
C:\DOCUME~1\Omistaja\APPLIC~1\==>OPTION~1<==
C:\Windows\==>ALCXMNTR.EXE<==

Käynnistä uudestaan ja lähetä uusi HjT-loki.

 

Miltäs nyt näyttää?

Logfile of HijackThis v1.99.1
Scan saved at 16:21:18, on 24.10.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe
C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\Google Talk\googletalk.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\ewido\security suite\ewidoguard.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\system32\wuauclt.exe
C:\hij\HijackThis.exe
C:\Program Files\Opera75\opera.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dsaihxxygruvlpvhmozodhmm...GhqSoeo/30uMD/OXKjWmtOtBSgVlp4I/in_RKS7X.html
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://loginnet.passport.com/ppsecure/md5auth.srf?lc=1033
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpdtlk02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [CamMonitor] c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [StorageGuard] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AVG7_EMC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\Launch Application 2.exe -onlytray
O4 - HKLM\..\Run: [DataLayer] C:\PROGRA~1\COMMON~1\PCSuite\DATALA~1\DATALA~1.EXE
O4 - HKCU\..\Run: [BackupNotify] c:\Program Files\Hewlett-Packard\Digital Imaging\bin\backupnotify.exe
O4 - HKCU\..\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [googletalk] "C:\Program Files\Google\Google Talk\googletalk.exe" /autostart
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

 

Fixaa vielä tämä, muuten hyvä:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dsaihxxygruvlpvhmozodhmmo.biz/RQQNkzCtaQsODwuzbD9Jz_3V...

Onko suoritinkäyttö edelleen korkea?

 

Ei ole enää. Ongelma ratkesi, kiitoksia paljon

 

Ole hyvä