Windows sekaisin. ActiveX

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by hangerrr, Mar 13, 2007.

  1. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Elikkas!

    Kirjoittelin jo tonne windows ongelmat alueelle tallaista...

    http://keskustelu.afterdawn.com/thread_view.cfm/480663#2904533

    Tuossa olis nyt tietoja mita HJT antoi... Jotain pielessa?

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\HPZipm12.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\WINNT\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\Program Files\Grisoft\AVG7\avgcc.exe
    C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Työpöytä\HiJackThis_v2.0.0.0.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O14 - IERESET.INF: START_PAGE_URL=http://www.msn.fi
    O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.fi
    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148395233484
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
    O23 - Service: Hälytys (Alerter) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Sovellusten hallinta (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Tietokoneiden selaus (Browser) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DHCP-asiakas (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Loogisen levyn hallinta (dmserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DNS-asiakas (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Faksipalvelu (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe
    O23 - Service: Palvelin (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Työasema (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: TCP/IP NetBIOS Helper -palvelu (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Viestinvälitys (Messenger) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkkokirjautuminen (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NT LM -suojaustuen toimittaja (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
    O23 - Service: IP-suojauskäytäntöagentti (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: Suojattu tallennuspaikka (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Käyttöoikeustilien hallinta (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe
    O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Tehtävien ajoitus (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe
    O23 - Service: RunAs-palvelu (seclogon) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\WINNT\system32\stisvc.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe
    O23 - Service: Tiedostolinkkijäljityksen asiakas (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Toimintojen hallinta (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe
    O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: WMI-palvelu (Windows Management Instrumentation) (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe
    O23 - Service: WM -instrumenttien ohjainlaajennukset (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe
     
    hangerrr, Mar 13, 2007
    #1
  2. Auttaja

    Auttaja Guest

    C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Työpöytä\HiJackThis_v2.0.0.0.exe

    Ei näin vaan näin

    C:\HJT\HiJackThis_v2.0.0.0.exe

    nimeä uudelleen skanneri exe nimellä

    C:\HJT\skanneri.exe

    Laita uusi logi mukaan jossa on mukana myös lokin yläosa!
     
    Auttaja, Mar 13, 2007
    #2
  3. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Mikahan ero talla mahtaa olla :) mutta siina nyt kuitenkin tuo uusi.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 18:56:28, on 13.3.2007
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\HPZipm12.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINNT\explorer.exe
    C:\Program Files\WinISO\WinISO.exe
    C:\HJT\skanneri.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O14 - IERESET.INF: START_PAGE_URL=http://www.msn.fi
    O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.fi
    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148395233484
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
    O23 - Service: Hälytys (Alerter) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Sovellusten hallinta (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Tietokoneiden selaus (Browser) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DHCP-asiakas (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Loogisen levyn hallinta (dmserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DNS-asiakas (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Faksipalvelu (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe
    O23 - Service: Palvelin (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Työasema (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: TCP/IP NetBIOS Helper -palvelu (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Viestinvälitys (Messenger) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkkokirjautuminen (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NT LM -suojaustuen toimittaja (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
    O23 - Service: IP-suojauskäytäntöagentti (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: Suojattu tallennuspaikka (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Käyttöoikeustilien hallinta (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe
    O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Tehtävien ajoitus (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe
    O23 - Service: RunAs-palvelu (seclogon) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\WINNT\system32\stisvc.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe
    O23 - Service: Tiedostolinkkijäljityksen asiakas (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Toimintojen hallinta (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe
    O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: WMI-palvelu (Windows Management Instrumentation) (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe
    O23 - Service: WM -instrumenttien ohjainlaajennukset (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe

    --
    End of file - 7682 bytes
     
    Last edited: Mar 13, 2007
    hangerrr, Mar 13, 2007
    #3
  4. Auttaja

    Auttaja Guest

    Laita nää fixailen(avaa Hijack, merkkaa ja paina fix checked)

    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {2F003D51-39FD-4D18-9016-95CF70B92ABE} - http://download.movienetworks.com/install/US/altpmtscab.cab

    Luultavasti tuo O15 rivit ei lähe, mutta koitetaan tätä ekana! Laita uusi logi
     
    Auttaja, Mar 13, 2007
    #4
  5. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Joo nuo 015 ei lahteny... tassa uusi logi.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 11:50:15, on 14.3.2007
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\HPZipm12.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\HJT\skanneri.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O14 - IERESET.INF: START_PAGE_URL=http://www.msn.fi
    O14 - IERESET.INF: MS_START_PAGE_URL=http://www.msn.fi
    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148395233484
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
    O23 - Service: Hälytys (Alerter) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Sovellusten hallinta (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Tietokoneiden selaus (Browser) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DHCP-asiakas (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Loogisen levyn hallinta (dmserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DNS-asiakas (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Faksipalvelu (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe
    O23 - Service: Palvelin (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Työasema (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: TCP/IP NetBIOS Helper -palvelu (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Viestinvälitys (Messenger) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkkokirjautuminen (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NT LM -suojaustuen toimittaja (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
    O23 - Service: IP-suojauskäytäntöagentti (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: Suojattu tallennuspaikka (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Käyttöoikeustilien hallinta (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe
    O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Tehtävien ajoitus (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe
    O23 - Service: RunAs-palvelu (seclogon) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\WINNT\system32\stisvc.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe
    O23 - Service: Tiedostolinkkijäljityksen asiakas (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Toimintojen hallinta (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe
    O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: WMI-palvelu (Windows Management Instrumentation) (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe
    O23 - Service: WM -instrumenttien ohjainlaajennukset (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe

    --
    End of file - 7502 bytes
     
    hangerrr, Mar 14, 2007
    #5
  6. Auttaja

    Auttaja Guest

    Lataa Protocolfix
    ja tallenna se työpöydälle. Tuplaklikkaa sitä, paina Kyllä ja Ok. Käynnistä kone uudelleen ja lähetä uusi HijackThis-loki
     
    Auttaja, Mar 14, 2007
    #6
  7. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Tulee ilmoitus etta "Virhe kaytettessa rekisteria"
     
    hangerrr, Mar 14, 2007
    #7
  8. Auttaja

    Auttaja Guest

    Anteeks että kesti vastaus:

    Missä vaiheessa se ilmoitus tulee? Laita uusi logi.
     
    Auttaja, Mar 14, 2007
    #8
  9. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Kiitos etta jaksat auttaa!

    Mut mut... eli tuplaklikkaan kuvaketta tyopoydalla ja painan kylla niin sen jalkeen tulee heti C:\DOCUMEN~1\JRJEST~1.ESA\TYPYT~1\FIX-PR~1.REG: ei voi tuoda. virhe kaytettaessa rekisteria.

    ja tassa olis uusi logi.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 13:46:10, on 15.3.2007
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\HPZipm12.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\WinISO\WinISO.exe
    C:\WINNT\system32\wuauclt.exe
    C:\HJT\skanneri.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
    O4 - HKLM\..\RunOnce: [BrandClearStubs] RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
    O4 - HKLM\..\RunOnce: [Regsister WScript] wscript -regserver
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148395233484
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
    O23 - Service: Hälytys (Alerter) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Sovellusten hallinta (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
    O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
    O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
    O23 - Service: Tietokoneiden selaus (Browser) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DHCP-asiakas (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Loogisen levyn hallinta (dmserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DNS-asiakas (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Faksipalvelu (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe
    O23 - Service: Palvelin (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Työasema (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: TCP/IP NetBIOS Helper -palvelu (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Viestinvälitys (Messenger) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkkokirjautuminen (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NT LM -suojaustuen toimittaja (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
    O23 - Service: IP-suojauskäytäntöagentti (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: Suojattu tallennuspaikka (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Käyttöoikeustilien hallinta (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe
    O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Tehtävien ajoitus (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe
    O23 - Service: RunAs-palvelu (seclogon) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\WINNT\system32\stisvc.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe
    O23 - Service: Tiedostolinkkijäljityksen asiakas (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Toimintojen hallinta (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe
    O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: WMI-palvelu (Windows Management Instrumentation) (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe
    O23 - Service: WM -instrumenttien ohjainlaajennukset (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe

    --
    End of file - 7608 bytes
     
    hangerrr, Mar 15, 2007
    #9
  10. Auttaja

    Auttaja Guest

    Mietin korjausta ongelmaan, tee nää kuitenkin nyt:

    lataa ATF Cleaner
    http://www.atribune.org/ccount/click.php?id=1

    Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman. Main:n alla valitse: Select All
    Klikkaa Empty Selected valintaa.
    Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
    Jos käytät Operaa selaimenasi Klikkaa Opera yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa taas.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
    Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
    Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)


    **************************

    Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.

    [*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
    [*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
    [*]Käynnistä AVG Anti-Spyware.
    [*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
    [*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
    [*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
    [*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
    [*]Sitten "Reports" valikon alta:
    [*]Laita täppi kohtaan "Automatically generate report after every scan"
    [*]Ota täppi pois kohdasta"Only if threats were found"
    [*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
    [*]"Resident shield is", muuta tila active:sta inactive:ksi
    [*]Sulje ohjelma, ÄLÄ skannaa vielä.

    Käynnistä tietokone vikasietotilaan:
    1. Käynnistä tietokone uudelleen.
    2. Kun tietokone käynnistyy, paina F8-näppäintä.
    3. Näyttöön tulee erilaisia käynnistysvaihtoehtoja.
    4. Valitse näppäimistön nuolinäppäinten avulla Vikasietotila.
    5. Paina ENTER-näppäintä.

    HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
    [*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
    [*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
    [*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
    Kun skannaus on valmis:
    TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
    [*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
    [*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
    [​IMG]
    [*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
    [*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
    [*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestiketjuusi.
     
    Auttaja, Mar 15, 2007
    #10
  11. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Nyt sain nuo tehtya...

    Mullakin aina vahan kestaa tan homman tekeminen ku joudun porukoille juoksemaan aina tekemaan muutoksia.

    mutta tas olis nyt AVG logi...

    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 18:05:45 15.3.2007

    + Scan result:



    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnceEx\800 -> Adware.BetterInternet : Cleaned with backup (quarantined).
    :mozilla.186:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.187:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.188:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.189:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.190:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.191:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.192:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.193:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.194:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.195:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.196:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.197:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.198:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.199:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.200:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.201:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.202:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.203:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.74:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.65:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.66:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.104:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.105:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.20:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.21:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.22:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.36:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.37:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.38:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.21:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.60:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.90:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
    :mozilla.16:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.75:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.121:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.122:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.123:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.87:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
    :mozilla.209:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.210:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.61:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.62:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned.
    :mozilla.89:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.122:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.52:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.53:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.54:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.55:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.56:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.57:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.58:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.59:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.60:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.61:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.62:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.63:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.68:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.160:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
    :mozilla.10:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.7:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.8:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.98:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.99:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.9:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.181:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
    :mozilla.132:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.101:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
    :mozilla.97:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
    :mozilla.98:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned.
    :mozilla.143:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.217:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.81:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.82:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.83:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.84:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.125:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.126:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.127:C:\Documents and Settings\Järjestelmänvalvoja.ESA-GVUKC5BU93X\Application Data\Mozilla\Firefox\Profiles\z58bnno3.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.169:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.170:C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla\Firefox\Profiles\effotwh1.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


    ::Report end

     
    hangerrr, Mar 15, 2007
    #11
  12. Auttaja

    Auttaja Guest

    Kopioi alla oleva teksti muistioon (siis tosta regeditistä tuohon numeroon 1) ja tallenna se nimellä fix.reg työpöydälle (tallennusmuoto kaikki tiedostot):

    Tuplaklikkaa sitä, paina kyllä ja ok. Käynnistä kone uudelleen. Laita uusi logi!
     
    Last edited by a moderator: Mar 15, 2007
    Auttaja, Mar 15, 2007
    #12
  13. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Jees nyt sain tuon tehtya tassa olis uutta logia.

    Logfile of Trend Micro HijackThis v2.0.0 (BETA)
    Scan saved at 10:29:57, on 16.3.2007
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    Boot mode: Normal

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\system32\hidserv.exe
    C:\WINNT\System32\nvsvc32.exe
    C:\WINNT\System32\HPZipm12.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\System32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\HJT\skanneri.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - Default URLSearchHook is missing
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINNT\System32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINNT\System32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [D-Link Air USB Utility] C:\Program Files\D-Link\Air USB Utility\AirCFG.exe
    O4 - HKLM\..\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKLM\..\RunOnce: [BrandClearStubs] RUNDLL32 IEDKCS32.DLL,BrandCleanInstallStubs >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS
    O4 - HKLM\..\RunOnce: [Regsister WScript] wscript -regserver
    O4 - HKUS\.DEFAULT\..\Run: [internat.exe] internat.exe (User 'Default user')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O15 - ProtocolDefaults: '@ivt' protocol is in My Computer Zone, should be Intranet Zone
    O15 - ProtocolDefaults: 'file' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'ftp' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone
    O15 - ProtocolDefaults: 'https' protocol is in My Computer Zone, should be Internet Zone
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1148395233484
    O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINNT\System32\browseui.dll
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINNT\System32\browseui.dll
    O23 - Service: Hälytys (Alerter) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Sovellusten hallinta (AppMgmt) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: Tietokoneiden selaus (Browser) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DHCP-asiakas (Dhcp) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - Unknown owner - C:\WINNT\System32\dmadmin.exe
    O23 - Service: Loogisen levyn hallinta (dmserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: DNS-asiakas (Dnscache) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Tapahtumaloki (Eventlog) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Faksipalvelu (Fax) - Unknown owner - C:\WINNT\system32\faxsvc.exe
    O23 - Service: Palvelin (lanmanserver) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Työasema (lanmanworkstation) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: TCP/IP NetBIOS Helper -palvelu (LmHosts) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: Viestinvälitys (Messenger) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: NetMeeting etätyöpöydän jakaminen (mnmsrvc) - Unknown owner - C:\WINNT\System32\mnmsrvc.exe
    O23 - Service: Verkon DDE (NetDDE) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkon DDE DSDM (NetDDEdsdm) - Unknown owner - C:\WINNT\system32\netdde.exe
    O23 - Service: Verkkokirjautuminen (Netlogon) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NT LM -suojaustuen toimittaja (NtLmSsp) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe
    O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINNT\System32\HPZipm12.exe
    O23 - Service: IP-suojauskäytäntöagentti (PolicyAgent) - Unknown owner - C:\WINNT\System32\lsass.exe
    O23 - Service: Suojattu tallennuspaikka (ProtectedStorage) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Käyttöoikeustilien hallinta (SamSs) - Unknown owner - C:\WINNT\system32\lsass.exe
    O23 - Service: Älykortti-apuohjelma (SCardDrv) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Älykortti (SCardSvr) - Unknown owner - C:\WINNT\System32\SCardSvr.exe
    O23 - Service: Tehtävien ajoitus (Schedule) - Unknown owner - C:\WINNT\system32\MSTask.exe
    O23 - Service: RunAs-palvelu (seclogon) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Still Image Service (StiSvc) - Unknown owner - C:\WINNT\system32\stisvc.exe
    O23 - Service: Resurssilokit ja -hälytykset (SysmonLog) - Unknown owner - C:\WINNT\system32\smlogsvc.exe
    O23 - Service: Telnet (TlntSvr) - Unknown owner - C:\WINNT\system32\tlntsvr.exe
    O23 - Service: Tiedostolinkkijäljityksen asiakas (TrkWks) - Unknown owner - C:\WINNT\system32\services.exe
    O23 - Service: Toimintojen hallinta (UtilMan) - Unknown owner - C:\WINNT\System32\UtilMan.exe
    O23 - Service: Windows Time (W32Time) - Unknown owner - C:\WINNT\System32\services.exe
    O23 - Service: WMI-palvelu (Windows Management Instrumentation) (WinMgmt) - Unknown owner - C:\WINNT\System32\WBEM\WinMgmt.exe
    O23 - Service: WM -instrumenttien ohjainlaajennukset (Wmi) - Unknown owner - C:\WINNT\system32\Services.exe

    --
    End of file - 7225 bytes
     
    hangerrr, Mar 15, 2007
    #13
  14. Auttaja

    Auttaja Guest

    Avaa tietokone vikasietotilaan, ja merkkaa nuo O15 rivit ja paina sitten fix checked, tämä voisi ehkä auttaa..
     
    Auttaja, Mar 16, 2007
    #14
  15. hangerrr

    hangerrr Member

    Joined:
    Mar 12, 2007
    Messages:
    12
    Likes Received:
    0
    Trophy Points:
    11
    Hmm kokeilin tuota mutta eipa se niita riveja poistanut...

     
    hangerrr, Mar 18, 2007
    #15

Share This Page