Logfile of HijackThis v1.98.2
Scan saved at 16:34:42, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\program files\search-assistant\saap.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Documents and Settings\Jussi Kanninen\Omat tiedostot\win zip\HijackThis19802.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\Program Files\se\v11\se.DLL
O2 - BHO: WebBho Class - {00041A26-7033-432C-94C7-6371DE343822} - C:\Program Files\se\v11\se.DLL
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [OSS] c:\windows\system32\rk.exe -boot
O4 - HKLM\..\Run: [Search-Exe] "C:\Program Files\se\v11\se.EXE" /H
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [saap] c:\program files\search-assistant\saap.exe
O4 - HKLM\..\Run: [fabyton] C:\WINDOWS\fabyton.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [ErrorGuard] C:\Program Files\ErrorGuard\ErrorGuard.Exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8B936702-C234-40D0-B69C-A2F669A33978} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_7_EN_XP.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O18 - Filter: text/html - {2F696465-5A82-4651-9E88-173A89F21BE2} - C:\Documents and Settings\Jussi Kanninen\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
nyt pukkas tämmösen
15
1021
Vastaukset
- Juu
Siirrä se Hijackki omaan kansioon tonne
C:\HjT\HijackThis.exe
Piilotiedostot näkyviin,ohje tuolla
http://www.xtra.co.nz/help/0,,4155-1916458,00.html
Merkkaa nuo sulje selain ja muut avoimet ikkunat ja paina FIX checked
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.search-exe.com/nph-search.cgi?tcode=exebar1&look=sbar1_srchbtn
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.search-exe.com/nph-search.cgi?tcode=exesrch1&look=stmpl1&fw=
R3 - URLSearchHook: WebSearch Class - {9368D063-44BE-49B9-BD14-BB9663FD38FC} - C:\Program Files\se\v11\se.DLL
O2 - BHO: WebBho Class - {00041A26-7033-432C-94C7-6371DE343822} - C:\Program Files\se\v11\se.DLL
O2 - BHO: NavErrRedir Class - {00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
O4 - HKLM\..\Run: [OSS] c:\windows\system32\rk.exe -boot
O4 - HKLM\..\Run: [Search-Exe] "C:\Program Files\se\v11\se.EXE" /H
O4 - HKLM\..\Run: [saap] c:\program files\search-assistant\saap.exe
O4 - HKLM\..\Run: [fabyton] C:\WINDOWS\fabyton.exe
O16 - DPF: RaptisoftGameLoader - http://www.miniclip.com/hamsterball/raptisoftgameloader.cab
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) - http://www.miniclip.com/bestfriends/miniclipGameLoader.dll
O16 - DPF: {8B936702-C234-40D0-B69C-A2F669A33978} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_7_EN_XP.cab
O18 - Filter: text/html - {2F696465-5A82-4651-9E88-173A89F21BE2} - C:\Documents and Settings\Jussi Kanninen\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
Käynnistä sitte vikasietotilassa etsi ja poista jos löytyy
fabyton.exe
c:\windows\system32\>rk.exe < pois
C:\Program Files\se\v11\se.DLL
- tuolta pois se kansio
c:\program files\search-assistant\saap.exe
- tuolta pois search-assistant kansio
C:\Documents and Settings\Jussi Kanninen\Local Settings\Application Data\microsoft\internet explorer\V0.26.dat
- tuolta pois V0.26.dat
Käynnistä sitte normaalisti ja uus logi. Moi
Voisitko ennen noita Juun ehdottamia poistotoimenpiteita tehdä seuraavaa.
Sieltä lisää / poista sovelluksesta täytynee poistaa myös muita ohjelmia joten tekisitkö myös seuraavan toimenpiteen.
Lataa tämä.
http://koti.mbnet.fi/pattaya1/lataus/TarkistaPoistaAsennusLista.bat
Asenna / tallenna se työpöydälle.Tuplaklikkaa sitä kyseistä .bat-tiedosta. Odottele hetken kun se saa tarkistuksen suoritettua. Kun tarkistus on loppunut muistiossa pitäisi avautua seuraavan niminen tiedosto
poistaohjelmanasennuslista.txt
Kopioi kyseisen tiedoston koko sisältö ja liitä se tänne.
.- moukka
---------- UNINSTALLPROGRAMLIST
"DisplayName"="AC3Filter (remove only)"
"DisplayName"="Adobe Download Manager 1.2 (Poista ainoastaan)"
"DisplayName"="AP Guitar Tuner 1.02"
"DisplayName"="ATI Display Driver"
"DisplayName"="AVIcodec (remove only)"
"DisplayName"="BitTorrent 3.2.1"
"DisplayName"="BMSE dbl"
"DisplayName"="BSPlayer"
"DisplayName"="Cliprex DS DVD Player"
"DisplayName"="CloneDVD2"
"DisplayName"="Conexant 56K ACLink Modem"
"DisplayName"="DVD Region CSS Free 5.61"
"DisplayName"="DVDFab Platinum 2.56"
"DisplayName"="DX-Ball 1.07"
"DisplayName"="Error Guard 2.5.0"
"DisplayName"="ffdshow (remove only)"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Haunted House Screen Saver"
"DisplayName"="HijackThis 1.98.2"
"DisplayName"="IE Help"
"DisplayName"="IEC system"
"DisplayName"="iTunes"
"DisplayName"="InterActual Player"
"DisplayName"="Windows XP Hotfix - KB834707"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Windows XP Hotfix - KB873339"
"DisplayName"="Windows XP Hotfix - KB885835"
"DisplayName"="Windows XP Hotfix - KB885836"
"DisplayName"="Windows XP Hotfix - KB886185"
"DisplayName"="Windows XP Hotfix - KB890175"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="Living 3D Dolphins Screen Saver"
"DisplayName"="Living Marine Aquarium Screen Saver"
"DisplayName"="Living Waterfalls Screen Saver"
"DisplayName"="Macromedia Shockwave Player"
"DisplayName"="Nero OEM"
"DisplayName"="QuickTime"
"DisplayName"="Recommended Hotfix - 421701D"
"DisplayName"="RelevantKnowledge"
"DisplayName"="Uninstall 180searchAssistant"
"DisplayName"="SE Assistant"
"DisplayName"="SE Help"
"DisplayName"="Search Function"
"DisplayName"="Norton AntiVirus 2004 (Symantec Corporation)"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media Format Runtime"
"DisplayName"="Windows Media Player 10"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="WinRAR-pakkausohjelma"
"DisplayName"="WinZip"
"DisplayName"="Yahoo! Toolbar"
"DisplayName"="ZoneAlarm"
"DisplayName"="Zoom Player (remove only)"
"DisplayName"="Sony Ericsson Image Editor"
"DisplayName"="AutoUpdate"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="WebFldrs XP"
"DisplayName"="PowerDVD"
"DisplayName"="InterVideo WinDVD 6"
"DisplayName"="DivX Pro Trial"
"DisplayName"="DivX Player"
"DisplayName"="Musicmatch® Jukebox"
"DisplayName"="MSN Messenger 7.0"
"DisplayName"="Adobe Reader 6.0.1 - Suomi"
"DisplayName"="iTunes"
"DisplayName"="Norton AntiVirus 2004"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="SymNet"
"DisplayName"="Norton AntiVirus Parent MSI"
"DisplayName"="InterVideo Disc Master 2.5"
"DisplayName"="MSRedist" moukka kirjoitti:
---------- UNINSTALLPROGRAMLIST
"DisplayName"="AC3Filter (remove only)"
"DisplayName"="Adobe Download Manager 1.2 (Poista ainoastaan)"
"DisplayName"="AP Guitar Tuner 1.02"
"DisplayName"="ATI Display Driver"
"DisplayName"="AVIcodec (remove only)"
"DisplayName"="BitTorrent 3.2.1"
"DisplayName"="BMSE dbl"
"DisplayName"="BSPlayer"
"DisplayName"="Cliprex DS DVD Player"
"DisplayName"="CloneDVD2"
"DisplayName"="Conexant 56K ACLink Modem"
"DisplayName"="DVD Region CSS Free 5.61"
"DisplayName"="DVDFab Platinum 2.56"
"DisplayName"="DX-Ball 1.07"
"DisplayName"="Error Guard 2.5.0"
"DisplayName"="ffdshow (remove only)"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Haunted House Screen Saver"
"DisplayName"="HijackThis 1.98.2"
"DisplayName"="IE Help"
"DisplayName"="IEC system"
"DisplayName"="iTunes"
"DisplayName"="InterActual Player"
"DisplayName"="Windows XP Hotfix - KB834707"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Windows XP Hotfix - KB873339"
"DisplayName"="Windows XP Hotfix - KB885835"
"DisplayName"="Windows XP Hotfix - KB885836"
"DisplayName"="Windows XP Hotfix - KB886185"
"DisplayName"="Windows XP Hotfix - KB890175"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="Living 3D Dolphins Screen Saver"
"DisplayName"="Living Marine Aquarium Screen Saver"
"DisplayName"="Living Waterfalls Screen Saver"
"DisplayName"="Macromedia Shockwave Player"
"DisplayName"="Nero OEM"
"DisplayName"="QuickTime"
"DisplayName"="Recommended Hotfix - 421701D"
"DisplayName"="RelevantKnowledge"
"DisplayName"="Uninstall 180searchAssistant"
"DisplayName"="SE Assistant"
"DisplayName"="SE Help"
"DisplayName"="Search Function"
"DisplayName"="Norton AntiVirus 2004 (Symantec Corporation)"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media Format Runtime"
"DisplayName"="Windows Media Player 10"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="WinRAR-pakkausohjelma"
"DisplayName"="WinZip"
"DisplayName"="Yahoo! Toolbar"
"DisplayName"="ZoneAlarm"
"DisplayName"="Zoom Player (remove only)"
"DisplayName"="Sony Ericsson Image Editor"
"DisplayName"="AutoUpdate"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="WebFldrs XP"
"DisplayName"="PowerDVD"
"DisplayName"="InterVideo WinDVD 6"
"DisplayName"="DivX Pro Trial"
"DisplayName"="DivX Player"
"DisplayName"="Musicmatch® Jukebox"
"DisplayName"="MSN Messenger 7.0"
"DisplayName"="Adobe Reader 6.0.1 - Suomi"
"DisplayName"="iTunes"
"DisplayName"="Norton AntiVirus 2004"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="SymNet"
"DisplayName"="Norton AntiVirus Parent MSI"
"DisplayName"="InterVideo Disc Master 2.5"
"DisplayName"="MSRedist"Ethän ole vielä poistanut noita Juun ilmoittamia kohteita ?
Palaan asiaan viiden minuutin päästä.
Sieltä lisää / poista sovelluksesta pitää poistaa USEITA ohjelmia.
.
.- moukka
Ad-Aware kirjoitti:
Ethän ole vielä poistanut noita Juun ilmoittamia kohteita ?
Palaan asiaan viiden minuutin päästä.
Sieltä lisää / poista sovelluksesta pitää poistaa USEITA ohjelmia.
.
.mä oottelen
moukka kirjoitti:
---------- UNINSTALLPROGRAMLIST
"DisplayName"="AC3Filter (remove only)"
"DisplayName"="Adobe Download Manager 1.2 (Poista ainoastaan)"
"DisplayName"="AP Guitar Tuner 1.02"
"DisplayName"="ATI Display Driver"
"DisplayName"="AVIcodec (remove only)"
"DisplayName"="BitTorrent 3.2.1"
"DisplayName"="BMSE dbl"
"DisplayName"="BSPlayer"
"DisplayName"="Cliprex DS DVD Player"
"DisplayName"="CloneDVD2"
"DisplayName"="Conexant 56K ACLink Modem"
"DisplayName"="DVD Region CSS Free 5.61"
"DisplayName"="DVDFab Platinum 2.56"
"DisplayName"="DX-Ball 1.07"
"DisplayName"="Error Guard 2.5.0"
"DisplayName"="ffdshow (remove only)"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Haunted House Screen Saver"
"DisplayName"="HijackThis 1.98.2"
"DisplayName"="IE Help"
"DisplayName"="IEC system"
"DisplayName"="iTunes"
"DisplayName"="InterActual Player"
"DisplayName"="Windows XP Hotfix - KB834707"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Windows XP Hotfix - KB873339"
"DisplayName"="Windows XP Hotfix - KB885835"
"DisplayName"="Windows XP Hotfix - KB885836"
"DisplayName"="Windows XP Hotfix - KB886185"
"DisplayName"="Windows XP Hotfix - KB890175"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="Living 3D Dolphins Screen Saver"
"DisplayName"="Living Marine Aquarium Screen Saver"
"DisplayName"="Living Waterfalls Screen Saver"
"DisplayName"="Macromedia Shockwave Player"
"DisplayName"="Nero OEM"
"DisplayName"="QuickTime"
"DisplayName"="Recommended Hotfix - 421701D"
"DisplayName"="RelevantKnowledge"
"DisplayName"="Uninstall 180searchAssistant"
"DisplayName"="SE Assistant"
"DisplayName"="SE Help"
"DisplayName"="Search Function"
"DisplayName"="Norton AntiVirus 2004 (Symantec Corporation)"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media Format Runtime"
"DisplayName"="Windows Media Player 10"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="WinRAR-pakkausohjelma"
"DisplayName"="WinZip"
"DisplayName"="Yahoo! Toolbar"
"DisplayName"="ZoneAlarm"
"DisplayName"="Zoom Player (remove only)"
"DisplayName"="Sony Ericsson Image Editor"
"DisplayName"="AutoUpdate"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="WebFldrs XP"
"DisplayName"="PowerDVD"
"DisplayName"="InterVideo WinDVD 6"
"DisplayName"="DivX Pro Trial"
"DisplayName"="DivX Player"
"DisplayName"="Musicmatch® Jukebox"
"DisplayName"="MSN Messenger 7.0"
"DisplayName"="Adobe Reader 6.0.1 - Suomi"
"DisplayName"="iTunes"
"DisplayName"="Norton AntiVirus 2004"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="SymNet"
"DisplayName"="Norton AntiVirus Parent MSI"
"DisplayName"="InterVideo Disc Master 2.5"
"DisplayName"="MSRedist"Sammuta kone ja käynnistä kone VIKASIETOTILASSA.
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
Poista nämä sieltä lisää / poista sovelluksen kautta.
Valitettavasti osa noista on vaikeita poistaa tai ne ei lähde ollenkaan.
BMSE dbl
Error Guard 2.5.0
IE Help
IEC system
Recommended Hotfix - 421701D
RelevantKnowledge
Uninstall 180searchAssistant
SE Assistant
SE Help
Search Function
AutoUpdate
Kun olet poistanut noi poista sitten Juun ilmoittaman ohjeen mukaan. Pistä myös uusi HijackThis logi ja pistä scannaa vielä uudelleen sillä .bat tiedostolla ja pistä UUSI poistaohjelmanasennuslista.txt logi
.
.- moukka
Ad-Aware kirjoitti:
Sammuta kone ja käynnistä kone VIKASIETOTILASSA.
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
Poista nämä sieltä lisää / poista sovelluksen kautta.
Valitettavasti osa noista on vaikeita poistaa tai ne ei lähde ollenkaan.
BMSE dbl
Error Guard 2.5.0
IE Help
IEC system
Recommended Hotfix - 421701D
RelevantKnowledge
Uninstall 180searchAssistant
SE Assistant
SE Help
Search Function
AutoUpdate
Kun olet poistanut noi poista sitten Juun ilmoittaman ohjeen mukaan. Pistä myös uusi HijackThis logi ja pistä scannaa vielä uudelleen sillä .bat tiedostolla ja pistä UUSI poistaohjelmanasennuslista.txt logi
.
.Logfile of HijackThis v1.99.0
Scan saved at 19:15:26, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\HIjackThis.exe\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod-palvelu - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe - moukka
Ad-Aware kirjoitti:
Sammuta kone ja käynnistä kone VIKASIETOTILASSA.
http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001052409420406
Poista nämä sieltä lisää / poista sovelluksen kautta.
Valitettavasti osa noista on vaikeita poistaa tai ne ei lähde ollenkaan.
BMSE dbl
Error Guard 2.5.0
IE Help
IEC system
Recommended Hotfix - 421701D
RelevantKnowledge
Uninstall 180searchAssistant
SE Assistant
SE Help
Search Function
AutoUpdate
Kun olet poistanut noi poista sitten Juun ilmoittaman ohjeen mukaan. Pistä myös uusi HijackThis logi ja pistä scannaa vielä uudelleen sillä .bat tiedostolla ja pistä UUSI poistaohjelmanasennuslista.txt logi
.
.---------- UNINSTALLPROGRAMLIST
"DisplayName"="AC3Filter (remove only)"
"DisplayName"="Adobe Download Manager 1.2 (Poista ainoastaan)"
"DisplayName"="AP Guitar Tuner 1.02"
"DisplayName"="ATI Display Driver"
"DisplayName"="AVIcodec (remove only)"
"DisplayName"="BitTorrent 3.2.1"
"DisplayName"="BMSE dbl"
"DisplayName"="BSPlayer"
"DisplayName"="Cliprex DS DVD Player"
"DisplayName"="CloneDVD2"
"DisplayName"="Conexant 56K ACLink Modem"
"DisplayName"="DVD Region CSS Free 5.61"
"DisplayName"="DVDFab Platinum 2.56"
"DisplayName"="DX-Ball 1.07"
"DisplayName"="ffdshow (remove only)"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Haunted House Screen Saver"
"DisplayName"="HijackThis 1.98.2"
"DisplayName"="IE Help"
"DisplayName"="IEC system"
"DisplayName"="iTunes"
"DisplayName"="InterActual Player"
"DisplayName"="Windows XP Hotfix - KB834707"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Windows XP Hotfix - KB873339"
"DisplayName"="Windows XP Hotfix - KB885835"
"DisplayName"="Windows XP Hotfix - KB885836"
"DisplayName"="Windows XP Hotfix - KB886185"
"DisplayName"="Windows XP Hotfix - KB890175"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="Living 3D Dolphins Screen Saver"
"DisplayName"="Living Marine Aquarium Screen Saver"
"DisplayName"="Living Waterfalls Screen Saver"
"DisplayName"="Macromedia Shockwave Player"
"DisplayName"="Nero OEM"
"DisplayName"="QuickTime"
"DisplayName"="SE Assistant"
"DisplayName"="SE Help"
"DisplayName"="Search Function"
"DisplayName"="Norton AntiVirus 2004 (Symantec Corporation)"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media Format Runtime"
"DisplayName"="Windows Media Player 10"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="WinRAR-pakkausohjelma"
"DisplayName"="WinZip"
"DisplayName"="Yahoo! Toolbar"
"DisplayName"="ZoneAlarm"
"DisplayName"="Zoom Player (remove only)"
"DisplayName"="Sony Ericsson Image Editor"
"DisplayName"="AutoUpdate"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="WebFldrs XP"
"DisplayName"="PowerDVD"
"DisplayName"="InterVideo WinDVD 6"
"DisplayName"="DivX Pro Trial"
"DisplayName"="DivX Player"
"DisplayName"="Musicmatch® Jukebox"
"DisplayName"="MSN Messenger 7.0"
"DisplayName"="Adobe Reader 6.0.1 - Suomi"
"DisplayName"="iTunes"
"DisplayName"="Norton AntiVirus 2004"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="SymNet"
"DisplayName"="Norton AntiVirus Parent MSI"
"DisplayName"="InterVideo Disc Master 2.5"
"DisplayName"="MSRedist" moukka kirjoitti:
Logfile of HijackThis v1.99.0
Scan saved at 19:15:26, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\HIjackThis.exe\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod-palvelu - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exeFIXaa vielä tämä rivi
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
Odottele myös Juun vastausta jos hän vaikka löytää vielä jotain muuta tuosta lokista :)
.
.moukka kirjoitti:
---------- UNINSTALLPROGRAMLIST
"DisplayName"="AC3Filter (remove only)"
"DisplayName"="Adobe Download Manager 1.2 (Poista ainoastaan)"
"DisplayName"="AP Guitar Tuner 1.02"
"DisplayName"="ATI Display Driver"
"DisplayName"="AVIcodec (remove only)"
"DisplayName"="BitTorrent 3.2.1"
"DisplayName"="BMSE dbl"
"DisplayName"="BSPlayer"
"DisplayName"="Cliprex DS DVD Player"
"DisplayName"="CloneDVD2"
"DisplayName"="Conexant 56K ACLink Modem"
"DisplayName"="DVD Region CSS Free 5.61"
"DisplayName"="DVDFab Platinum 2.56"
"DisplayName"="DX-Ball 1.07"
"DisplayName"="ffdshow (remove only)"
"DisplayName"="GSpot Codec Information Appliance"
"DisplayName"="Haunted House Screen Saver"
"DisplayName"="HijackThis 1.98.2"
"DisplayName"="IE Help"
"DisplayName"="IEC system"
"DisplayName"="iTunes"
"DisplayName"="InterActual Player"
"DisplayName"="Windows XP Hotfix - KB834707"
"DisplayName"="Microsoft Data Access Components KB870669"
"DisplayName"="Windows XP Hotfix - KB873339"
"DisplayName"="Windows XP Hotfix - KB885835"
"DisplayName"="Windows XP Hotfix - KB885836"
"DisplayName"="Windows XP Hotfix - KB886185"
"DisplayName"="Windows XP Hotfix - KB890175"
"DisplayName"="LiveReg (Symantec Corporation)"
"DisplayName"="LiveUpdate 1.90 (Symantec Corporation)"
"DisplayName"="Living 3D Dolphins Screen Saver"
"DisplayName"="Living Marine Aquarium Screen Saver"
"DisplayName"="Living Waterfalls Screen Saver"
"DisplayName"="Macromedia Shockwave Player"
"DisplayName"="Nero OEM"
"DisplayName"="QuickTime"
"DisplayName"="SE Assistant"
"DisplayName"="SE Help"
"DisplayName"="Search Function"
"DisplayName"="Norton AntiVirus 2004 (Symantec Corporation)"
"DisplayName"="Winamp (remove only)"
"DisplayName"="Windows Media Format Runtime"
"DisplayName"="Windows Media Player 10"
"DisplayName"="Windows XP Service Pack 2"
"DisplayName"="WinRAR-pakkausohjelma"
"DisplayName"="WinZip"
"DisplayName"="Yahoo! Toolbar"
"DisplayName"="ZoneAlarm"
"DisplayName"="Zoom Player (remove only)"
"DisplayName"="Sony Ericsson Image Editor"
"DisplayName"="AutoUpdate"
"DisplayName"="Google Toolbar for Internet Explorer"
"DisplayName"="WebFldrs XP"
"DisplayName"="PowerDVD"
"DisplayName"="InterVideo WinDVD 6"
"DisplayName"="DivX Pro Trial"
"DisplayName"="DivX Player"
"DisplayName"="Musicmatch® Jukebox"
"DisplayName"="MSN Messenger 7.0"
"DisplayName"="Adobe Reader 6.0.1 - Suomi"
"DisplayName"="iTunes"
"DisplayName"="Norton AntiVirus 2004"
"DisplayName"="Symantec Script Blocking Installer"
"DisplayName"="CC_ccStart"
"DisplayName"="ccCommon"
"DisplayName"="SymNet"
"DisplayName"="Norton AntiVirus Parent MSI"
"DisplayName"="InterVideo Disc Master 2.5"
"DisplayName"="MSRedist"Etkö saanut näitä pois vai eikö ne näkynyt siellä lisää / poista sovelluksessa ?
BMSE dbl
IE Help
IEC system
SE Assistant
SE Help
Search Function
AutoUpdate
.
.Ad-Aware kirjoitti:
FIXaa vielä tämä rivi
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
Odottele myös Juun vastausta jos hän vaikka löytää vielä jotain muuta tuosta lokista :)
.
.Sitten hae Ad-Aware SE
http://koti.mbnet.fi/pattaya1/adaware.htm
lataa / asenna / päivitä ja scannaa sillä koneesi ja anna sen poistaa loput roskat.
.
.- Juu
moukka kirjoitti:
Logfile of HijackThis v1.99.0
Scan saved at 19:15:26, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\HIjackThis.exe\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} - http://www.netvenda.com/sites/games-intl/fi/games3.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod-palvelu - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exetäälä muuta näy ainakaan mun silmään.
- moukka
Ad-Aware kirjoitti:
Etkö saanut näitä pois vai eikö ne näkynyt siellä lisää / poista sovelluksessa ?
BMSE dbl
IE Help
IEC system
SE Assistant
SE Help
Search Function
AutoUpdate
.
.nyt ainakin luultavasti lähti, kun poistin niitä niin jokaisen kohdalla ilmoitti että kohde on ehkä jo poistettu sit se poisti ne siitä luettelosta. search functionia ja auto updatea mä en löytäny.logi on nyt tällainen:Logfile of HijackThis v1.99.0
Scan saved at 19:50:35, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\HIjackThis.exe\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod-palvelu - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exe moukka kirjoitti:
nyt ainakin luultavasti lähti, kun poistin niitä niin jokaisen kohdalla ilmoitti että kohde on ehkä jo poistettu sit se poisti ne siitä luettelosta. search functionia ja auto updatea mä en löytäny.logi on nyt tällainen:Logfile of HijackThis v1.99.0
Scan saved at 19:50:35, on 15.1.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\carpserv.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Norton AntiVirus\SAVScan.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\HIjackThis.exe\HijackThis.exe
C:\Program Files\Messenger\msmsgs.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn4\ycomp5_3_16_0.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MMTray] C:\Program Files\Musicmatch\Musicmatch Jukebox\mm_tray.exe
O4 - HKLM\..\Run: [mmtask] C:\Program Files\Musicmatch\Musicmatch Jukebox\mmtask.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: ppctlcab - http://www.pestscan.com/scanner/ppctlcab.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {2FC9A21E-2069-4E47-8235-36318989DB13} (PPSDKActiveXScanner.MainScreen) - http://www.pestscan.com/scanner/axscanner.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) - http://runonce.msn.com/setacceptlang.cab
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu - Unknown - C:\WINDOWS\System32\dmadmin.exe
O23 - Service: Tapahtumaloki - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: CD-levyjen kirjoittamisen IMAPI COM -palvelu - Unknown - C:\WINDOWS\System32\imapi.exe
O23 - Service: iPod-palvelu - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NetMeeting etätyöpöydän jakaminen - Unknown - C:\WINDOWS\System32\mnmsrvc.exe
O23 - Service: Norton AntiVirus -ohjelman automaattinen suojaus - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Plug and Play - Unknown - C:\WINDOWS\system32\services.exe
O23 - Service: Etätyöpöydän ohjeen istunnonhallinta - Unknown - C:\WINDOWS\system32\sessmgr.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Älykortti - Unknown - C:\WINDOWS\System32\SCardSvr.exe
O23 - Service: Resurssilokit ja -hälytykset - Unknown - C:\WINDOWS\system32\smlogsvc.exe
O23 - Service: TrueVector Internet Monitor - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
O23 - Service: Aseman tilannevedos - Unknown - C:\WINDOWS\System32\vssvc.exe
O23 - Service: WMI resurssisovitin - Unknown - C:\WINDOWS\System32\wbem\wmiapsrv.exeLogi on OK.
Hyvä jos ne lähti sieltä lisää / poista sovelluksesta.
Voit poistaa sen .bat tiedoston ja sen muodostaman poistaohjelmanasennuslista.txt
tiedoston työpöydältä. Niitä ei tarvita enää.
.
.- moukka
Ad-Aware kirjoitti:
Logi on OK.
Hyvä jos ne lähti sieltä lisää / poista sovelluksesta.
Voit poistaa sen .bat tiedoston ja sen muodostaman poistaohjelmanasennuslista.txt
tiedoston työpöydältä. Niitä ei tarvita enää.
.
.olen kiitollinen!
Ketjusta on poistettu 0 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
- 1191632
Noniin rakas
Annetaanko pikkuhiljaa jo olla, niin ehkä säilyy vienot hymyt kohdatessa. En edelleenkään halua sulle tai kenellekään mi991468Lasten hyväksikäyttö netissä - Joka 3. nuori on saanut seksuaalisen yhteydenoton pedofiililtä
Järkyttävää! Lapsiin kohdistuva seksuaalinen hyväksikäyttö verkossa on yhä pahempi ongelma. Ulkolinja: Lasten hyväksikäy36864Multa sulle
Pyörit 24/7 mielessä, kuljet mun mukana, mielessä kyselen sun mielipiteitä, vitsailen sulle, olen sydän auki, aitona. M29839Kumpi vetoaa enemmän sinuun
Kaivatun ulkonäkö vai persoonallisuus? Ulkonäössä kasvot vai vartalo? Mikä luonteessa viehättää eniten? Mikä ulkonäössä?36759Nainen, olen tutkinut sinua paljon
Salaisuutesi ei ole minulle salaisuus. Ehkä teimme jonkinlaista vaihtokauppaa kun tutkisimme toisiamme. Meillä oli kumm50756Okei nyt mä ymmärrän
Olet siis noin rakastunut, se selittää. Onneksesi tunne on molemminpuolinen 😘56708Olet myös vähän ärsyttävä
Tuntuu, että olet tahallaan nuin vaikeasti tavoiteltava. En tiedä kauanko jaksan tätä näin.37700Mies, eihän sulla ole vaimoa tai naisystävää?
Minusta tuntuu jotenkin, että olisit eronnut joskus, vaikka en edes tiedä onko se totta. Jos oletkin oikeasti edelleen s42699Onko sulla empatiakykyä?
Etkö tajua yhtään miltä tämä tuntuu minusta? Minä ainakin yritän ymmärtää miltä sinusta voisi tuntua. En usko, että olet37663