escan

joyder

Avast löysi win32:Dieler-gen haittaohjelman ja sain ilmeisesti poistettu sen avastin avulla.

eScanilla löysin vielä tällaisia:

File D:\WINDOWS\desktop.html infected by "not-virus:Hoax.Win32.Aflac.a" Virus. Action Taken: File Renamed.
File D:\WINDOWS\System32\idownload.exe infected by "Trojan-Downloader.Win32.Small.buy" Virus. Action Taken: File Deleted.
File D:\WINDOWS\System32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
File D:\WINDOWS\System32\skrb0x.exe infected by "Packed.Win32.Klone.b" Virus. Action Taken: File Renamed.
File D:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
File D:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.

Nämä löydety tiedostot varmaan pystyy/saa huoletta poistaa.


Hijack logi:

Logfile of HijackThis v1.99.1
Scan saved at 12:41:55, on 5.12.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\WinZip\WZQKPICK.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
D:\WINDOWS\System32\wuauclt.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Kaspersky\mwavscan.com
D:\Kaspersky\kavss.exe
D:\Program Files\Windows NT\Accessories\wordpad.exe
D:\PROGRA~1\WINZIP\winzip32.exe
D:\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2DF4B4-0021-4331-86A7-C6E354E7AF61}: NameServer = 85.255.113.118,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE15FAD-64B3-4F8F-8824-F445A31C061C}: NameServer = 85.255.113.118,85.255.112.100
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

4

320

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • Juu

      Merkkaa nuo sulje selain ja paina Fix checked

      O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2DF4B4-0021-4331-86A7-C6E354E7AF61}: NameServer = 85.255.113.118,85.255.112.100
      O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE15FAD-64B3-4F8F-8824-F445A31C061C}: NameServer = 85.255.113.118,85.255.112.100


      Käynnistä sitte vikasietotilassa ja poista

      D:\WINDOWS\System32\rzspy.exe

      Käynnistä normaalisti ja :

      Sitte ota tuo ja säästä se vaikka työpöydälle

      http://downloads.subratam.org/Fixwareout.exe

      tuplaklikkaa sitä ja aja se seuraamalla ohjeita.
      Kun kone on käynnistyny uudestaan niin lähetä uus Hijack logi ja c:\fixwareout/report.txt logi.

      • joyder

        Fixwareout ver 1.003
        Post this report in the forums please

        Reg Entries that were deleted
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\ypszr
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\daolnwodi
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\x0brks
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\lavinraCputeS
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd

        PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

        »»»»» Search by size and names...

        »»»»» Misc files

        »»»»» Checking for older varients covered by the Rem3 tool


        ja tässä hijack-logi:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:44:40, on 5.12.2005
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        D:\WINDOWS\System32\smss.exe
        D:\WINDOWS\system32\winlogon.exe
        D:\WINDOWS\system32\services.exe
        D:\WINDOWS\system32\lsass.exe
        D:\WINDOWS\system32\svchost.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\logonui.exe
        D:\WINDOWS\Explorer.EXE
        D:\WINDOWS\system32\spoolsv.exe
        D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        D:\Program Files\Alwil Software\Avast4\ashServ.exe
        D:\WINDOWS\System32\nvsvc32.exe
        D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\ZoneLabs\vsmon.exe
        D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        D:\WINDOWS\system32\NOTEPAD.EXE
        D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        D:\Program Files\Winamp\winampa.exe
        D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        D:\WINDOWS\System32\RUNDLL32.EXE
        D:\Program Files\Common Files\Real\Update_OB\realsched.exe
        D:\Program Files\Messenger\msmsgs.exe
        D:\Program Files\Skype\Phone\Skype.exe
        D:\Program Files\MSN Messenger\MsnMsgr.Exe
        D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        D:\Program Files\WinZip\WZQKPICK.EXE
        D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
        D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
        D:\WINDOWS\System32\wuauclt.exe
        D:\hijackthis\HijackThis.exe

        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
        O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
        O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
        O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
        O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
        O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
        O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
        O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
        O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe


      • Juu
        joyder kirjoitti:

        Fixwareout ver 1.003
        Post this report in the forums please

        Reg Entries that were deleted
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\ypszr
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\daolnwodi
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\x0brks
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\lavinraCputeS
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd

        PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

        »»»»» Search by size and names...

        »»»»» Misc files

        »»»»» Checking for older varients covered by the Rem3 tool


        ja tässä hijack-logi:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:44:40, on 5.12.2005
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        D:\WINDOWS\System32\smss.exe
        D:\WINDOWS\system32\winlogon.exe
        D:\WINDOWS\system32\services.exe
        D:\WINDOWS\system32\lsass.exe
        D:\WINDOWS\system32\svchost.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\logonui.exe
        D:\WINDOWS\Explorer.EXE
        D:\WINDOWS\system32\spoolsv.exe
        D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        D:\Program Files\Alwil Software\Avast4\ashServ.exe
        D:\WINDOWS\System32\nvsvc32.exe
        D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\ZoneLabs\vsmon.exe
        D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        D:\WINDOWS\system32\NOTEPAD.EXE
        D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        D:\Program Files\Winamp\winampa.exe
        D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        D:\WINDOWS\System32\RUNDLL32.EXE
        D:\Program Files\Common Files\Real\Update_OB\realsched.exe
        D:\Program Files\Messenger\msmsgs.exe
        D:\Program Files\Skype\Phone\Skype.exe
        D:\Program Files\MSN Messenger\MsnMsgr.Exe
        D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        D:\Program Files\WinZip\WZQKPICK.EXE
        D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
        D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
        D:\WINDOWS\System32\wuauclt.exe
        D:\hijackthis\HijackThis.exe

        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
        O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
        O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
        O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
        O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
        O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
        O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
        O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
        O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

        Hyvä on.


      • joyder
        Juu kirjoitti:

        Hyvä on.

        Kiitos ihan mielettömästi, kun jaksoit paneutua tähän!!!! Kiitos!!!!!!!!!!!!!!!!!!


    Ketjusta on poistettu 1 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Riikan kukkaronnyöri on umpisolmussa

      Kulutus ei lähde liikkeelle, koska kansalaiset eivät usko, että: – työpaikka säilyy – tulot eivät romahda – talous ei h
      Maailman menoa
      64
      4231
    2. Kuka paiskasi vauvan betoniin Oulussa?

      Nimi esiin.....
      Oulu
      67
      4181
    3. Jos vedetään mutkat suoraksi?

      Niin kumpaan ryhmään kuulut? A) Niihin, jotka menevät edellä ja tekevät? Vai B) Niihin, jotka kulkevat perässä ja ar
      Sinkut
      107
      2900
    4. Tanskan malli perustuu korkeaan ansioturvaan

      Ja vahvoihin työllisyys- ja kotoutumispalveluihin. Suomessa Riikka on leikannut juuri näitä: palkkatukea, työttömyysturv
      Maailman menoa
      55
      2782
    5. Vain vasemmistolaiset ovat aitoja suomalaisia

      Esimerkiksi persut ovat ulkomaalaisen pääomasijoittajan edunvalvojia, eivät auta köyhiä suomalaisia.
      Maailman menoa
      55
      1992
    6. Epäily: Räppäri yritti tappaa vauvansa.

      https://www.mtvuutiset.fi/artikkeli/epaily-mies-yritti-tappaa-vauvansa/9300728 Tämä on erittäin järkyttävä teko täysin p
      Maailman menoa
      21
      1989
    7. Anteeksipyyntöni

      Jätän tähän anteeksipyyntöni sinulle, koska en voi sanoa sitä missään muuallakaan. Pyydän anteeksi, jos purkamani tuska
      Järki ja tunteet
      15
      1669
    8. Miten must tuntuu

      et sä ajattelet mua just nyt
      Ikävä
      32
      1503
    9. Sydämeni valtiaalle

      En täältä aio asioita kysellä. Haluan tuoda tiedoksesi, että pohjimmiltani en ihmisiä tahdo satuttaa ja ajattelen muiden
      Ikävä
      109
      1343
    10. Kun et vain tajua että

      sua lähestytään feikkiprofiililla :D Hanki aivot :D m-n
      Ikävä
      180
      1271
    Aihe