escan

joyder

Avast löysi win32:Dieler-gen haittaohjelman ja sain ilmeisesti poistettu sen avastin avulla.

eScanilla löysin vielä tällaisia:

File D:\WINDOWS\desktop.html infected by "not-virus:Hoax.Win32.Aflac.a" Virus. Action Taken: File Renamed.
File D:\WINDOWS\System32\idownload.exe infected by "Trojan-Downloader.Win32.Small.buy" Virus. Action Taken: File Deleted.
File D:\WINDOWS\System32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
File D:\WINDOWS\System32\skrb0x.exe infected by "Packed.Win32.Klone.b" Virus. Action Taken: File Renamed.
File D:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
File D:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.

Nämä löydety tiedostot varmaan pystyy/saa huoletta poistaa.

Hijack logi:

Logfile of HijackThis v1.99.1
Scan saved at 12:41:55, on 5.12.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
D:\Program Files\Winamp\winampa.exe
D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\System32\RUNDLL32.EXE
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\MSN Messenger\MsnMsgr.Exe
D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
D:\Program Files\WinZip\WZQKPICK.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\ZoneLabs\vsmon.exe
D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
D:\WINDOWS\System32\wuauclt.exe
D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\Kaspersky\mwavscan.com
D:\Kaspersky\kavss.exe
D:\Program Files\Windows NT\Accessories\wordpad.exe
D:\PROGRA~1\WINZIP\winzip32.exe
D:\hijackthis\HijackThis.exe

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2DF4B4-0021-4331-86A7-C6E354E7AF61}: NameServer = 85.255.113.118,85.255.112.100
O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE15FAD-64B3-4F8F-8824-F445A31C061C}: NameServer = 85.255.113.118,85.255.112.100
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

4

313

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • Juu

      Merkkaa nuo sulje selain ja paina Fix checked

      O16 - DPF: {85D1F3B2-2A21-11D7-97B9-0010DC2A6243} (SecureLogin class) - http://secure2.comned.com/signuptemplates/securelogin-devel.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{4E2DF4B4-0021-4331-86A7-C6E354E7AF61}: NameServer = 85.255.113.118,85.255.112.100
      O17 - HKLM\System\CCS\Services\Tcpip\..\{DDE15FAD-64B3-4F8F-8824-F445A31C061C}: NameServer = 85.255.113.118,85.255.112.100

      Käynnistä sitte vikasietotilassa ja poista

      D:\WINDOWS\System32\rzspy.exe

      Käynnistä normaalisti ja :

      Sitte ota tuo ja säästä se vaikka työpöydälle

      http://downloads.subratam.org/Fixwareout.exe

      tuplaklikkaa sitä ja aja se seuraamalla ohjeita.
      Kun kone on käynnistyny uudestaan niin lähetä uus Hijack logi ja c:\fixwareout/report.txt logi.

      • joyder

        Fixwareout ver 1.003
        Post this report in the forums please

        Reg Entries that were deleted
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\ypszr
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\daolnwodi
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\x0brks
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\lavinraCputeS
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd

        PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

        »»»»» Search by size and names...

        »»»»» Misc files

        »»»»» Checking for older varients covered by the Rem3 tool

        ja tässä hijack-logi:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:44:40, on 5.12.2005
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        D:\WINDOWS\System32\smss.exe
        D:\WINDOWS\system32\winlogon.exe
        D:\WINDOWS\system32\services.exe
        D:\WINDOWS\system32\lsass.exe
        D:\WINDOWS\system32\svchost.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\logonui.exe
        D:\WINDOWS\Explorer.EXE
        D:\WINDOWS\system32\spoolsv.exe
        D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        D:\Program Files\Alwil Software\Avast4\ashServ.exe
        D:\WINDOWS\System32\nvsvc32.exe
        D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\ZoneLabs\vsmon.exe
        D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        D:\WINDOWS\system32\NOTEPAD.EXE
        D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        D:\Program Files\Winamp\winampa.exe
        D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        D:\WINDOWS\System32\RUNDLL32.EXE
        D:\Program Files\Common Files\Real\Update_OB\realsched.exe
        D:\Program Files\Messenger\msmsgs.exe
        D:\Program Files\Skype\Phone\Skype.exe
        D:\Program Files\MSN Messenger\MsnMsgr.Exe
        D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        D:\Program Files\WinZip\WZQKPICK.EXE
        D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
        D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
        D:\WINDOWS\System32\wuauclt.exe
        D:\hijackthis\HijackThis.exe

        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
        O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
        O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
        O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
        O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
        O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
        O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
        O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
        O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe


      • Juu
        joyder kirjoitti:

        Fixwareout ver 1.003
        Post this report in the forums please

        Reg Entries that were deleted
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ruins\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\repiwoh
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\ypszr
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\daolnwodi
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\x0brks
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\lavinraCputeS
        HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Urls\putesprpgd

        PLEASE NOTE THAT ALL FILES FOUND BY THIS METHOD ARE NOT BAD FILES, There WILL be LEGIT FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

        »»»»» Search by size and names...

        »»»»» Misc files

        »»»»» Checking for older varients covered by the Rem3 tool

        ja tässä hijack-logi:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:44:40, on 5.12.2005
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        D:\WINDOWS\System32\smss.exe
        D:\WINDOWS\system32\winlogon.exe
        D:\WINDOWS\system32\services.exe
        D:\WINDOWS\system32\lsass.exe
        D:\WINDOWS\system32\svchost.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\logonui.exe
        D:\WINDOWS\Explorer.EXE
        D:\WINDOWS\system32\spoolsv.exe
        D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        D:\Program Files\Alwil Software\Avast4\ashServ.exe
        D:\WINDOWS\System32\nvsvc32.exe
        D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        D:\WINDOWS\System32\svchost.exe
        D:\WINDOWS\system32\ZoneLabs\vsmon.exe
        D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        D:\WINDOWS\system32\NOTEPAD.EXE
        D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        D:\Program Files\Winamp\winampa.exe
        D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        D:\WINDOWS\System32\RUNDLL32.EXE
        D:\Program Files\Common Files\Real\Update_OB\realsched.exe
        D:\Program Files\Messenger\msmsgs.exe
        D:\Program Files\Skype\Phone\Skype.exe
        D:\Program Files\MSN Messenger\MsnMsgr.Exe
        D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        D:\Program Files\WinZip\WZQKPICK.EXE
        D:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
        D:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe
        D:\PROGRA~1\MOZILL~1\FIREFOX.EXE
        D:\WINDOWS\System32\wuauclt.exe
        D:\hijackthis\HijackThis.exe

        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll
        O3 - Toolbar: MSN-työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - D:\Program Files\MSN Toolbar\01.01.2607.0\fi\msntb.dll
        O4 - HKLM\..\Run: [Zone Labs Client] D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [Smapp] D:\Program Files\Analog Devices\SoundMAX\SMTray.exe
        O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
        O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
        O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
        O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
        O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
        O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
        O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Program Files\WinZip\WZQKPICK.EXE
        O8 - Extra context menu item: &Google Search - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
        O8 - Extra context menu item: &Translate English Word - res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
        O8 - Extra context menu item: Backward Links - res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
        O8 - Extra context menu item: Cached Snapshot of Page - res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
        O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Similar Pages - res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
        O8 - Extra context menu item: Translate Page into English - res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
        O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
        O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
        O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
        O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\HPZipm12.exe
        O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - D:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
        O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - D:\WINDOWS\system32\ZoneLabs\vsmon.exe

        Hyvä on.


      • joyder
        Juu kirjoitti:

        Hyvä on.

        Kiitos ihan mielettömästi, kun jaksoit paneutua tähän!!!! Kiitos!!!!!!!!!!!!!!!!!!


    Ketjusta on poistettu 1 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Mihin Ilkka Kanerva kuoli?

      Kun näin jokin aika sitten kuvan riutuneen näköisestä Kanervasta, sanoin vaimolle että haimasyövältä vaikuttaa. Vaimon isä oli kuollut kyseiseen tauti
      Maailman menoa
      403
      30728
    2. Martinan lapset JÄLLEEN valjastettu valkopesureiksi

      Ei tuo nainen todellakaan täysillä käy. Vauvakin tajuaa että kysymykset ja vastaukset ovat Martinan itsensä tekemiä, lapset vastaa mitä on käsketty. J
      Kotimaiset julkkisjuorut
      476
      4141
    3. Sofia Belorf ja Sonja Aiello

      Viihtyvät yhdessä dinnerillä. Pienet piirit. Mitä ajatuksia herättää ?
      Kotimaiset julkkisjuorut
      97
      2714
    4. Stefu LOISTAVAA!

      Ilmeisesti joku vedonlyönti tms, selvinpäin-elämästä👍👍👍 ilmankos ei ole Sofiaa näkynyt. Miten tän parin nyt käy, kun viimi ei maksettuna enää virta
      Kotimaiset julkkisjuorut
      132
      1879
    5. Teille, Venäjällä pelottelijat

      Oletatteko ja väitättekö te, että Venäjä pystyisi tuosta vain miehittämään Suomen?
      Maailman menoa
      590
      1654
    6. Ilkka Kanerva on kuollut

      74-vuotiaana.
      Maailman menoa
      86
      1584
    7. Kakista se ulos nainen vihdoin viimein

      Että haluat, kummatkin halutaan. Otan sinut kuumaan syleilyyn sitten.
      Ikävä
      75
      1561
    8. Ujostuttaa eräs aikuinen mies...

      Mitä se tämmönen on... tuo mies aiheuttaa minulle ylimääräsiä tykytyksiä... Rohkeampana pyytäsin häntä ulos mut jospa hän... Miten mun vaistot ilmoit
      Ikävä
      59
      1488
    9. Jos me käytäs nainen

      Ulkona niin mitkä olisi ne kolme asiaa joita tahtoisit kysyä tai kertoa minulle?
      Ikävä
      72
      1238
    Aihe