Tjaaah toivottavasti on nyt sitten oikea...
Logfile of HijackThis v1.99.1
Scan saved at 18:06:22, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe
Tässä tämä
59
1785
Vastaukset
- Puhdetta
Katos löytyykö sulta Norman vielä lisää / poista sovelutuksesta. Jos löytyy niin poista.
Tämä on ainakin eka vaihe.
Jos kerran avastia käytät ja avastin lisäksi lataat palomuurin.
Tuolta.
http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htm - Puhdetta.
scannaa, merkkaa paina Fix checked
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/ SmileyCentralFWBInitialSetup1.0.0.15.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - - Puhdetta.
Laitetaas toi hjt oikeaan paikaan näin.
Mene lisää / poista sovellutukseen ja poista se sieltä.
Sitten lataa tuosta uusi.
http://koti.mbnet.fi/pattaya1/hijackthis.htm#Asennus
Klikkaa sivulla kohtaa > hijackthis_self.exe <
sitten numerojärjestyksessä
1.Unzip
2.OK
3.Close
Paina tuota nappia missä lukee näin.
Do a system scan and save a logfile
Laita taas siintä tuleva muistio tänne eli loki.- poro peukalo
toivottavasti on oikea, en tosiaankaan haliite liian hyvin näitä asioita. se on äijä joka onnistuu aina imuroimaan kaiken paskan koneelle.
Logfile of HijackThis v1.99.1
Scan saved at 18:57:06, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe - Puhdetta
poro peukalo kirjoitti:
toivottavasti on oikea, en tosiaankaan haliite liian hyvin näitä asioita. se on äijä joka onnistuu aina imuroimaan kaiken paskan koneelle.
Logfile of HijackThis v1.99.1
Scan saved at 18:57:06, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeAvastia vai Nortonia. Virusohjelmaa?
- Puhdetta.
poro peukalo kirjoitti:
toivottavasti on oikea, en tosiaankaan haliite liian hyvin näitä asioita. se on äijä joka onnistuu aina imuroimaan kaiken paskan koneelle.
Logfile of HijackThis v1.99.1
Scan saved at 18:57:06, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeEikä norton.
- poro peukalo
Puhdetta kirjoitti:
Avastia vai Nortonia. Virusohjelmaa?
Avastia, ja sitten on myös ad-aware. se norton on jäänyt vaan roikkumaan sinne jostain kumman syystä.
- poro peukalo
Puhdetta. kirjoitti:
Eikä norton.
aivan siis, norman.
- Puhdetta
poro peukalo kirjoitti:
aivan siis, norman.
Poista se Norman Lisää/poista sovellutuksesta.
Käynnistä > ohjaupaneli > Lisää tai poista sovellus klikkaa auki ja oota.. sitten etit ton Normanin ja painat että poista. - poro peukalo
Puhdetta kirjoitti:
Poista se Norman Lisää/poista sovellutuksesta.
Käynnistä > ohjaupaneli > Lisää tai poista sovellus klikkaa auki ja oota.. sitten etit ton Normanin ja painat että poista.Niin siellä on vaan Norman internet control ja sitä se ei suostu poistamaan. Poistin kyllä koko Normanin (AV) tuossa aikaisemmin. Pitäiskö poistaa myös program filesisistä sellainen tiedosto mikä on pelkkä Norman?
- Puhdetta.
poro peukalo kirjoitti:
Niin siellä on vaan Norman internet control ja sitä se ei suostu poistamaan. Poistin kyllä koko Normanin (AV) tuossa aikaisemmin. Pitäiskö poistaa myös program filesisistä sellainen tiedosto mikä on pelkkä Norman?
Poista se normanin kansio
- poro peukalo
Puhdetta. kirjoitti:
Poista se normanin kansio
Ei anna poistaa, mutta onko siitä sitten haittaa jos se vaan jää roikkumaan sinne? Norman AV:n antoi poistaa muttei pelkkää Normania.
- Puhdetta.
poro peukalo kirjoitti:
Ei anna poistaa, mutta onko siitä sitten haittaa jos se vaan jää roikkumaan sinne? Norman AV:n antoi poistaa muttei pelkkää Normania.
Katotaas sitä
- poro peukalo
Puhdetta. kirjoitti:
Katotaas sitä
Logfile of HijackThis v1.99.1
Scan saved at 19:28:34, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe - Puhdetta.
poro peukalo kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 19:28:34, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeteepäs nyt näin
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
Kirjoita suorita kohtaan services.msc klikkaa ok etsi tuo C:\Norman\Nvc\BIN\Zanda.exe tuohon viitaava
tuplaklikkaa sitä ja laita > Ei käytössä < Käytä ja ok
Sitten tee tuo *Kolmas vaihe* tuolla ylhäällä. - Puhdetta.
poro peukalo kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 19:28:34, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Norman\Nvc\BIN\Zanda.exe
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\Nvc\BIN\Zanda.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeHijackThis v1.99.1
- poro peukalo
Logfile of HijackThis v1.99.1
Scan saved at 19:52:28, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe - Puhdetta.
poro peukalo kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 19:52:28, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Norman\Nvc\BIN\ZLH.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\WINDOWS\system32\NOTEPAD.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeO4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH Poista kansio
Ja taas uusi loki :) - poro peukalo
Puhdetta. kirjoitti:
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH
C:\Norman\Nvc\BIN\ZLH.EXE /LOAD /SPLASH Poista kansio
Ja taas uusi loki :)Niin juuh arvostan kyllä apuanne, mutta meneekö tähän kauan vielä? tarvitsisi ruokkia tyttö ja laittaa nukkumaan :)
Logfile of HijackThis v1.99.1
Scan saved at 20:05:03, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe - Puhdetta.
poro peukalo kirjoitti:
Niin juuh arvostan kyllä apuanne, mutta meneekö tähän kauan vielä? tarvitsisi ruokkia tyttö ja laittaa nukkumaan :)
Logfile of HijackThis v1.99.1
Scan saved at 20:05:03, on 5.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\slserv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
C:\Program Files\Internet Explorer\iexplore.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exeja kahvi tauko :=)
- poro peukalo
Puhdetta. kirjoitti:
ja kahvi tauko :=)
kylläh, menee hetki.
- poro peukalo
Puhdetta. kirjoitti:
ja kahvi tauko :=)
niin takaisin ollaan
- paikkaa
poro peukalo kirjoitti:
niin takaisin ollaan
tules tuonne
http://www.virustorjunta.net/modules.php?name=Forums&file=index
lokisi kanssa niin saat parempaa neuvontaa - poro peukalo
paikkaa kirjoitti:
tules tuonne
http://www.virustorjunta.net/modules.php?name=Forums&file=index
lokisi kanssa niin saat parempaa neuvontaaniin tarviiko kirjautua käyttäjäksi asti? vai voiko vieraana kirjoittaa?
- Puhdetta.
poro peukalo kirjoitti:
kylläh, menee hetki.
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
seuraat tuota polkua ja tarkistat tämän > SweetIM.exe < Kopioi sivulta tulos.
http://virusscan.jotti.org/
sitten lataa tuolta evido.
http://www.ewido.net/en/download/
asenna ja päivitä
Käynnistä kone vikasietotilaan naputtelemalla F8
aja sitten tolla evidolla kone lävitse. ja tallenna loki ja laita tänne hjt lokin kera. - Puhdetta.
poro peukalo kirjoitti:
niin tarviiko kirjautua käyttäjäksi asti? vai voiko vieraana kirjoittaa?
silloin se onnistuu.
- poro peukalo
Puhdetta. kirjoitti:
silloin se onnistuu.
juuh huomasin, kirjautusin, eli siis poropeukal. en tiedä osaanko edes käyttää koko paikkaa, mutta kokeillaan.
- poro peukalo
Puhdetta. kirjoitti:
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
seuraat tuota polkua ja tarkistat tämän > SweetIM.exe < Kopioi sivulta tulos.
http://virusscan.jotti.org/
sitten lataa tuolta evido.
http://www.ewido.net/en/download/
asenna ja päivitä
Käynnistä kone vikasietotilaan naputtelemalla F8
aja sitten tolla evidolla kone lävitse. ja tallenna loki ja laita tänne hjt lokin kera.Niin aivan kaipa silmät on sitten ristissä ollut kun oli tämä mennyt ohi. Mutta tämän asian toteutan ikävä kyllä vasta huomenna. Mulla oli toi ewido aikaisemmin, eikä siitä ollut turhan paljoa apua, mutta ladataan se nyt sitten vielä kerran uudelleen, mutta kuten sanoin huomenna. Ei tästä tule enään tähän aikaan mitään :)
- Puhdetta.
poro peukalo kirjoitti:
Niin aivan kaipa silmät on sitten ristissä ollut kun oli tämä mennyt ohi. Mutta tämän asian toteutan ikävä kyllä vasta huomenna. Mulla oli toi ewido aikaisemmin, eikä siitä ollut turhan paljoa apua, mutta ladataan se nyt sitten vielä kerran uudelleen, mutta kuten sanoin huomenna. Ei tästä tule enään tähän aikaan mitään :)
aja se sitten sielä vikasietotilassa.
ja sitä ennen katotaan mitä se siintä exsestä sanoo
Jotti. - poro peukalo
Puhdetta. kirjoitti:
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
seuraat tuota polkua ja tarkistat tämän > SweetIM.exe < Kopioi sivulta tulos.
http://virusscan.jotti.org/
sitten lataa tuolta evido.
http://www.ewido.net/en/download/
asenna ja päivitä
Käynnistä kone vikasietotilaan naputtelemalla F8
aja sitten tolla evidolla kone lävitse. ja tallenna loki ja laita tänne hjt lokin kera.Service load: 0% 100%
File: SweetIM.exe
Status: OK
MD5 abe4551217acd5fea9d831cdee03e17b
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing
oliko se pelkästään tämä minkä halusit tästä jutusta? - Puhdetta.
poro peukalo kirjoitti:
Service load: 0% 100%
File: SweetIM.exe
Status: OK
MD5 abe4551217acd5fea9d831cdee03e17b
Packers detected: -
Scanner results
AntiVir Found nothing
ArcaVir Found nothing
Avast Found nothing
AVG Antivirus Found nothing
BitDefender Found nothing
ClamAV Found nothing
Dr.Web Found nothing
F-Prot Antivirus Found nothing
Fortinet Found nothing
Kaspersky Anti-Virus Found nothing
NOD32 Found nothing
Norman Virus Control Found nothing
UNA Found nothing
VBA32 Found nothing
oliko se pelkästään tämä minkä halusit tästä jutusta?ei mitään siinä
- Puhdetta.
se evidon tulos ja uusi hjt loki
- poro peukalo
onko tämä se ewidon mtä tarkoitat nyt sitten? en poistanut mitään, löin vain ohjelman läpi
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
Created on: 22:33:47, 6.2.2006
Report-Checksum: 49C4C625
Scan result:
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\Icons -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\Links -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Time -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\dynamic -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\EUI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\HtmlPPP -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\ImagesHistory -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\init -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Install -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Local -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\mail -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\MultiUrl -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\options -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg800 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg801 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg802 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg803 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg807 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg808 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg810 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg811 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg812 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg818 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg819 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg824 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg825 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg826 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg827 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg828 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg829 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg830 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg842 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg843 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg844 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg845 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg847 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg848 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg849 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg856 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg857 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg862 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg863 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\UserInfo -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Weather -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Mail -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\soho -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} -> Spyware.SmartShopper : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{946B3E9E-E21A-49C8-9F63-900533FAFE14} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77EDA01-3C56-4A96-8D08-02B42891C169} -> Spyware.HotBar : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Addcontrol : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@burstnet[1].txt -> Spyware.Cookie.Burstnet : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@com[2].txt -> Spyware.Cookie.Com : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@paypopup[1].txt -> Spyware.Cookie.Paypopup : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Belstat : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Burstbeacon : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Ignored
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asm.exe -> Spyware.Altnet : Ignored
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asmps.dll -> Spyware.Altnet : Ignored
C:\FSC-OdyseeyClient\proginst.exe -> Trojan.Small.gv : Ignored
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
::Report End - poro peukalo
Logfile of HijackThis v1.99.1
Scan saved at 22:43:52, on 6.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe - Puhdetta.
poro peukalo kirjoitti:
onko tämä se ewidon mtä tarkoitat nyt sitten? en poistanut mitään, löin vain ohjelman läpi
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
Created on: 22:33:47, 6.2.2006
Report-Checksum: 49C4C625
Scan result:
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\Icons -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\HbTools\Install\Links -> Spyware.HotBar : Ignored
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Time -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\dynamic -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\EUI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\HtmlPPP -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\ImagesHistory -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\init -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Install -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Local -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\mail -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\MultiUrl -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\options -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg800 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg801 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg802 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg803 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg807 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg808 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg810 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg811 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg812 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg818 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg819 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg824 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg825 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg826 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg827 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg828 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg829 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg830 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg842 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg843 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg844 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg845 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg847 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg848 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg849 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg856 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg857 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg862 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg863 -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\UserInfo -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Weather -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\links -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Mail -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\soho -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL\Updates -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} -> Spyware.SmartShopper : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{946B3E9E-E21A-49C8-9F63-900533FAFE14} -> Spyware.HotBar : Ignored
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77EDA01-3C56-4A96-8D08-02B42891C169} -> Spyware.HotBar : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Addcontrol : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@burstnet[1].txt -> Spyware.Cookie.Burstnet : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@com[2].txt -> Spyware.Cookie.Com : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@paypopup[1].txt -> Spyware.Cookie.Paypopup : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Belstat : Ignored
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Burstbeacon : Ignored
C:\Documents and Settings\Tanja\Cookies\tanja@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Ignored
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asm.exe -> Spyware.Altnet : Ignored
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asmps.dll -> Spyware.Altnet : Ignored
C:\FSC-OdyseeyClient\proginst.exe -> Trojan.Small.gv : Ignored
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Ignored
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Ignored
HKLM\SOFTWARE\Classes\CLSID\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
::Report EndPuhdistamaan paljon on listassa.
- poro peukalo
Puhdetta. kirjoitti:
Puhdistamaan paljon on listassa.
siis lyön uudelleen koko ewidon läpi ja puhdistan kaikki? aivan kaikki? ja silloin se nimen omaan puhdistaa haittaohjelmat pois eikä tiedostoja? eihän tarvitse lyödä konetta uudelleen vika sieto tilaan? se vei äskenkin yli 40 minsaa huhuh
- Puhdetta.
poro peukalo kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 22:43:52, on 6.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exese tupla virustorjunta ja muutama örkki kiusasi.
- poro peukalo
Puhdetta. kirjoitti:
se tupla virustorjunta ja muutama örkki kiusasi.
eli siis hjt loki on ok että sille ei tarvitse tehdä mitään enään?
- poro peukalo
poro peukalo kirjoitti:
siis lyön uudelleen koko ewidon läpi ja puhdistan kaikki? aivan kaikki? ja silloin se nimen omaan puhdistaa haittaohjelmat pois eikä tiedostoja? eihän tarvitse lyödä konetta uudelleen vika sieto tilaan? se vei äskenkin yli 40 minsaa huhuh
niin siis puhdistan ne kaikki vähän päälle 200 tartunnan saanutta tiedostoa...?
- Puhdetta.
poro peukalo kirjoitti:
eli siis hjt loki on ok että sille ei tarvitse tehdä mitään enään?
en poistettavaa nää.
- poro peukalo
Puhdetta. kirjoitti:
en poistettavaa nää.
juu mutta laitanko koneen uudelleen vikasieto tilaan ja poistan/puhdistan kaikki vähän päälle 200 tiedostoa? olisinpa vähän nerompi itse voih... vai voinko laittaa sellaisenaan ewidon skannauksen läpi ilman vikasito tilaa?
- Puhdetta.
poro peukalo kirjoitti:
niin siis puhdistan ne kaikki vähän päälle 200 tartunnan saanutta tiedostoa...?
spywaree ja p2p networgin pöpöjä backupissa
- poro peukalo
poro peukalo kirjoitti:
juu mutta laitanko koneen uudelleen vikasieto tilaan ja poistan/puhdistan kaikki vähän päälle 200 tiedostoa? olisinpa vähän nerompi itse voih... vai voinko laittaa sellaisenaan ewidon skannauksen läpi ilman vikasito tilaa?
ja siten kun olen uudelleen ajanut ewidolla läpi ja poistanut koko höskän, niin sitten olemme valmiita?
- Puhdetta.
poro peukalo kirjoitti:
juu mutta laitanko koneen uudelleen vikasieto tilaan ja poistan/puhdistan kaikki vähän päälle 200 tiedostoa? olisinpa vähän nerompi itse voih... vai voinko laittaa sellaisenaan ewidon skannauksen läpi ilman vikasito tilaa?
pikku puuhaa vain :)
- Puhdetta.
poro peukalo kirjoitti:
ja siten kun olen uudelleen ajanut ewidolla läpi ja poistanut koko höskän, niin sitten olemme valmiita?
Puhasta tulee. Ja homma valmis
- poro peukalo
Puhdetta. kirjoitti:
pikku puuhaa vain :)
tarttee varmaan voimistella sitten hiiri sormi kuntoon kun tarttee pari sataa kertaa klikata heheh XD
- Puhdetta.
poro peukalo kirjoitti:
tarttee varmaan voimistella sitten hiiri sormi kuntoon kun tarttee pari sataa kertaa klikata heheh XD
tulee se ikkuna niin laita siihen alhaalla olevaan tyhjään kohtaan se ruksi niin ei tarvii naputella.
tossa ohjetta.
Tämän jälkeen vasta valitse kohta Complete System Scan ja scannaus alkaa. Jos tulee ilmoitus Infected object found! Tarkista,että kohdassa Create encrypted backup in the quarantine on ruksi ja laita ruksi itse kohtaan Perform action with all infections. Kohdassa Perform action: on oletuksena Remove. Suosittelen jättämään sen paikalleen vaikka sieltä voi myös valita None. Paina OK. Scannauksen päätyttyä voit tallentaa raportin teksti muodossa. - poro peukalo
Puhdetta. kirjoitti:
tulee se ikkuna niin laita siihen alhaalla olevaan tyhjään kohtaan se ruksi niin ei tarvii naputella.
tossa ohjetta.
Tämän jälkeen vasta valitse kohta Complete System Scan ja scannaus alkaa. Jos tulee ilmoitus Infected object found! Tarkista,että kohdassa Create encrypted backup in the quarantine on ruksi ja laita ruksi itse kohtaan Perform action with all infections. Kohdassa Perform action: on oletuksena Remove. Suosittelen jättämään sen paikalleen vaikka sieltä voi myös valita None. Paina OK. Scannauksen päätyttyä voit tallentaa raportin teksti muodossa.tässä näin... juu tajusin ítsekkin miten sain sen automaattisesti puhdistamaan. Onko sulla nyt sitten vinkkejä miten pöpöt pysyy mahollisimman kaukana? kannattaako ajaa toi ewido läpi kerran viikossa vaikka aina siinä vikasieto tilassa?
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
Created on: 0:09:40, 7.2.2006
Report-Checksum: B22BA2C
Scan result:
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Icons -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Links -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\dynamic -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\EUI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\HtmlPPP -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\ImagesHistory -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\init -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Local -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\mail -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\MultiUrl -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\options -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg800 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg801 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg802 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg803 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg807 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg808 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg810 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg811 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg812 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg818 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg819 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg824 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg825 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg826 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg827 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg828 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg829 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg830 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg842 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg843 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg844 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg845 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg847 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg848 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg849 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg856 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg857 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg862 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg863 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\UserInfo -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Weather -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Mail -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\soho -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} -> Spyware.SmartShopper : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{946B3E9E-E21A-49C8-9F63-900533FAFE14} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77EDA01-3C56-4A96-8D08-02B42891C169} -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Addcontrol : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Belstat : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asm.exe -> Spyware.Altnet : Error during cleaning
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asmps.dll -> Spyware.Altnet : Error during cleaning
C:\FSC-OdyseeyClient\proginst.exe -> Trojan.Small.gv : Cleaned with backup
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Cleaned with backup
::Report End - Puhdetta.
poro peukalo kirjoitti:
tässä näin... juu tajusin ítsekkin miten sain sen automaattisesti puhdistamaan. Onko sulla nyt sitten vinkkejä miten pöpöt pysyy mahollisimman kaukana? kannattaako ajaa toi ewido läpi kerran viikossa vaikka aina siinä vikasieto tilassa?
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
Created on: 0:09:40, 7.2.2006
Report-Checksum: B22BA2C
Scan result:
HKLM\SOFTWARE\Classes\AppID\WeatherOnTray.EXE -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\AppID\{0507FDDE-F3B7-49F5-9E8F-C557E991F39B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{1E0004EC-5DF0-48C7-A8F0-FBB0488A3D94} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\CLSID\{FA16BCE1-5E36-472A-8466-E0CDD5CE00E6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbCoreSrv.DynamicProp.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtCoreSrv.LfgAx.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostIE.Bho.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtMailAnim.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtHostOL.HbtWebmailSend.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtCommBand.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbTools.HbtTravelCompareBar.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtSrv.HbtCoreServices.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtHtmlMenuUI.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtToolbar.HbtToolbarCtl.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\HbtTools.HbMain.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{16097036-894C-4C00-A61F-93CA0D49A70E} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{2ED5AF98-9258-45BA-B79B-06625C92F662} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{700DC0DD-F409-42E0-9DE5-21EE1A2BA9FD} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{C91E8926-D4BE-4685-99F4-0D996B96BAC0} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{D273D427-57C6-4B12-860F-BBB8195F6E2A} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\Interface\{FD42F6D3-7AB1-470C-979B-7996EDC99099} -> Spyware.TOPicks : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{45397063-D7D0-47C2-9508-26487608A298} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71E9CF40-AF72-4B55-BD3F-1FEA2A0EAEA6} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{71EFE583-62FE-4419-9918-CA3B683F7B36} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{793AF621-5CD0-4B92-B765-6712F6AAF48E} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{9967A873-40F3-4C7E-9239-6C8760F19F61} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{B9F51D42-CCA0-4408-BB02-D433D1865A3A} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F720B40F-3A38-4B22-B30D-DCF095D42498} -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\TypeLib\{F8EE014F-B34C-4544-8E45-95A7971D323B} -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CLSID -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager\CurVer -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\Wallpaper.WallpaperManager.1 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CLSID -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer\CurVer -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\Classes\WebP2PInstaller.Installer.1 -> Spyware.P2PNetworking : Cleaned with backup
HKLM\SOFTWARE\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\MachineInfo -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HbTools\Upgrade -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Mail -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Hotbar\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\CmpMap -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Icons -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\HbTools\Install\Links -> Spyware.HotBar : Cleaned with backup
HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Common\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\dynamic -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\EUI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\HtmlPPP -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\ImagesHistory -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\init -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Install -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Local -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\mail -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\MultiUrl -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\options -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\PI\3.2 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg800 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg801 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg802 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg803 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg807 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg808 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg810 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg811 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg812 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg818 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg819 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg824 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg825 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg826 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg827 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg828 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg829 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg830 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg842 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg843 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg844 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg845 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg847 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg848 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg849 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg856 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg857 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg862 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sg863 -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Sample\Hist\sgsbt -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\UserInfo -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HbTools\Weather -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\links -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Mail -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\soho -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\hostol\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostIE\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOE\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOI\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\HbTools\Time\HostOL\Updates -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Internet Explorer\Explorer Bars\{7E66936C-FEA0-4984-AD26-7B6661AC5B2E} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA9-A523-4961-B6BB-170DE4475CCA} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -> Spyware.PopularScreensavers : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A8A997F-BB9F-48F6-AA2B-2762D50F9289} -> Spyware.SmartShopper : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{74CC49F7-EB32-4A08-B204-948962A6E3DB} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{946B3E9E-E21A-49C8-9F63-900533FAFE14} -> Spyware.HotBar : Cleaned with backup
HKU\S-1-5-21-748787728-2953132651-831253790-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E77EDA01-3C56-4A96-8D08-02B42891C169} -> Spyware.HotBar : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Euroclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Specificclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Addcontrol : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@burstnet[1].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Clickzs : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Adocean : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@hypertracker[1].txt -> Spyware.Cookie.Hypertracker : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Masterstats : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@ivwbox[1].txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.2o7 : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@paypopup[1].txt -> Spyware.Cookie.Paypopup : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@tradedoubler[2].txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][2].txt -> Spyware.Cookie.Belstat : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\[email protected][1].txt -> Spyware.Cookie.Burstbeacon : Cleaned with backup
C:\Documents and Settings\Tanja\Cookies\tanja@yieldmanager[1].txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asm.exe -> Spyware.Altnet : Error during cleaning
C:\Documents and Settings\Tanja\Local Settings\Temp\asmfiles.cab/asmps.dll -> Spyware.Altnet : Error during cleaning
C:\FSC-OdyseeyClient\proginst.exe -> Trojan.Small.gv : Cleaned with backup
C:\WINDOWS\system32\P2P Networking -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\Cache\Database\index256.dbb -> Spyware.P2PNetworking : Cleaned with backup
C:\WINDOWS\system32\P2P Networking\P2P Networking.eng -> Spyware.P2PNetworking : Cleaned with backup
::Report Endnoin sitä pitää ;)
- poro peukalo
Puhdetta. kirjoitti:
noin sitä pitää ;)
Tuhannesti kiitoksia, siinäs näet ei ne hommat aina tyssää :) Olen erittäin kiitollinen avustasi, pusuja, haleja ja vaikka kukkasia sinulle tästä hyvästä XD
- Puhdetta.
poro peukalo kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 22:43:52, on 6.2.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\Rundll32.exe
C:\WINDOWS\system32\keyhook.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Tanja\Local Settings\Temporary Internet Files\Content.IE5\CXMRWTEF\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\system32\keyhook.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl05a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 4.0\apdproxy.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian pr14\PeerGuardian_1.99b_pr14.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Startup: wkcalrem.LNK = C:\Program Files\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?10357d767c104171a071c9fe440d4ec
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 4.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exespywareblaster
http://koti.mbnet.fi/pattaya1/spywareblaster.htm
tuolla nyt estää suurimman osan.
Katso ohjeet sivulta. - poro peukalo
Puhdetta. kirjoitti:
spywareblaster
http://koti.mbnet.fi/pattaya1/spywareblaster.htm
tuolla nyt estää suurimman osan.
Katso ohjeet sivulta.Imuroitu on :)
- Puhdetta.
poro peukalo kirjoitti:
Imuroitu on :)
olis vielä yksi tarjolla hih:)
- poro peukalo
Puhdetta. kirjoitti:
olis vielä yksi tarjolla hih:)
Ei kai niistä haittaaka ole jos ne eivät hidasta koneen toimivuutta ja tosiaankin pitää pöpöt loitolla.
- Puhdetta.
poro peukalo kirjoitti:
Imuroitu on :)
http://www.ccleaner.com/ccdownload.asp
ja tuossa ohje siihen
CCleaner
http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htm - poro peukalo
Puhdetta. kirjoitti:
http://www.ccleaner.com/ccdownload.asp
ja tuossa ohje siihen
CCleaner
http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htminternet explorer ei tykännyt ideasta ladata ylempää, niin ja toi zone alarmin latasin aikaisemmin niin kuin ehdotit, mutta poistin koska se huusi joka ikinen kerta esim; kun avast olisi päivittänyt itsensä automaattisesti netissä...
- Puhdetta.
poro peukalo kirjoitti:
internet explorer ei tykännyt ideasta ladata ylempää, niin ja toi zone alarmin latasin aikaisemmin niin kuin ehdotit, mutta poistin koska se huusi joka ikinen kerta esim; kun avast olisi päivittänyt itsensä automaattisesti netissä...
antaa jatkuva lupa siihen päivitykseen siihen pikkuruutuun se ruksi ja ok
vai ei ie tykännyt ccleanerista olisit pistänyt vain että asenna sehän valittaa aina.
Sillä saat puhdistettua konetta turhista jutuista myös virheistä rekisterin.
- Puhdetta.
Noilla pärjää jo pitkälle.
- poro peukalo
Mutta kiitos kuitenkin :))))))
Ketjusta on poistettu 0 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
Virkamiehille tarvitaan tuntuvat palkankorotukset
Naistenpäivänä on syytä muistuttaa, että virkamiehen euro on vain 80 senttiä. Palkat tulee saattaa samalle tasolle yksi474097Riikka Purran kaudella nousi bensan hinta yli 2 euron
Muistatteko kuinka edellisen vasemmistohallituksen aikana, ns. Marinin aikakaudella, bensiiniä sai 1,3 euron litrahinnal623753- 703288
Olisipa saanut sinuun
Tutustua paremmin. Harmi että aloin lopulta jännittämään kun näytit tunteesi niin voimakkaasti ja lähestyit niin voimaak963190Mitäs nyt sijoittajat?
Pörssit laskevat maailmalla Iranin sodan takia ja muutenkin ovat olleet Trumpin vallan alla epävarmat. Ainoa, mikä on no892154- 352108
- 241959
- 381939
- 311921
Olisitpa se hellä
Ja herkkä minkä kuvan sain sinusta irl. Haluaisin että elämässäni olisi sellainen joka arvostaa minua juuri sellaisena k231844