jotain siis taasen vialla, kertokaapa amatöörille kohtuu yksinkertaisesti mitä tehdä..? kiitän etukäteen..
Logfile of HijackThis v1.99.1
Scan saved at 0:51:54, on 18.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\system32\logonui.exe
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\WINDOWS\ANTIVIR\System32\ishost.exe
C:\WINDOWS\ANTIVIR\System32\issearch.exe
C:\WINDOWS\ANTIVIR\System32\isnotify.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\WINDOWS\ANTIVIR\System32\ismon.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\Safety Bar.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [SpyQuake2.com] C:\Program Files\SpyQuake2.com\Spy-Quake2.exe /h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
jumitusta ja alertteja..
24
1219
Vastaukset
- FixFix
Poista sieltä
Safety Bar
poista myös kansio vikasietotilassa
C:\Program Files\--> Safety Bar- FixFix
poista myös lisää poista sovellutuksesta
Javat
SpyQuake2.com
ja kansiot
C:\Program Files\--> SpyQuake2.com Java
- auttakaas..
jotakin poistelin mutta kun ei tuo ymmärrys riitä niin en joko tajua tai uskalla enempää tehdä ilman todellakin tajuamiani neuvoja.. eli siis mitä häh?? kiitän edelleen.. :/
Logfile of HijackThis v1.99.1
Scan saved at 2:24:08, on 18.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe- FixFix
Loki tänne.
Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi. - FixFix
Avaa SmitfraudFix kansio
tupla-klikkaa smitfraudfix
paina numero 1 ja sitten enter
ponnahtaa txt tiedosto jonka maalaat ja kopioit tänne .
sitten se ikkuna sulkeutuu kun painat Q ja enter - FixFix
FixFix kirjoitti:
Avaa SmitfraudFix kansio
tupla-klikkaa smitfraudfix
paina numero 1 ja sitten enter
ponnahtaa txt tiedosto jonka maalaat ja kopioit tänne .
sitten se ikkuna sulkeutuu kun painat Q ja entertupla-klikkaa smitfraudfix
paina jotain näppäintä
paina numero 1 ja sitten enter
- FixFix
lataa escan
http://koti.mbnet.fi/pattaya1/escanmwav.htm
asenna, päivitä tapa2, laita täpit merkkauksien mukaan ( katso kuvat )
scannaa
sitten jos alaikkunaan tulee jotain *virukset*
tallena se näin ja lähetä tänne
Maalaus Ctrl A.
Kopioi rivit komennolla Ctrl C.
Liitä rivit komennolla Ctrl V.- auttakaas
File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\WINDOWS\ANTIVIR\System32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\System32\ovhndw30103lib.dll infected by "Trojan-Downloader.Win32.Lastad.h" Virus. Action Taken: File Deleted.
File C:\_RESTORE\ARCHIVE\FS181.CAB tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\_RESTORE\ARCHIVE\FS378.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.b. No Action Taken.
File C:\_RESTORE\ARCHIVE\FS591.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.c. No Action Taken.
File C:\WINDOWS\SYSTEM\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.abe" Virus. Action Taken: File Deleted.
File C:\WINDOWS\SYSTEM\msbb321.dll tagged as not-a-virus:AdWare.Win32.180Solutions. No Action Taken.
File C:\WINDOWS\SYSTEM\SplWbr.dll infected by "Trojan-Dropper.Win32.Small.sf" Virus. Action Taken: File Deleted.
File C:\WINDOWS\SYSTEM\WrapperOuter.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\WINDOWS\TEMP\bundle.exe tagged as not-a-virus:AdWare.Win32.Sahat.a. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\gsda.dll tagged as not-a-virus:Downloader.Win32.SpyGame. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\system32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: File Deleted.
File C:\Program Files\RealVNC\VNC4\winvnc4.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\vncconfig.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\wm_hooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\vncviewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\SearchRelevancy\SearchRelevancy.dll tagged as not-a-virus:AdWare.Win32.Relevance.b. No Action Taken.
File C:\Recycled\Q330995.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
File C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
File C:\Documents and Settings\Iida\Local Settings\Temp\bndh.exe infected by "Trojan-Dropper.Win32.Small.xp" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Local Settings\Temporary Internet Files\Content.IE5\Q5OJKVGI\UzQwWllrVXl0Sm9BQUdFWFQwRUFBQUFp[1].wmf infected by "Trojan-Downloader.Win32.Agent.acd" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Työpöytä\vnc-4.0-x86_win32.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\HjT\backups\backup-20050121-170519-860.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\q883911.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted. - poistoja vain
auttakaas kirjoitti:
File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\WINDOWS\ANTIVIR\System32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\System32\ovhndw30103lib.dll infected by "Trojan-Downloader.Win32.Lastad.h" Virus. Action Taken: File Deleted.
File C:\_RESTORE\ARCHIVE\FS181.CAB tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\_RESTORE\ARCHIVE\FS378.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.b. No Action Taken.
File C:\_RESTORE\ARCHIVE\FS591.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.c. No Action Taken.
File C:\WINDOWS\SYSTEM\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.abe" Virus. Action Taken: File Deleted.
File C:\WINDOWS\SYSTEM\msbb321.dll tagged as not-a-virus:AdWare.Win32.180Solutions. No Action Taken.
File C:\WINDOWS\SYSTEM\SplWbr.dll infected by "Trojan-Dropper.Win32.Small.sf" Virus. Action Taken: File Deleted.
File C:\WINDOWS\SYSTEM\WrapperOuter.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
File C:\WINDOWS\TEMP\bundle.exe tagged as not-a-virus:AdWare.Win32.Sahat.a. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\gsda.dll tagged as not-a-virus:Downloader.Win32.SpyGame. No Action Taken.
File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\system32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: File Deleted.
File C:\Program Files\RealVNC\VNC4\winvnc4.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\vncconfig.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\wm_hooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\RealVNC\VNC4\vncviewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\Program Files\SearchRelevancy\SearchRelevancy.dll tagged as not-a-virus:AdWare.Win32.Relevance.b. No Action Taken.
File C:\Recycled\Q330995.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
File C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
File C:\Documents and Settings\Iida\Local Settings\Temp\bndh.exe infected by "Trojan-Dropper.Win32.Small.xp" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Local Settings\Temporary Internet Files\Content.IE5\Q5OJKVGI\UzQwWllrVXl0Sm9BQUdFWFQwRUFBQUFp[1].wmf infected by "Trojan-Downloader.Win32.Agent.acd" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Iida\Työpöytä\vnc-4.0-x86_win32.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
File C:\HjT\backups\backup-20050121-170519-860.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
File C:\q883911.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta.
Lataa http://www.ewido.net/en/download/ ja tallenna ohjelma työpöydällesi.
* Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
* Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
* Käynnistä Ewido Anti-Spyware.
* Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
* Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
* Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
* Sitten "Reports" valikon alta:
o Laita täppi kohtaan "Automatically generate report after every scan"
o Ota täppi pois kohdasta"Only if threats were found"
* Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan.
sammuta ja käynnistä
käynnistyksenyhteydessä naputtele F8
valitse nuoli näppäimellä vikasietotila
paina Enter ja uudelleen Enter OK valitse käyttäjätilisi ja OK
HUOM! Älä käytä muita ohjelmia Ewidon skannauksen aikana, tämä saattaa häiritä skannausta.
* Kun vikasietotilassa, käynnistä Ewido Anti-Spyware.
* Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
* Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
* Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
* Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
* Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
* Sulje ohjelma, käynnistä kone normaalisti ja lähetä Ewidon raportti viestiketjuusi. - auttakaas
poistoja vain kirjoitti:
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta.
Lataa http://www.ewido.net/en/download/ ja tallenna ohjelma työpöydällesi.
* Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
* Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
* Käynnistä Ewido Anti-Spyware.
* Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
* Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
* Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
* Sitten "Reports" valikon alta:
o Laita täppi kohtaan "Automatically generate report after every scan"
o Ota täppi pois kohdasta"Only if threats were found"
* Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan.
sammuta ja käynnistä
käynnistyksenyhteydessä naputtele F8
valitse nuoli näppäimellä vikasietotila
paina Enter ja uudelleen Enter OK valitse käyttäjätilisi ja OK
HUOM! Älä käytä muita ohjelmia Ewidon skannauksen aikana, tämä saattaa häiritä skannausta.
* Kun vikasietotilassa, käynnistä Ewido Anti-Spyware.
* Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
* Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
* Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
* Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
* Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
* Sulje ohjelma, käynnistä kone normaalisti ja lähetä Ewidon raportti viestiketjuusi.---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
Created at: 16:31:09 19.8.2006
Scan result:
C:\WINDOWS\SYSTEM\msbb321.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop.1\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winds_24 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SerG -> Adware.EZ-Finder : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028313.CPY -> Adware.HelpExpress : Cleaned with backup (quarantined).
C:\HjT\backups\backup-20050121-170519-860.dll -> Adware.Puper : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\winsx.dll -> Adware.Puper : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\SearchRelevancy.dll -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\SearchRelevancy.xml -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\uninstall.exe -> Adware.Relevance : Cleaned with backup (quarantined).
C:\WINDOWS\TEMP\bundle.exe -> Adware.Sahat : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\dsmanager.dll -> Adware.SearchAssistant : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Relevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM\WrapperOuter.exe -> Adware.VirtualBouncer : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028312.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028314.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS591.CAB/W0059387.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\iexplore.exe.mwt -> Backdoor.Agobot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\explorer.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\lssas.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\system32,1.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\WinGamed.exe.mwt -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\ishost.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\ismon.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\gsda.dll -> Not-A-Virus.Downloader.Win32.SpyGame : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\kfhrvq.dll -> Not-A-Virus.Hoax.Win32.Renos.dt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@ad-logics[1].txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@adtech[3].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[4].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@atdmt[3].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bfast[3].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[3].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@clickagents[2].txt -> TrackingCookie.Clickagents : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@commission-junction[1].txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@commissionpartner[2].txt -> TrackingCookie.Commissionpartner : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@euniverseads[2].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@gator[1].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@gator[2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@mediaplex[3].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ne : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paycounter[3].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[5].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[4].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[5].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[4].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[3].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\kernel32.dll -> Trojan.Small : Cleaned with backup (quarantined).
::Report end - poistoja vain
auttakaas kirjoitti:
---------------------------------------------------------
ewido anti-spyware - Scan Report
---------------------------------------------------------
Created at: 16:31:09 19.8.2006
Scan result:
C:\WINDOWS\SYSTEM\msbb321.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop.1\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\Popup.Pop\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winds_24 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SerG -> Adware.EZ-Finder : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028313.CPY -> Adware.HelpExpress : Cleaned with backup (quarantined).
C:\HjT\backups\backup-20050121-170519-860.dll -> Adware.Puper : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\winsx.dll -> Adware.Puper : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\SearchRelevancy.dll -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\SearchRelevancy.xml -> Adware.Relevance : Cleaned with backup (quarantined).
C:\Program Files\SearchRelevancy\uninstall.exe -> Adware.Relevance : Cleaned with backup (quarantined).
C:\WINDOWS\TEMP\bundle.exe -> Adware.Sahat : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\dsmanager.dll -> Adware.SearchAssistant : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Relevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\WINDOWS\SYSTEM\WrapperOuter.exe -> Adware.VirtualBouncer : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028312.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS378.CAB/A0028314.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\_RESTORE\ARCHIVE\FS591.CAB/W0059387.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\iexplore.exe.mwt -> Backdoor.Agobot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\explorer.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\lssas.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\system32,1.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\WinGamed.exe.mwt -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\ishost.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\ismon.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
C:\WINDOWS\Downloaded Program Files\gsda.dll -> Not-A-Virus.Downloader.Win32.SpyGame : Cleaned with backup (quarantined).
C:\WINDOWS\ANTIVIR\system32\kfhrvq.dll -> Not-A-Virus.Hoax.Win32.Renos.dt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@ad-logics[1].txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@adtech[3].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@advertising[4].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@atdmt[3].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bfast[3].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@burstnet[3].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@clickagents[2].txt -> TrackingCookie.Clickagents : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@commission-junction[1].txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@commissionpartner[2].txt -> TrackingCookie.Commissionpartner : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@euniverseads[2].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@gator[1].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@gator[2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@hitbox[5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@mediaplex[3].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ne : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paycounter[3].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@questionmarket[5].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[4].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@revenue[5].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@serving-sys[4].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@targetnet[3].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\Documents and Settings\Iida\Cookies\iida@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
C:\WINDOWS\Cookies\damien@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\kernel32.dll -> Trojan.Small : Cleaned with backup (quarantined).
::Report endhjt-loki
- auttakaas
poistoja vain kirjoitti:
hjt-loki
tässä:
Logfile of HijackThis v1.99.1
Scan saved at 19:24:23, on 19.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\system32\logonui.exe
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\WINDOWS\ANTIVIR\System32\issearch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe - tämä näin
auttakaas kirjoitti:
tässä:
Logfile of HijackThis v1.99.1
Scan saved at 19:24:23, on 19.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\system32\logonui.exe
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\WINDOWS\ANTIVIR\System32\issearch.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt1.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exeLataa http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix työpöydällesi:
Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.
Huomaa: process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
http://www.beyondlogic.org/consulting/processutil/processutil.htm - auttakaas
tämä näin kirjoitti:
Lataa http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix työpöydällesi:
Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.
Huomaa: process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
http://www.beyondlogic.org/consulting/processutil/processutil.htmSmitFraudFix v2.81
Scan done at 22:46:00,37, la 19.08.2006
Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system32
C:\WINDOWS\ANTIVIR\system32\isnotify.exe FOUND !
C:\WINDOWS\ANTIVIR\system32\issearch.exe FOUND !
C:\WINDOWS\ANTIVIR\system32\ixt?.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\ixt??.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\ot.ico FOUND !
C:\WINDOWS\ANTIVIR\system32\ts.ico FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx?.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx??.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx???.dll FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Iida\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\IIDA\SUOSIKIT
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End - Sitten jatkoa
auttakaas kirjoitti:
SmitFraudFix v2.81
Scan done at 22:46:00,37, la 19.08.2006
Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system32
C:\WINDOWS\ANTIVIR\system32\isnotify.exe FOUND !
C:\WINDOWS\ANTIVIR\system32\issearch.exe FOUND !
C:\WINDOWS\ANTIVIR\system32\ixt?.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\ixt??.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\ot.ico FOUND !
C:\WINDOWS\ANTIVIR\system32\ts.ico FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx?.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx??.dll FOUND !
C:\WINDOWS\ANTIVIR\system32\components\flx???.dll FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Iida\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\IIDA\SUOSIKIT
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» EndPrinttaa ohjeet ulos.
Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.
Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.
Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.
Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".
Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.
Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan. - auttakaas
Sitten jatkoa kirjoitti:
Printtaa ohjeet ulos.
Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.
Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.
Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.
Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".
Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.
Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.SmitFraudFix v2.81
Scan done at 12:28:16,69, su 20.08.2006
Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll -> Missing File
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\ANTIVIR\system32\isnotify.exe Deleted
C:\WINDOWS\ANTIVIR\system32\issearch.exe Deleted
C:\WINDOWS\ANTIVIR\system32\ixt?.dll Deleted
C:\WINDOWS\ANTIVIR\system32\ot.ico Deleted
C:\WINDOWS\ANTIVIR\system32\ts.ico Deleted
C:\WINDOWS\ANTIVIR\system32\components\flx?.dll Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» End - Tämä näin
auttakaas kirjoitti:
SmitFraudFix v2.81
Scan done at 12:28:16,69, su 20.08.2006
Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
Fix ran in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll -> Missing File
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
C:\WINDOWS\ANTIVIR\system32\isnotify.exe Deleted
C:\WINDOWS\ANTIVIR\system32\issearch.exe Deleted
C:\WINDOWS\ANTIVIR\system32\ixt?.dll Deleted
C:\WINDOWS\ANTIVIR\system32\ot.ico Deleted
C:\WINDOWS\ANTIVIR\system32\ts.ico Deleted
C:\WINDOWS\ANTIVIR\system32\components\flx?.dll Deleted
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"
»»»»»»»»»»»»»»»»»»»»»»»» EndLaita uusi hjt-loki
- auttakaas
Tämä näin kirjoitti:
Laita uusi hjt-loki
Logfile of HijackThis v1.99.1
Scan saved at 12:50:26, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe - Tämä näin
auttakaas kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 12:50:26, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\Program Files\ewido anti-spyware 4.0\ewido.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exePoista kaikki javat lisää poista sovellutuksesta.
scannaa hjt:lä merkkaa ja paina Fix checked
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
laita sitten uusi loki - auttakaas
Tämä näin kirjoitti:
Poista kaikki javat lisää poista sovellutuksesta.
scannaa hjt:lä merkkaa ja paina Fix checked
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
laita sitten uusi lokiLogfile of HijackThis v1.99.1
Scan saved at 13:36:29, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\WINDOWS\ANTIVIR\System32\msiexec.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe - Tämä näin
auttakaas kirjoitti:
Logfile of HijackThis v1.99.1
Scan saved at 13:36:29, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\WINDOWS\ANTIVIR\System32\msiexec.exe
C:\HjT2\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exescannaa vielä hjt:lä merkkaa ja paina Fix checked
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
F2 - REG:system.ini: Shell=
ja lataa tuolta uusi java
http://www.java.com/en/download/index.jsp
windows updateen päivittämään. - auttakaas
Tämä näin kirjoitti:
scannaa vielä hjt:lä merkkaa ja paina Fix checked
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
F2 - REG:system.ini: Shell=
ja lataa tuolta uusi java
http://www.java.com/en/download/index.jsp
windows updateen päivittämään.Scan saved at 14:26:24, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe - Tämä näin
auttakaas kirjoitti:
Scan saved at 14:26:24, on 20.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\Program Files\ewido anti-spyware 4.0\guard.exe
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exeMitäs palomuuria käytät kun ei osu silmään?
http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htm - auttakaas
Tämä näin kirjoitti:
Mitäs palomuuria käytät kun ei osu silmään?
http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htmsuuret kiitokset avusta :)
zone alarm ainakin joskus ollut mutta en nykyisistä tiedä.. en itse ymmärrä koneista suunnilleen mitään, tietoisempi kaveri tämän kanssa on välillä jotain säätänyt. harvoin tässä kuitenkaan mitään isompia jumituksia esiintyy..
Ketjusta on poistettu 0 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
Hengenvaaralliset kiihdytysajot päättyivät karmealla tavalla, kilpailija kuoli
Onnettomuudesta on aloitettu selvitys. Tapahtuma keskeytettiin onnettomuuteen. Tapahtumaa tutkitaan paikan päällä yhtei1726253- 1471734
- 1131528
- 511280
Suureksi onneksesi on myönnettävä
Että olen nyt sitten mennyt rakastumaan sinuun. Ei tässä mitään, olen kärsivällinen ❤️46952Möykkähulluus vaati kuolonuhrin
Nuori elämä menettiin täysin turhaan tällä järjettömyydellä! Toivottavasti näitä ei enää koskaan nähdä Kauhavalla! 😢30870Älä mies pidä mua pettäjänä
En petä ketään. Älä mies ajattele niin. Anteeksi että ihastuin suhun varattuna. Pettänyt en ole koskaan ketään vaikka hu97856Reeniähororeeniä
Helvetillisen vaikeaa työskennellä hoitajana,kun ei kestä silmissään yhtään läskiä. Saati hoitaa sellaista. Mitä tehdä?5809Tarvitsemme lisää maahanmuuttoa.
Väestö eläköityy, eli tarvitsemme lisää tekeviä käsiä ja veronmaksajia. Ainut ratkaisu löytyy maahanmuutosta. Nimenomaan229767- 41759