jumitusta ja alertteja..

auttakaas..

jotain siis taasen vialla, kertokaapa amatöörille kohtuu yksinkertaisesti mitä tehdä..? kiitän etukäteen..

Logfile of HijackThis v1.99.1
Scan saved at 0:51:54, on 18.8.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\ANTIVIR\System32\smss.exe
C:\WINDOWS\ANTIVIR\system32\winlogon.exe
C:\WINDOWS\ANTIVIR\system32\services.exe
C:\WINDOWS\ANTIVIR\system32\lsass.exe
C:\WINDOWS\ANTIVIR\system32\svchost.exe
C:\WINDOWS\ANTIVIR\System32\svchost.exe
C:\WINDOWS\ANTIVIR\system32\logonui.exe
C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
C:\WINDOWS\ANTIVIR\Explorer.EXE
C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
C:\WINDOWS\ANTIVIR\System32\ishost.exe
C:\WINDOWS\ANTIVIR\System32\issearch.exe
C:\WINDOWS\ANTIVIR\System32\isnotify.exe
C:\Program Files\Real\RealPlayer\RealPlay.exe
C:\Program Files\Microsoft IntelliType Pro\type32.exe
C:\Program Files\Microsoft IntelliPoint\point32.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\WINDOWS\ANTIVIR\Anvshell.exe
C:\documents and settings\iida\työpöytä\qt\qttask.exe
C:\WINDOWS\ANTIVIR\System32\ismon.exe
C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe
C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
C:\Program Files\interMute\SpySubtract\SpySub.exe
C:\Program Files\SpyQuake2.com\Spy-Quake2.exe
C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
C:\HjT2\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt0.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
O3 - Toolbar: Safety Bar - {052b12f7-86fa-4921-8482-26c42316b522} - C:\Program Files\Safety Bar\Safety Bar.dll
O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
O4 - HKLM\..\Run: [SpyQuake2.com] C:\Program Files\SpyQuake2.com\Spy-Quake2.exe /h
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

24

1219

    Vastaukset

    Anonyymi (Kirjaudu / Rekisteröidy)
    5000
    • FixFix

      Poista sieltä

      Safety Bar

      poista myös kansio vikasietotilassa

      C:\Program Files\--> Safety Bar

      • FixFix

        poista myös lisää poista sovellutuksesta

        Javat
        SpyQuake2.com

        ja kansiot

        C:\Program Files\--> SpyQuake2.com Java


    • auttakaas..

      jotakin poistelin mutta kun ei tuo ymmärrys riitä niin en joko tajua tai uskalla enempää tehdä ilman todellakin tajuamiani neuvoja.. eli siis mitä häh?? kiitän edelleen.. :/

      Logfile of HijackThis v1.99.1
      Scan saved at 2:24:08, on 18.8.2006
      Platform: Windows XP (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 (6.00.2600.0000)

      Running processes:
      C:\WINDOWS\ANTIVIR\System32\smss.exe
      C:\WINDOWS\ANTIVIR\system32\winlogon.exe
      C:\WINDOWS\ANTIVIR\system32\services.exe
      C:\WINDOWS\ANTIVIR\system32\lsass.exe
      C:\WINDOWS\ANTIVIR\system32\svchost.exe
      C:\WINDOWS\ANTIVIR\System32\svchost.exe
      C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
      C:\WINDOWS\ANTIVIR\Explorer.EXE
      C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
      C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
      C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
      C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
      C:\HjT2\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
      R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
      F2 - REG:system.ini: Shell=
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt0.dll
      O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
      O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
      O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
      O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
      O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
      O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
      O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
      O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
      O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
      O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
      O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
      O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
      O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

      • FixFix

        Loki tänne.
        Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
        Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
        Postita tämän tekstitiedoston sisältö viestiketjuusi.


      • FixFix

        Avaa SmitfraudFix kansio

        tupla-klikkaa smitfraudfix

        paina numero 1 ja sitten enter

        ponnahtaa txt tiedosto jonka maalaat ja kopioit tänne .

        sitten se ikkuna sulkeutuu kun painat Q ja enter


      • FixFix
        FixFix kirjoitti:

        Avaa SmitfraudFix kansio

        tupla-klikkaa smitfraudfix

        paina numero 1 ja sitten enter

        ponnahtaa txt tiedosto jonka maalaat ja kopioit tänne .

        sitten se ikkuna sulkeutuu kun painat Q ja enter

        tupla-klikkaa smitfraudfix

        paina jotain näppäintä

        paina numero 1 ja sitten enter


    • FixFix

      lataa escan
      http://koti.mbnet.fi/pattaya1/escanmwav.htm

      asenna, päivitä tapa2, laita täpit merkkauksien mukaan ( katso kuvat )

      scannaa

      sitten jos alaikkunaan tulee jotain *virukset*
      tallena se näin ja lähetä tänne

      Maalaus Ctrl A.
      Kopioi rivit komennolla Ctrl C.
      Liitä rivit komennolla Ctrl V.

      • auttakaas

        File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
        File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\WINDOWS\ANTIVIR\System32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\System32\ovhndw30103lib.dll infected by "Trojan-Downloader.Win32.Lastad.h" Virus. Action Taken: File Deleted.
        File C:\_RESTORE\ARCHIVE\FS181.CAB tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\_RESTORE\ARCHIVE\FS378.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.b. No Action Taken.
        File C:\_RESTORE\ARCHIVE\FS591.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.c. No Action Taken.
        File C:\WINDOWS\SYSTEM\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.abe" Virus. Action Taken: File Deleted.
        File C:\WINDOWS\SYSTEM\msbb321.dll tagged as not-a-virus:AdWare.Win32.180Solutions. No Action Taken.
        File C:\WINDOWS\SYSTEM\SplWbr.dll infected by "Trojan-Dropper.Win32.Small.sf" Virus. Action Taken: File Deleted.
        File C:\WINDOWS\SYSTEM\WrapperOuter.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
        File C:\WINDOWS\TEMP\bundle.exe tagged as not-a-virus:AdWare.Win32.Sahat.a. No Action Taken.
        File C:\WINDOWS\Downloaded Program Files\gsda.dll tagged as not-a-virus:Downloader.Win32.SpyGame. No Action Taken.
        File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\system32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
        File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: File Deleted.
        File C:\Program Files\RealVNC\VNC4\winvnc4.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\vncconfig.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\wm_hooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\vncviewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\SearchRelevancy\SearchRelevancy.dll tagged as not-a-virus:AdWare.Win32.Relevance.b. No Action Taken.
        File C:\Recycled\Q330995.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
        File C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
        File C:\Documents and Settings\Iida\Local Settings\Temp\bndh.exe infected by "Trojan-Dropper.Win32.Small.xp" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Local Settings\Temporary Internet Files\Content.IE5\Q5OJKVGI\UzQwWllrVXl0Sm9BQUdFWFQwRUFBQUFp[1].wmf infected by "Trojan-Downloader.Win32.Agent.acd" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Työpöytä\vnc-4.0-x86_win32.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\HjT\backups\backup-20050121-170519-860.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\q883911.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.


      • poistoja vain
        auttakaas kirjoitti:

        File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
        File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\WINDOWS\ANTIVIR\System32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\System32\ovhndw30103lib.dll infected by "Trojan-Downloader.Win32.Lastad.h" Virus. Action Taken: File Deleted.
        File C:\_RESTORE\ARCHIVE\FS181.CAB tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\_RESTORE\ARCHIVE\FS378.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.b. No Action Taken.
        File C:\_RESTORE\ARCHIVE\FS591.CAB tagged as not-a-virus:AdWare.Win32.WebRebates.c. No Action Taken.
        File C:\WINDOWS\SYSTEM\in10b6s.dll infected by "Trojan-Dropper.Win32.Small.abe" Virus. Action Taken: File Deleted.
        File C:\WINDOWS\SYSTEM\msbb321.dll tagged as not-a-virus:AdWare.Win32.180Solutions. No Action Taken.
        File C:\WINDOWS\SYSTEM\SplWbr.dll infected by "Trojan-Dropper.Win32.Small.sf" Virus. Action Taken: File Deleted.
        File C:\WINDOWS\SYSTEM\WrapperOuter.exe tagged as not-a-virus:AdWare.Win32.VirtualBouncer.d. No Action Taken.
        File C:\WINDOWS\TEMP\bundle.exe tagged as not-a-virus:AdWare.Win32.Sahat.a. No Action Taken.
        File C:\WINDOWS\Downloaded Program Files\gsda.dll tagged as not-a-virus:Downloader.Win32.SpyGame. No Action Taken.
        File C:\WINDOWS\Downloaded Program Files\popcaploader.dll tagged as not-a-virus:Downloader.Win32.PopCap.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\system32\dsmanager.dll tagged as not-a-virus:AdWare.Win32.SearchAssistant.b. No Action Taken.
        File C:\WINDOWS\ANTIVIR\webdlg32.dll tagged as not-a-virus:AdWare.Win32.SBSoft.g. No Action Taken.
        File C:\WINDOWS\ANTIVIR\winsx.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\Program Files\Windows Media Player\wmplayer.exe.tmp infected by "Trojan-Downloader.Win32.Small.aaq" Virus. Action Taken: File Deleted.
        File C:\Program Files\RealVNC\VNC4\winvnc4.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\vncconfig.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\wm_hooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\RealVNC\VNC4\vncviewer.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\Program Files\SearchRelevancy\SearchRelevancy.dll tagged as not-a-virus:AdWare.Win32.Relevance.b. No Action Taken.
        File C:\Recycled\Q330995.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
        File C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp tagged as not-a-virus:AdWare.Win32.SurfSide.j. No Action Taken.
        File C:\Documents and Settings\Iida\Local Settings\Temp\bndh.exe infected by "Trojan-Dropper.Win32.Small.xp" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Local Settings\Temporary Internet Files\Content.IE5\Q5OJKVGI\UzQwWllrVXl0Sm9BQUdFWFQwRUFBQUFp[1].wmf infected by "Trojan-Downloader.Win32.Agent.acd" Virus. Action Taken: File Deleted.
        File C:\Documents and Settings\Iida\Työpöytä\vnc-4.0-x86_win32.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC.4. No Action Taken.
        File C:\HjT\backups\backup-20050121-170519-860.dll tagged as not-a-virus:AdWare.Win32.Puper.c. No Action Taken.
        File C:\q883911.exe infected by "Trojan-Downloader.Win32.Small.amb" Virus. Action Taken: File Deleted.

        Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta.

        Lataa http://www.ewido.net/en/download/ ja tallenna ohjelma työpöydällesi.

        * Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
        * Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
        * Käynnistä Ewido Anti-Spyware.
        * Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

        o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

        * Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
        * Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
        * Sitten "Reports" valikon alta:

        o Laita täppi kohtaan "Automatically generate report after every scan"
        o Ota täppi pois kohdasta"Only if threats were found"

        * Sulje ohjelma, ÄLÄ skannaa vielä.

        Käynnistä koneesi vikasietotilaan.

        sammuta ja käynnistä
        käynnistyksenyhteydessä naputtele F8
        valitse nuoli näppäimellä vikasietotila
        paina Enter ja uudelleen Enter OK valitse käyttäjätilisi ja OK


        HUOM! Älä käytä muita ohjelmia Ewidon skannauksen aikana, tämä saattaa häiritä skannausta.

        * Kun vikasietotilassa, käynnistä Ewido Anti-Spyware.
        * Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
        * Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

        Kun skannaus on valmis:
        * Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
        * Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
        * Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
        * Sulje ohjelma, käynnistä kone normaalisti ja lähetä Ewidon raportti viestiketjuusi.


      • auttakaas
        poistoja vain kirjoitti:

        Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta.

        Lataa http://www.ewido.net/en/download/ ja tallenna ohjelma työpöydällesi.

        * Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
        * Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
        * Käynnistä Ewido Anti-Spyware.
        * Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

        o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

        * Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
        * Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
        * Sitten "Reports" valikon alta:

        o Laita täppi kohtaan "Automatically generate report after every scan"
        o Ota täppi pois kohdasta"Only if threats were found"

        * Sulje ohjelma, ÄLÄ skannaa vielä.

        Käynnistä koneesi vikasietotilaan.

        sammuta ja käynnistä
        käynnistyksenyhteydessä naputtele F8
        valitse nuoli näppäimellä vikasietotila
        paina Enter ja uudelleen Enter OK valitse käyttäjätilisi ja OK


        HUOM! Älä käytä muita ohjelmia Ewidon skannauksen aikana, tämä saattaa häiritä skannausta.

        * Kun vikasietotilassa, käynnistä Ewido Anti-Spyware.
        * Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
        * Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

        Kun skannaus on valmis:
        * Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
        * Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
        * Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
        * Sulje ohjelma, käynnistä kone normaalisti ja lähetä Ewidon raportti viestiketjuusi.

        ---------------------------------------------------------
        ewido anti-spyware - Scan Report
        ---------------------------------------------------------

        Created at:   16:31:09 19.8.2006

        Scan result:   



        C:\WINDOWS\SYSTEM\msbb321.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop.1\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winds_24 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SerG -> Adware.EZ-Finder : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028313.CPY -> Adware.HelpExpress : Cleaned with backup (quarantined).
        C:\HjT\backups\backup-20050121-170519-860.dll -> Adware.Puper : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\winsx.dll -> Adware.Puper : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\SearchRelevancy.dll -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\SearchRelevancy.xml -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\uninstall.exe -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\WINDOWS\TEMP\bundle.exe -> Adware.Sahat : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\dsmanager.dll -> Adware.SearchAssistant : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Relevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com\Spy-Quake2.exe -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
        C:\WINDOWS\SYSTEM\WrapperOuter.exe -> Adware.VirtualBouncer : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028312.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028314.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS591.CAB/W0059387.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\iexplore.exe.mwt -> Backdoor.Agobot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\explorer.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\lssas.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\system32,1.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\WinGamed.exe.mwt -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\ishost.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\ismon.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
        C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
        C:\WINDOWS\Downloaded Program Files\gsda.dll -> Not-A-Virus.Downloader.Win32.SpyGame : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\kfhrvq.dll -> Not-A-Virus.Hoax.Win32.Renos.dt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@ad-logics[1].txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@adtech[3].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[4].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@atdmt[3].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bfast[3].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[3].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@clickagents[2].txt -> TrackingCookie.Clickagents : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@commission-junction[1].txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@commissionpartner[2].txt -> TrackingCookie.Commissionpartner : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@euniverseads[2].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@gator[1].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@gator[2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@mediaplex[3].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ne : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paycounter[3].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[5].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[4].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[5].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[4].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[3].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\kernel32.dll -> Trojan.Small : Cleaned with backup (quarantined).


        ::Report end


      • poistoja vain
        auttakaas kirjoitti:

        ---------------------------------------------------------
        ewido anti-spyware - Scan Report
        ---------------------------------------------------------

        Created at:   16:31:09 19.8.2006

        Scan result:   



        C:\WINDOWS\SYSTEM\msbb321.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop.1\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\Popup.Pop\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchAssistant Uninstall -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Winds_24 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SerG -> Adware.EZ-Finder : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\CLSID\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{873eb32d-ae1a-4183-89bd-45a77f761be4} -> Adware.Generic : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028313.CPY -> Adware.HelpExpress : Cleaned with backup (quarantined).
        C:\HjT\backups\backup-20050121-170519-860.dll -> Adware.Puper : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\winsx.dll -> Adware.Puper : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\SearchRelevancy.dll -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\SearchRelevancy.xml -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\Program Files\SearchRelevancy\uninstall.exe -> Adware.Relevance : Cleaned with backup (quarantined).
        C:\WINDOWS\TEMP\bundle.exe -> Adware.Sahat : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\dsmanager.dll -> Adware.SearchAssistant : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Classes\SearchRelevancy\CLSID -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Relevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SearchRelevancy -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SearchRelevancy\Update -> Adware.SearchRelevancy : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com\Spy-Quake2.exe -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Program Files\SpyQuake2.com\sq.ini -> Adware.SpywareQuake : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\i4F.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\i55.tmp -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3 -> Adware.SurfSide : Cleaned with backup (quarantined).
        HKU\S-1-5-21-1547161642-764733703-1957994488-1003\Software\SurfSideKick3\Internet Explorer -> Adware.SurfSide : Cleaned with backup (quarantined).
        C:\WINDOWS\SYSTEM\WrapperOuter.exe -> Adware.VirtualBouncer : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028312.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS378.CAB/A0028314.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\_RESTORE\ARCHIVE\FS591.CAB/W0059387.CPY -> Adware.WebRebates : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\iexplore.exe.mwt -> Backdoor.Agobot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\explorer.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\lssas.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\system32,1.exe.mwt -> Backdoor.Rbot : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\WinGamed.exe.mwt -> Backdoor.Rbot.aeu : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\ishost.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\ismon.exe -> Downloader.Zlob.yj : Cleaned with backup (quarantined).
        C:\WINDOWS\Downloaded Program Files\popcaploader.dll -> Not-A-Virus.Downloader.Win32.PopCap.b : Cleaned with backup (quarantined).
        C:\WINDOWS\Downloaded Program Files\gsda.dll -> Not-A-Virus.Downloader.Win32.SpyGame : Cleaned with backup (quarantined).
        C:\WINDOWS\ANTIVIR\system32\kfhrvq.dll -> Not-A-Virus.Hoax.Win32.Renos.dt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[2].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@2o7[3].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@ad-logics[1].txt -> TrackingCookie.Ad-logics : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Addynamix : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adjuggler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Adserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@adtech[3].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@adtech[1].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@adtech[2].txt -> TrackingCookie.Adtech : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@advertising[4].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@advertising[1].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@advertising[3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Advertising : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@atdmt[3].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bfast[1].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bfast[3].txt -> TrackingCookie.Bfast : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[1].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[2].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@bluestreak[4].txt -> TrackingCookie.Bluestreak : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Bridgetrack : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Burstbeacon : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[1].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@burstnet[3].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[2].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@casalemedia[3].txt -> TrackingCookie.Casalemedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Casinopays : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@centrport[2].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@centrport[1].txt -> TrackingCookie.Centrport : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@clickagents[2].txt -> TrackingCookie.Clickagents : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@clickbank[1].txt -> TrackingCookie.Clickbank : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@com[2].txt -> TrackingCookie.Com : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Comclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@commission-junction[1].txt -> TrackingCookie.Commission-junction : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@commissionpartner[2].txt -> TrackingCookie.Commissionpartner : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Counted : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@estat[1].txt -> TrackingCookie.Estat : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@euniverseads[1].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@euniverseads[2].txt -> TrackingCookie.Euniverseads : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Euroclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Falkag : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@fastclick[4].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@fastclick[1].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@fastclick[3].txt -> TrackingCookie.Fastclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@gator[1].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@gator[2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Gator : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[3].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@hitbox[5].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@hitbox[1].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Hitslink : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Itrack : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@ivwbox[1].txt -> TrackingCookie.Ivwbox : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@kmpads[2].txt -> TrackingCookie.Kmpads : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@linksynergy[1].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@linksynergy[2].txt -> TrackingCookie.Linksynergy : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Masterstats : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@mediaplex[3].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@mediaplex[1].txt -> TrackingCookie.Mediaplex : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ne : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Onestat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@overture[1].txt -> TrackingCookie.Overture : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paycounter[2].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paycounter[3].txt -> TrackingCookie.Paycounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@paypopup[1].txt -> TrackingCookie.Paypopup : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][4].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Pointroll : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@qksrv[1].txt -> TrackingCookie.Qksrv : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[2].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@questionmarket[5].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@questionmarket[1].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@questionmarket[3].txt -> TrackingCookie.Questionmarket : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Realcastmedia : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[3].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[4].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@revenue[5].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@revenue[2].txt -> TrackingCookie.Revenue : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][3].txt -> TrackingCookie.Ru4 : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[1].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@serving-sys[4].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Sexcounter : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Shopathomeselect : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Smartadserver : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][2].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@specificclick[1].txt -> TrackingCookie.Specificclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@starware[2].txt -> TrackingCookie.Starware : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@statcounter[3].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@statcounter[2].txt -> TrackingCookie.Statcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tacoda[1].txt -> TrackingCookie.Tacoda : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[2].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@targetnet[3].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@targetnet[1].txt -> TrackingCookie.Targetnet : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[4].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tradedoubler[5].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Local Settings\Temp\Cookies\iida@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tradedoubler[3].txt -> TrackingCookie.Tradedoubler : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[1].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[3].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafficmp[5].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@trafficmp[2].txt -> TrackingCookie.Trafficmp : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@trafic[1].txt -> TrackingCookie.Trafic : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tribalfusion[1].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@tribalfusion[3].txt -> TrackingCookie.Tribalfusion : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Valuead : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@valueclick[3].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@valueclick[1].txt -> TrackingCookie.Valueclick : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\[email protected][1].txt -> TrackingCookie.Web-stat : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@weborama[1].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@weborama[2].txt -> TrackingCookie.Weborama : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Webtrendslive : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@xxxcounter[1].txt -> TrackingCookie.Xxxcounter : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yadro[1].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yadro[2].txt -> TrackingCookie.Yadro : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][3].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\[email protected][5].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@zedo[2].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\Documents and Settings\Iida\Cookies\iida@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@zedo[1].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        C:\WINDOWS\Cookies\damien@zedo[3].txt -> TrackingCookie.Zedo : Cleaned with backup (quarantined).
        HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\kernel32.dll -> Trojan.Small : Cleaned with backup (quarantined).


        ::Report end

        hjt-loki


      • auttakaas
        poistoja vain kirjoitti:

        hjt-loki

        tässä:

        Logfile of HijackThis v1.99.1
        Scan saved at 19:24:23, on 19.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\system32\logonui.exe
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\WINDOWS\ANTIVIR\System32\issearch.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe


      • tämä näin
        auttakaas kirjoitti:

        tässä:

        Logfile of HijackThis v1.99.1
        Scan saved at 19:24:23, on 19.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\system32\logonui.exe
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\WINDOWS\ANTIVIR\System32\issearch.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: (no name) - {873eb32d-ae1a-4183-89bd-45a77f761be4} - C:\WINDOWS\ANTIVIR\System32\ixt1.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

        Lataa http://siri.urz.free.fr/Fix/SmitfraudFix.zip
        Pura sisältö (kansio nimeltä SmitfraudFix työpöydällesi:

        Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
        Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
        Postita tämän tekstitiedoston sisältö viestiketjuusi.

        Huomaa: process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
        http://www.beyondlogic.org/consulting/processutil/processutil.htm


      • auttakaas
        tämä näin kirjoitti:

        Lataa http://siri.urz.free.fr/Fix/SmitfraudFix.zip
        Pura sisältö (kansio nimeltä SmitfraudFix työpöydällesi:

        Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
        Valitse optio #1 - Search kirjoittamalla 1 ja painamalla Enter; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
        Postita tämän tekstitiedoston sisältö viestiketjuusi.

        Huomaa: process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
        http://www.beyondlogic.org/consulting/processutil/processutil.htm

        SmitFraudFix v2.81

        Scan done at 22:46:00,37, la 19.08.2006
        Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
        OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
        Fix ran in normal mode

        »»»»»»»»»»»»»»»»»»»»»»»» C:\


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\Web


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system32

        C:\WINDOWS\ANTIVIR\system32\isnotify.exe FOUND !
        C:\WINDOWS\ANTIVIR\system32\issearch.exe FOUND !
        C:\WINDOWS\ANTIVIR\system32\ixt?.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\ixt??.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\ot.ico FOUND !
        C:\WINDOWS\ANTIVIR\system32\ts.ico FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx?.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx??.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx???.dll FOUND !

        »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Iida\Application Data


        »»»»»»»»»»»»»»»»»»»»»»»» Start Menu


        »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\IIDA\SUOSIKIT


        »»»»»»»»»»»»»»»»»»»»»»»» Desktop


        »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


        »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


        »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
        "Source"="About:Home"
        "SubscribedURL"="About:Home"
        "FriendlyName"="Nykyinen kotisivu"


        »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"


        »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


        »»»»»»»»»»»»»»»»»»»»»»»» End


      • Sitten jatkoa
        auttakaas kirjoitti:

        SmitFraudFix v2.81

        Scan done at 22:46:00,37, la 19.08.2006
        Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
        OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
        Fix ran in normal mode

        »»»»»»»»»»»»»»»»»»»»»»»» C:\


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\Web


        »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\ANTIVIR\system32

        C:\WINDOWS\ANTIVIR\system32\isnotify.exe FOUND !
        C:\WINDOWS\ANTIVIR\system32\issearch.exe FOUND !
        C:\WINDOWS\ANTIVIR\system32\ixt?.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\ixt??.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\ot.ico FOUND !
        C:\WINDOWS\ANTIVIR\system32\ts.ico FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx?.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx??.dll FOUND !
        C:\WINDOWS\ANTIVIR\system32\components\flx???.dll FOUND !

        »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Iida\Application Data


        »»»»»»»»»»»»»»»»»»»»»»»» Start Menu


        »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\IIDA\SUOSIKIT


        »»»»»»»»»»»»»»»»»»»»»»»» Desktop


        »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


        »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


        »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

        [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
        "Source"="About:Home"
        "SubscribedURL"="About:Home"
        "FriendlyName"="Nykyinen kotisivu"


        »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"


        »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


        »»»»»»»»»»»»»»»»»»»»»»»» End

        Printtaa ohjeet ulos.

        Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.

        Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
        Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

        Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

        Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

        Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
        Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
        Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

        Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.


      • auttakaas
        Sitten jatkoa kirjoitti:

        Printtaa ohjeet ulos.

        Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.

        Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
        Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

        Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

        Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

        Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
        Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
        Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

        Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.

        SmitFraudFix v2.81

        Scan done at 12:28:16,69, su 20.08.2006
        Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
        OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
        Fix ran in safe mode

        »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"


        »»»»»»»»»»»»»»»»»»»»»»»» Killing process


        »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

        GenericRenosFix by S!Ri

        C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll -> Missing File


        »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

        C:\WINDOWS\ANTIVIR\system32\isnotify.exe Deleted
        C:\WINDOWS\ANTIVIR\system32\issearch.exe Deleted
        C:\WINDOWS\ANTIVIR\system32\ixt?.dll Deleted
        C:\WINDOWS\ANTIVIR\system32\ot.ico Deleted
        C:\WINDOWS\ANTIVIR\system32\ts.ico Deleted
        C:\WINDOWS\ANTIVIR\system32\components\flx?.dll Deleted

        »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


        »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

        Registry Cleaning done.

        »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"



        »»»»»»»»»»»»»»»»»»»»»»»» End


      • Tämä näin
        auttakaas kirjoitti:

        SmitFraudFix v2.81

        Scan done at 12:28:16,69, su 20.08.2006
        Run from C:\Documents and Settings\Iida\Ty”p”yt„\SmitfraudFix\SmitfraudFix
        OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
        Fix ran in safe mode

        »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"


        »»»»»»»»»»»»»»»»»»»»»»»» Killing process


        »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

        GenericRenosFix by S!Ri

        C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll -> Missing File


        »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

        C:\WINDOWS\ANTIVIR\system32\isnotify.exe Deleted
        C:\WINDOWS\ANTIVIR\system32\issearch.exe Deleted
        C:\WINDOWS\ANTIVIR\system32\ixt?.dll Deleted
        C:\WINDOWS\ANTIVIR\system32\ot.ico Deleted
        C:\WINDOWS\ANTIVIR\system32\ts.ico Deleted
        C:\WINDOWS\ANTIVIR\system32\components\flx?.dll Deleted

        »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


        »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

        Registry Cleaning done.

        »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
        "ecgfb"="{39d23dba-a362-4803-b26c-5f2cb46e669b}"



        »»»»»»»»»»»»»»»»»»»»»»»» End

        Laita uusi hjt-loki


      • auttakaas
        Tämä näin kirjoitti:

        Laita uusi hjt-loki

        Logfile of HijackThis v1.99.1
        Scan saved at 12:50:26, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\Program Files\ewido anti-spyware 4.0\ewido.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe


      • Tämä näin
        auttakaas kirjoitti:

        Logfile of HijackThis v1.99.1
        Scan saved at 12:50:26, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\Program Files\ewido anti-spyware 4.0\ewido.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

        Poista kaikki javat lisää poista sovellutuksesta.

        scannaa hjt:lä merkkaa ja paina Fix checked

        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)

        laita sitten uusi loki


      • auttakaas
        Tämä näin kirjoitti:

        Poista kaikki javat lisää poista sovellutuksesta.

        scannaa hjt:lä merkkaa ja paina Fix checked

        O21 - SSODL: ecgfb - {39d23dba-a362-4803-b26c-5f2cb46e669b} - C:\WINDOWS\ANTIVIR\System32\kfhrvq.dll (file missing)

        laita sitten uusi loki

        Logfile of HijackThis v1.99.1
        Scan saved at 13:36:29, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\WINDOWS\ANTIVIR\System32\msiexec.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe


      • Tämä näin
        auttakaas kirjoitti:

        Logfile of HijackThis v1.99.1
        Scan saved at 13:36:29, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\WINDOWS\ANTIVIR\System32\msiexec.exe
        C:\HjT2\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        F2 - REG:system.ini: Shell=
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

        scannaa vielä hjt:lä merkkaa ja paina Fix checked

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        F2 - REG:system.ini: Shell=

        ja lataa tuolta uusi java
        http://www.java.com/en/download/index.jsp

        windows updateen päivittämään.


      • auttakaas
        Tämä näin kirjoitti:

        scannaa vielä hjt:lä merkkaa ja paina Fix checked

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\windows\system32\blank.htm
        F2 - REG:system.ini: Shell=

        ja lataa tuolta uusi java
        http://www.java.com/en/download/index.jsp

        windows updateen päivittämään.

        Scan saved at 14:26:24, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe


      • Tämä näin
        auttakaas kirjoitti:

        Scan saved at 14:26:24, on 20.8.2006
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\ANTIVIR\System32\smss.exe
        C:\WINDOWS\ANTIVIR\system32\winlogon.exe
        C:\WINDOWS\ANTIVIR\system32\services.exe
        C:\WINDOWS\ANTIVIR\system32\lsass.exe
        C:\WINDOWS\ANTIVIR\system32\svchost.exe
        C:\WINDOWS\ANTIVIR\System32\svchost.exe
        C:\WINDOWS\ANTIVIR\Explorer.EXE
        C:\WINDOWS\ANTIVIR\system32\spoolsv.exe
        C:\Program Files\ewido anti-spyware 4.0\guard.exe
        C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe
        C:\Program Files\Real\RealPlayer\RealPlay.exe
        C:\Program Files\Microsoft IntelliType Pro\type32.exe
        C:\Program Files\Microsoft IntelliPoint\point32.exe
        C:\WINDOWS\ANTIVIR\Anvshell.exe
        C:\documents and settings\iida\työpöytä\qt\qttask.exe
        C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        C:\Program Files\interMute\SpySubtract\SpySub.exe
        C:\WINDOWS\ANTIVIR\System32\wuauclt.exe
        C:\HjT2\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\ANTIVIR\System32\msdxm.ocx
        O4 - HKLM\..\Run: [RealTray] C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
        O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
        O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
        O4 - HKLM\..\Run: [Anvshell] C:\WINDOWS\ANTIVIR\Anvshell.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [QuickTime Task] "C:\documents and settings\iida\työpöytä\qt\qttask.exe" -atboottime
        O4 - HKLM\..\Run: [CnxDslTaskBar] C:\Program Files\TeleWell TW-IA300C ADSL\CnxDslTb.exe
        O4 - HKLM\..\Run: [!ewido] "C:\Program Files\ewido anti-spyware 4.0\ewido.exe" /minimized
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_08\bin\jusched.exe"
        O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\ANTIVIR\System32\ctfmon.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - Global Startup: Works Kalenterin muistutukset.lnk = ?
        O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
        O4 - Global Startup: Image Transfer.lnk = C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        O4 - Global Startup: SpySubtract.lnk = C:\Program Files\interMute\SpySubtract\SpySub.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\ANTIVIR\System32\Shdocvw.dll
        O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
        O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by17fd.bay17.hotmail.msn.com/resources/MsnPUpld.cab
        O16 - DPF: {BF985246-09BF-11D2-BE62-006097DF57F6} (SimCityX Control) - http://simcity.ea.com/play/classic/SimCityX.cab
        O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe
        O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\ANTIVIR\System32\nvsvc32.exe

        Mitäs palomuuria käytät kun ei osu silmään?

        http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htm


      • auttakaas
        Tämä näin kirjoitti:

        Mitäs palomuuria käytät kun ei osu silmään?

        http://koti.mbnet.fi/pattaya1/muut_ilmaisohjelmat.htm

        suuret kiitokset avusta :)

        zone alarm ainakin joskus ollut mutta en nykyisistä tiedä.. en itse ymmärrä koneista suunnilleen mitään, tietoisempi kaveri tämän kanssa on välillä jotain säätänyt. harvoin tässä kuitenkaan mitään isompia jumituksia esiintyy..


    Ketjusta on poistettu 0 sääntöjenvastaista viestiä.

    Luetuimmat keskustelut

    1. Hengenvaaralliset kiihdytysajot päättyivät karmealla tavalla, kilpailija kuoli

      Onnettomuudesta on aloitettu selvitys. Tapahtuma keskeytettiin onnettomuuteen. Tapahtumaa tutkitaan paikan päällä yhtei
      Kauhava
      172
      6253
    2. Ootko rakastunut?

      Kerro pois nyt
      Ikävä
      147
      1734
    3. Onhan sulla nainen parempi mieli

      Nyt? Ainakin toivon niin.
      Ikävä
      113
      1528
    4. Ujosteletko tosissaan vai mitä oikeen

      Himmailet???? Mitä pelkäät?????
      Ikävä
      51
      1280
    5. Suureksi onneksesi on myönnettävä

      Että olen nyt sitten mennyt rakastumaan sinuun. Ei tässä mitään, olen kärsivällinen ❤️
      Ikävä
      46
      952
    6. Möykkähulluus vaati kuolonuhrin

      Nuori elämä menettiin täysin turhaan tällä järjettömyydellä! Toivottavasti näitä ei enää koskaan nähdä Kauhavalla! 😢
      Kauhava
      30
      870
    7. Älä mies pidä mua pettäjänä

      En petä ketään. Älä mies ajattele niin. Anteeksi että ihastuin suhun varattuna. Pettänyt en ole koskaan ketään vaikka hu
      Ikävä
      97
      856
    8. Reeniähororeeniä

      Helvetillisen vaikeaa työskennellä hoitajana,kun ei kestä silmissään yhtään läskiä. Saati hoitaa sellaista. Mitä tehdä?
      Kouvola
      5
      809
    9. Tarvitsemme lisää maahanmuuttoa.

      Väestö eläköityy, eli tarvitsemme lisää tekeviä käsiä ja veronmaksajia. Ainut ratkaisu löytyy maahanmuutosta. Nimenomaan
      Maailman menoa
      229
      767
    10. Kävit nainen näemmä mun

      Facessa katsomassa....
      Ikävä
      41
      759
    Aihe