Koneessani on XP, F-secure, Ad-Aware,Spybotsdl jne...
Jossakin vaiheessa kävi niin, että viruksia
löytyi puolisen tusinaa. Ajelin F-s, A-A jne ja
tein niikuin käskettiin. Sitten kone ei sammunut
kuin väkisin. Järjestelmän palauttaminen ei korjannut vaan herjasi koneen väärästä käynnistyksestä. Netti pelaa joskus,
kone ei edelleenkään sammu oikein, eikä mikään tunnu auttavan. Auttakaa te.
Auttakaa ihmeessä...
eij
18
1359
Vastaukset
- fix it
Autetaanhan me, laita tuo hjt logi tänne.
Käy hae Hijackthis versio 1.99.1 ohjelma tuolta:
http://koti.mbnet.fi/pattaya1/hijackthis.htm#Lataus
Asenna ohjelma omaan kansioon, nimeä Hijackthis.exe--> scanner.exe:si.
Avaa ohjelma, valitse sieltä "Do a system scan and save a logfile", ohjelma heittää ruutuun muistion jossa on logitiedosto, kopioi logi kokonaisuudessaan ja liitä se tänne seuraavaan vastaukseesi. - Poistelen vain
Lataa tuolta
http://koti.mbnet.fi/pattaya1/escanmwav.htm
asenna, päivitä tapa2, laita täpit merkkauksien mukaan.
Scannaa
jos alaikkunaan virukset tulee jotain laita loki tänne.
kopioi se näin:
Käytä komentoa Ctrl A.
Kopioi rivit komennolla Ctrl C.
Liitä rivit komennolla Ctrl V.- eij
Kerro, miten jatkan!
--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------
1: Wed Oct 18 14:27:48 2006 => File C:\WINDOWS\system32\adfqlttg.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
2: Wed Oct 18 14:27:49 2006 => File C:\WINDOWS\system32\aqkaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
3: Wed Oct 18 14:28:07 2006 => File C:\WINDOWS\system32\daucsqkb.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
4: Wed Oct 18 14:28:15 2006 => File C:\WINDOWS\system32\dvavfnwo.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
5: Wed Oct 18 14:28:20 2006 => File C:\WINDOWS\system32\gaesjbsa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
6: Wed Oct 18 14:28:20 2006 => File C:\WINDOWS\system32\gajuwrcx.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
7: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gcfcsaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
8: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gcvkkqdf.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
9: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gkqaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
10: Wed Oct 18 14:28:22 2006 => File C:\WINDOWS\system32\gvjrawwi.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
11: Wed Oct 18 14:28:36 2006 => File C:\WINDOWS\system32\jvodaghx.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
12: Wed Oct 18 14:28:36 2006 => File C:\WINDOWS\system32\jwoojkkt.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
13: Wed Oct 18 14:28:37 2006 => File C:\WINDOWS\system32\jwutuaaa.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
14: Wed Oct 18 14:28:43 2006 => File C:\WINDOWS\system32\ld6CF2.0mp infected by "Trojan-Downloader.Win32.Zlob.lu" Virus. Action Taken: File Deleted.
15: Wed Oct 18 14:28:46 2006 => File C:\WINDOWS\system32\mbkumaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
16: Wed Oct 18 14:28:48 2006 => File C:\WINDOWS\system32\metqikov.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
17: Wed Oct 18 14:28:53 2006 => File C:\WINDOWS\system32\MLXGD.0XE infected by "Trojan.Win32.DNSChanger.ef" Virus. Action Taken: File Deleted.
18: Wed Oct 18 14:28:54 2006 => File C:\WINDOWS\system32\mnasiqre.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
19: Wed Oct 18 14:29:25 2006 => File C:\WINDOWS\system32\pkmsthyw.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
20: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\pudfnaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
21: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\puntaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
22: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\puofcjdr.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
23: Wed Oct 18 14:29:38 2006 => File C:\WINDOWS\system32\sgmgaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
24: Wed Oct 18 14:29:41 2006 => File C:\WINDOWS\system32\sjhgnaaa.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
25: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\soyjqlsn.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
26: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\spckaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
27: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\spdkmgsg.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
28: Wed Oct 18 14:29:46 2006 => File C:\WINDOWS\system32\spouqaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
29: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vgeaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
30: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhkfpcyr.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
31: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhruaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
32: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhudaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
33: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vlfyuaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
34: Wed Oct 18 14:30:01 2006 => File C:\WINDOWS\system32\vtaxukuw.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
35: Wed Oct 18 14:30:01 2006 => File C:\WINDOWS\system32\vxocngov.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
36: Wed Oct 18 14:31:59 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-2a83097a-7768edd5.0lass infected by "Trojan-Downloader.Java.OpenStream.y" Virus. Action Taken: File Deleted.
37: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-6a69a873.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
38: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-52bef249.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
39: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.zip-4d7779c9-466fbace.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
40: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1c4f5aab-414e6924.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
41: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1cbac3a3-12bb8078.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
42: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-58014e8c.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
43: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-60ff787d-78ff68c2.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
44: Wed Oct 18 14:32:11 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-3889dd88.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: File Deleted.
45: Wed Oct 18 15:18:31 2006 => File C:\Q.0XE infected by "Trojan.Win32.Dialer.ks" Virus. Action Taken: File Deleted.
46: Wed Oct 18 15:24:49 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026628.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
47: Wed Oct 18 15:24:49 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026630.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
48: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028708.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
49: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028709.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
50: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028710.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
51: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028711.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
52: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028712.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
53: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028713.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
54: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028714.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
55: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028715.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
56: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028716.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
57: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028717.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
58: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028718.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
59: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028719.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
60: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028720.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
61: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028721.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
62: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028722.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
63: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028723.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
64: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028724.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
65: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028725.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
66: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028726.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
67: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028727.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
68: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028728.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
69: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028729.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
70: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028730.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
71: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029760.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
72: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029761.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
73: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029762.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
74: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029763.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
75: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029772.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
76: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029773.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
77: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029774.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
78: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029775.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
79: Wed Oct 18 16:04:17 2006 => Total Number of Disinfected Files: 0
80: Wed Oct 18 17:47:26 2006 => Total Number of Disinfected Files: 0
--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------
1: Wed Oct 18 14:29:34 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
2: Wed Oct 18 14:29:37 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
3: Wed Oct 18 14:30:18 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
4: Wed Oct 18 14:38:16 2006 => File C:\hp\bin\KillWind.exe tagged as not-a-virus:RiskTool.Win32.PsKill.p. No Action Taken.
5: Wed Oct 18 14:44:18 2006 => File C:\Investime\vnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
6: Wed Oct 18 15:13:33 2006 => File C:\Program Files\RealVNC\WinVNC\othread2.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
7: Wed Oct 18 15:13:34 2006 => File C:\Program Files\RealVNC\WinVNC\vnchooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
8: Wed Oct 18 15:13:34 2006 => File C:\Program Files\RealVNC\WinVNC\winvnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
9: Wed Oct 18 15:52:58 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
10: Wed Oct 18 15:53:02 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
11: Wed Oct 18 15:53:51 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
12: Wed Oct 18 16:14:02 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
13: Wed Oct 18 16:14:06 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
14: Wed Oct 18 16:14:42 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
15: Wed Oct 18 16:22:14 2006 => File C:\hp\bin\KillWind.exe tagged as not-a-virus:RiskTool.Win32.PsKill.p. No Action Taken.
16: Wed Oct 18 16:28:29 2006 => File C:\Investime\vnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
17: Wed Oct 18 16:56:53 2006 => File C:\Program Files\RealVNC\WinVNC\othread2.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
18: Wed Oct 18 16:56:53 2006 => File C:\Program Files\RealVNC\WinVNC\vnchooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
19: Wed Oct 18 16:56:54 2006 => File C:\Program Files\RealVNC\WinVNC\winvnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
20: Wed Oct 18 17:36:15 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
21: Wed Oct 18 17:36:20 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
22: Wed Oct 18 17:37:12 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------
1: Wed Oct 18 14:27:20 2006 => ERROR!!! Invalid Entry VTTimer = VTTimer.exe. Removing it.
2: Wed Oct 18 14:27:22 2006 => ERROR!!! Invalid Entry AutoTBar = c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE. Removing it.
3: Wed Oct 18 14:27:22 2006 => ERROR!!! Invalid Entry ChkDisk = C:\WINDOWS\system32\iesniff.exe. Removing it.
4: Wed Oct 18 14:27:30 2006 => ERROR!!! Invalid Entry C:\Program Files\Network Monitor\netmon.exe service in SYSTEM\CurrentControlSet\Services\Network Monitor...
5: Wed Oct 18 14:27:36 2006 => ERROR!!! Invalid Entry C:\WINDOWS\system32\usrbridg.exe in SYSTEM\CurrentControlSet\Services\USRBRIDG...
6: Wed Oct 18 14:27:44 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
7: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
8: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
9: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
10: Wed Oct 18 14:28:35 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\jopbaaaa.exe
11: Wed Oct 18 14:29:09 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\mwhmwaaa.exe
12: Wed Oct 18 14:31:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com\profiles\HP_OMI~1\triggers.log
13: Wed Oct 18 14:31:17 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CALEND~1\vcalDB.dta
14: Wed Oct 18 14:31:17 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CONTAC~1\vcardDB.dta
15: Wed Oct 18 14:31:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\Motive\Acme\plugin\log\pchbtn.log
16: Wed Oct 18 14:33:21 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\Cookies\index.dat
17: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbdao
18: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbeao
19: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbm
20: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbvmh.ht1
21: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\hp
22: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpm1mh.ht1
23: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpmh.ht1
24: Wed Oct 18 14:33:52 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYD7BC~1.CRW
25: Wed Oct 18 14:33:52 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYINDE~3.GTH
26: Wed Oct 18 14:33:56 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\00010012.ci
27: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\CiPT0000.000
28: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\INDEX.000
29: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\CiST0000.000
30: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\DocId.Map
31: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.GTH
32: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.GTH
33: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY4F9E~1.GTH
34: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.DIR
35: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H0
36: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.DIR
37: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H1
38: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.DIR
39: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H3
40: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4A
41: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.DIR
42: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4B
43: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY8602~1.DIR
44: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.IDX
45: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.GTH
46: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY16BC~1.GTH
47: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSS.log
48: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSStmp.log
49: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\RSApp.edb
50: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\tmp.edb
51: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Logs\MAPI.txt
52: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf63F.tmp
53: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf640.tmp
54: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\PERFLI~1.DAT
55: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
56: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
57: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\SIVUHI~1\History.IE5\index.dat
58: Wed Oct 18 14:35:12 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\sv3je.tmp\sv3jf.tmp
59: Wed Oct 18 14:35:42 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
60: Wed Oct 18 14:35:50 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER.DAT
61: Wed Oct 18 14:35:50 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER~1.LOG
62: Wed Oct 18 14:37:35 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
63: Wed Oct 18 14:37:35 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
64: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\Cookies\index.dat
65: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\SIVUHI~1\History.IE5\index.dat
66: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\TEMPOR~1\Content.IE5\index.dat
67: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER.DAT
68: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER~1.LOG
69: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
70: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
71: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT
72: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG
73: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\mastlog.ldf
74: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\model.mdf
75: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\modellog.ldf
76: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPDB.MDF
77: Wed Oct 18 14:44:43 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPLOG.LDF
78: Wed Oct 18 14:44:44 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\LOG\ERRORLOG
79: Wed Oct 18 15:15:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\cache.dat
80: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.dat
81: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.idx
82: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.dat
83: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.idx
84: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\D0000000.FCS
85: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\fsbwupst.log
86: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\inuse.txt
87: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\L0000160.FCS
88: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\main.log
89: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.dat
90: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.idx
91: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.dat
92: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.idx
93: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_dnd.dat
94: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.dat
95: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.idx
96: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.dat
97: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.idx
98: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.dat
99: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.idx
100: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\admin.pub
101: Wed Oct 18 15:16:07 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.bpf
102: Wed Oct 18 15:16:07 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.ipf
103: Wed Oct 18 15:25:22 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP96\A0034231.exe
104: Wed Oct 18 15:25:32 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040343.exe
105: Wed Oct 18 15:25:34 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040411.exe
106: Wed Oct 18 15:25:35 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040412.exe
107: Wed Oct 18 15:25:36 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP99\change.log
108: Wed Oct 18 15:45:29 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
109: Wed Oct 18 15:49:15 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
110: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt
111: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default
112: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG
113: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM
114: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG
115: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt
116: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY
117: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG
118: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG
119: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt
120: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system
121: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG
122: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
123: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
124: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
125: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
126: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
127: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
128: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
129: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
130: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
131: Wed Oct 18 16:11:27 2006 => ERROR!!! Invalid Entry C:\Program Files\Network Monitor\netmon.exe service in SYSTEM\CurrentControlSet\Services\Network Monitor...
132: Wed Oct 18 16:11:37 2006 => ERROR!!! Invalid Entry C:\WINDOWS\system32\usrbridg.exe in SYSTEM\CurrentControlSet\Services\USRBRIDG...
133: Wed Oct 18 16:11:45 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
134: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
135: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
136: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
137: Wed Oct 18 16:15:25 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com\profiles\HP_OMI~1\triggers.log
138: Wed Oct 18 16:15:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CALEND~1\vcalDB.dta
139: Wed Oct 18 16:15:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CONTAC~1\vcardDB.dta
140: Wed Oct 18 16:16:08 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\Motive\Acme\plugin\log\pchbtn.log
141: Wed Oct 18 16:17:56 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\Cookies\index.dat
142: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbdao
143: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbeao
144: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbm
145: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbvmh.ht1
146: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\hp
147: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpm1mh.ht1
148: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpmh.ht1
149: Wed Oct 18 16:18:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYD7BC~1.CRW
150: Wed Oct 18 16:18:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYINDE~3.GTH
151: Wed Oct 18 16:18:29 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\00010012.ci
152: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\CiPT0000.000
153: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\INDEX.000
154: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\CiST0000.000
155: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\DocId.Map
156: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.GTH
157: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.GTH
158: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY4F9E~1.GTH
159: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.DIR
160: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H0
161: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.DIR
162: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H1
163: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.DIR
164: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H3
165: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4A
166: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.DIR
167: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4B
168: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY8602~1.DIR
169: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.IDX
170: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.GTH
171: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY16BC~1.GTH
172: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSS.log
173: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSStmp.log
174: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\RSApp.edb
175: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\tmp.edb
176: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Logs\MAPI.txt
177: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf63F.tmp
178: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf640.tmp
179: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\PERFLI~1.DAT
180: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
181: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
182: Wed Oct 18 16:18:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\SIVUHI~1\History.IE5\index.dat
183: Wed Oct 18 16:19:20 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\sv3je.tmp\sv3jf.tmp
184: Wed Oct 18 16:19:42 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
185: Wed Oct 18 16:19:49 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER.DAT
186: Wed Oct 18 16:19:49 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER~1.LOG
187: Wed Oct 18 16:21:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
188: Wed Oct 18 16:21:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
189: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\Cookies\index.dat
190: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\SIVUHI~1\History.IE5\index.dat
191: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\TEMPOR~1\Content.IE5\index.dat
192: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER.DAT
193: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER~1.LOG
194: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
195: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
196: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT
197: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG
198: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\mastlog.ldf
199: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\model.mdf
200: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\modellog.ldf
201: Wed Oct 18 16:28:55 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPDB.MDF
202: Wed Oct 18 16:28:55 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPLOG.LDF
203: Wed Oct 18 16:28:57 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\LOG\ERRORLOG
204: Wed Oct 18 16:58:37 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\cache.dat
205: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.dat
206: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.idx
207: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.dat
208: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.idx
209: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\D0000000.FCS
210: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\fsbwupst.log
211: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\inuse.txt
212: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\L0000160.FCS
213: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\main.log
214: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.dat
215: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.idx
216: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.dat
217: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.idx
218: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_dnd.dat
219: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.dat
220: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.idx
221: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.dat
222: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.idx
223: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.dat
224: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.idx
225: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\admin.pub
226: Wed Oct 18 16:59:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.bpf
227: Wed Oct 18 16:59:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.ipf
228: Wed Oct 18 17:08:36 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040412.exe
229: Wed Oct 18 17:08:38 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP99\change.log
230: Wed Oct 18 17:28:59 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
231: Wed Oct 18 17:32:41 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
232: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt
233: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default
234: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG
235: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM
236: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG
237: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt
238: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY
239: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG
240: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG
241: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt
242: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system
243: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG
244: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
245: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
246: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
247: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
248: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
249: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
250: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
251: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
252: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
--------------------------------------------------
------------- FILES ADDED TO DELETE --------------
--------------------------------------------------
1: C:\WINDOWS\system32\adfqlttg.0xe => Trojan.Win32.Zapchast.ca
2: C:\WINDOWS\system32\aqkaaaaa.0xe => Trojan.Win32.Zapchast.ca
3: C:\WINDOWS\system32\daucsqkb.0xe => Trojan.Win32.Zapchast.ca
4: C:\WINDOWS\system32\dvavfnwo.0xe => Trojan.Win32.Zapchast.ca
5: C:\WINDOWS\system32\gaesjbsa.0xe => Trojan.Win32.Zapchast.ca
6: C:\WINDOWS\system32\gajuwrcx.0xe => Trojan.Win32.Zapchast.ca
7: C:\WINDOWS\system32\gcfcsaaa.0xe => Trojan.Win32.Zapchast.ca
8: C:\WINDOWS\system32\gcvkkqdf.0xe => Trojan.Win32.Zapchast.ca
9: C:\WINDOWS\system32\gkqaaaaa.0xe => Trojan.Win32.Zapchast.ca
10: C:\WINDOWS\system32\gvjrawwi.0xe => Trojan.Win32.Zapchast.ca
11: C:\WINDOWS\system32\jvodaghx.0xe => Trojan.Win32.Zapchast.ca
12: C:\WINDOWS\system32\jwoojkkt.0xe => Trojan.Win32.Zapchast.ca
13: C:\WINDOWS\system32\jwutuaaa.0xe => Trojan-Proxy.Win32.Wopla.ac
14: C:\WINDOWS\system32\ld6CF2.0mp => Trojan-Downloader.Win32.Zlob.lu
15: C:\WINDOWS\system32\mbkumaaa.0xe => Trojan.Win32.Zapchast.ca
16: C:\WINDOWS\system32\metqikov.0xe => Trojan.Win32.Zapchast.ca
17: C:\WINDOWS\system32\MLXGD.0XE => Trojan.Win32.DNSChanger.ef
18: C:\WINDOWS\system32\mnasiqre.0xe => Trojan.Win32.Zapchast.ca
19: C:\WINDOWS\system32\pkmsthyw.0xe => Trojan.Win32.Zapchast.ca
20: C:\WINDOWS\system32\pudfnaaa.0xe => Trojan.Win32.Zapchast.ca
21: C:\WINDOWS\system32\puntaaaa.0xe => Trojan.Win32.Zapchast.ca
22: C:\WINDOWS\system32\puofcjdr.0xe => Trojan.Win32.Zapchast.ca
23: C:\WINDOWS\system32\rzspy.exe => tagged:AdWare.Win32.Raze.a.
24: C:\WINDOWS\system32\SetupCarnival.exe => tagged:AdWare.Win32.Casino.w.
25: C:\WINDOWS\system32\sgmgaaaa.0xe => Trojan.Win32.Zapchast.ca
26: C:\WINDOWS\system32\sjhgnaaa.0xe => Trojan-Proxy.Win32.Wopla.ac
27: C:\WINDOWS\system32\soyjqlsn.0xe => Trojan.Win32.Zapchast.ca
28: C:\WINDOWS\system32\spckaaaa.0xe => Trojan.Win32.Zapchast.ca
29: C:\WINDOWS\system32\spdkmgsg.0xe => Trojan.Win32.Zapchast.ca
30: C:\WINDOWS\system32\spouqaaa.0xe => Trojan.Win32.Zapchast.ca
31: C:\WINDOWS\system32\vgeaaaaa.0xe => Trojan.Win32.Zapchast.ca
32: C:\WINDOWS\system32\vhkfpcyr.0xe => Trojan.Win32.Zapchast.ca
33: C:\WINDOWS\system32\vhruaaaa.0xe => Trojan.Win32.Zapchast.ca
34: C:\WINDOWS\system32\vhudaaaa.0xe => Trojan.Win32.Zapchast.ca
35: C:\WINDOWS\system32\vlfyuaaa.0xe => Trojan.Win32.Zapchast.ca
36: C:\WINDOWS\system32\vtaxukuw.0xe => Trojan.Win32.Zapchast.ca
37: C:\WINDOWS\system32\vxocngov.0xe => Trojan.Win32.Zapchast.ca
38: C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe => tagged:AdWare.Win32.Casino.w.
39: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-2a83097a-7768edd5.0lass => Trojan-Downloader.Java.OpenStream.y
40: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-6a69a873.zip => Trojan.Java.ClassLoader.c
41: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-52bef249.zip => Trojan.Java.ClassLoader.c
42: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.zip-4d7779c9-466fbace.zip => Trojan.Java.ClassLoader.c
43: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1c4f5aab-414e6924.zip => Exploit.Java.ByteVerify
44: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1cbac3a3-12bb8078.zip => Exploit.Java.ByteVerify
45: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-58014e8c.zip => Exploit.Java.ByteVerify
46: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-60ff787d-78ff68c2.zip => Exploit.Java.ByteVerify
47: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-3889dd88.zip => Trojan-Downloader.Java.OpenStream.c
48: C:\hp\bin\KillWind.exe => tagged:RiskTool.Win32.PsKill.p.
49: C:\Investime\vnc.exe => tagged:RemoteAdmin.Win32.WinVNC-based.c.
50: C:\Program Files\RealVNC\WinVNC\othread2.dll => tagged:RemoteAdmin.Win32.WinVNC-based.c.
51: C:\Program Files\RealVNC\WinVNC\vnchooks.dll => tagged:RemoteAdmin.Win32.WinVNC-based.c.
52: C:\Program Files\RealVNC\WinVNC\winvnc.exe => tagged:RemoteAdmin.Win32.WinVNC-based.c.
53: C:\Q.0XE => Trojan.Win32.Dialer.ks
54: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026628.0xe => Trojan-Proxy.Win32.Wopla.ac
55: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026630.0xe => Trojan-Proxy.Win32.Wopla.ac
56: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028708.0xe => Trojan.Win32.Zapchast.ca
57: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028709.0xe => Trojan.Win32.Zapchast.ca
58: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028710.0xe => Trojan.Win32.Zapchast.ca
59: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028711.0xe => Trojan.Win32.Zapchast.ca
60: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028712.0xe => Trojan.Win32.Zapchast.ca
61: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028713.0xe => Trojan.Win32.Zapchast.ca
62: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028714.0xe => Trojan.Win32.Zapchast.ca
63: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028715.0xe => Trojan.Win32.Zapchast.ca
64: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028716.0xe => Trojan-Proxy.Win32.Wopla.ac
65: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028717.0xe => Trojan.Win32.Zapchast.ca
66: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028718.0xe => Trojan.Win32.Zapchast.ca
67: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028719.0xe => Trojan.Win32.Zapchast.ca
68: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028720.0xe => Trojan.Win32.Zapchast.ca
69: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028721.0xe => Trojan.Win32.Zapchast.ca
70: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028722.0xe => Trojan.Win32.Zapchast.ca
71: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028723.0xe => Trojan.Win32.Zapchast.ca
72: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028724.0xe => Trojan.Win32.Zapchast.ca
73: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028725.0xe => Trojan.Win32.Zapchast.ca
74: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028726.0xe => Trojan.Win32.Zapchast.ca
75: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028727.0xe => Trojan.Win32.Zapchast.ca
76: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028728.0xe => Trojan.Win32.Zapchast.ca
77: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028729.0xe => Trojan.Win32.Zapchast.ca
78: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028730.0xe => Trojan.Win32.Zapchast.ca
79: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029760.0xe => Trojan.Win32.Zapchast.ca
80: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029761.0xe => Trojan.Win32.Zapchast.ca
81: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029762.0xe => Trojan.Win32.Zapchast.ca
82: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029763.0xe => Trojan-Proxy.Win32.Wopla.ac
83: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029772.0xe => Trojan.Win32.Zapchast.ca
84: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029773.0xe => Trojan.Win32.Zapchast.ca
85: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029774.0xe => Trojan.Win32.Zapchast.ca
86: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029775.0xe => Trojan.Win32.Zapchast.ca
--------------------------------------------------
-------------------- Statistik -------------------
-------------------------------------------------- - FixFix
eij kirjoitti:
Kerro, miten jatkan!
--------------------------------------------------
-------------------- INFECTED --------------------
--------------------------------------------------
1: Wed Oct 18 14:27:48 2006 => File C:\WINDOWS\system32\adfqlttg.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
2: Wed Oct 18 14:27:49 2006 => File C:\WINDOWS\system32\aqkaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
3: Wed Oct 18 14:28:07 2006 => File C:\WINDOWS\system32\daucsqkb.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
4: Wed Oct 18 14:28:15 2006 => File C:\WINDOWS\system32\dvavfnwo.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
5: Wed Oct 18 14:28:20 2006 => File C:\WINDOWS\system32\gaesjbsa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
6: Wed Oct 18 14:28:20 2006 => File C:\WINDOWS\system32\gajuwrcx.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
7: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gcfcsaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
8: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gcvkkqdf.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
9: Wed Oct 18 14:28:21 2006 => File C:\WINDOWS\system32\gkqaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
10: Wed Oct 18 14:28:22 2006 => File C:\WINDOWS\system32\gvjrawwi.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
11: Wed Oct 18 14:28:36 2006 => File C:\WINDOWS\system32\jvodaghx.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
12: Wed Oct 18 14:28:36 2006 => File C:\WINDOWS\system32\jwoojkkt.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
13: Wed Oct 18 14:28:37 2006 => File C:\WINDOWS\system32\jwutuaaa.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
14: Wed Oct 18 14:28:43 2006 => File C:\WINDOWS\system32\ld6CF2.0mp infected by "Trojan-Downloader.Win32.Zlob.lu" Virus. Action Taken: File Deleted.
15: Wed Oct 18 14:28:46 2006 => File C:\WINDOWS\system32\mbkumaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
16: Wed Oct 18 14:28:48 2006 => File C:\WINDOWS\system32\metqikov.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
17: Wed Oct 18 14:28:53 2006 => File C:\WINDOWS\system32\MLXGD.0XE infected by "Trojan.Win32.DNSChanger.ef" Virus. Action Taken: File Deleted.
18: Wed Oct 18 14:28:54 2006 => File C:\WINDOWS\system32\mnasiqre.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
19: Wed Oct 18 14:29:25 2006 => File C:\WINDOWS\system32\pkmsthyw.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
20: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\pudfnaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
21: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\puntaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
22: Wed Oct 18 14:29:27 2006 => File C:\WINDOWS\system32\puofcjdr.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
23: Wed Oct 18 14:29:38 2006 => File C:\WINDOWS\system32\sgmgaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
24: Wed Oct 18 14:29:41 2006 => File C:\WINDOWS\system32\sjhgnaaa.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
25: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\soyjqlsn.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
26: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\spckaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
27: Wed Oct 18 14:29:45 2006 => File C:\WINDOWS\system32\spdkmgsg.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
28: Wed Oct 18 14:29:46 2006 => File C:\WINDOWS\system32\spouqaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
29: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vgeaaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
30: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhkfpcyr.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
31: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhruaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
32: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vhudaaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
33: Wed Oct 18 14:30:00 2006 => File C:\WINDOWS\system32\vlfyuaaa.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
34: Wed Oct 18 14:30:01 2006 => File C:\WINDOWS\system32\vtaxukuw.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
35: Wed Oct 18 14:30:01 2006 => File C:\WINDOWS\system32\vxocngov.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
36: Wed Oct 18 14:31:59 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-2a83097a-7768edd5.0lass infected by "Trojan-Downloader.Java.OpenStream.y" Virus. Action Taken: File Deleted.
37: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-6a69a873.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
38: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-52bef249.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
39: Wed Oct 18 14:32:05 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.zip-4d7779c9-466fbace.zip infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
40: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1c4f5aab-414e6924.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
41: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1cbac3a3-12bb8078.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
42: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-58014e8c.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
43: Wed Oct 18 14:32:06 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-60ff787d-78ff68c2.zip infected by "Exploit.Java.ByteVerify" Virus. Action Taken: File Renamed.
44: Wed Oct 18 14:32:11 2006 => File C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-3889dd88.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: File Deleted.
45: Wed Oct 18 15:18:31 2006 => File C:\Q.0XE infected by "Trojan.Win32.Dialer.ks" Virus. Action Taken: File Deleted.
46: Wed Oct 18 15:24:49 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026628.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
47: Wed Oct 18 15:24:49 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026630.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
48: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028708.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
49: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028709.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
50: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028710.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
51: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028711.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
52: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028712.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
53: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028713.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
54: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028714.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
55: Wed Oct 18 15:24:54 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028715.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
56: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028716.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
57: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028717.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
58: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028718.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
59: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028719.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
60: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028720.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
61: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028721.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
62: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028722.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
63: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028723.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
64: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028724.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
65: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028725.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
66: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028726.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
67: Wed Oct 18 15:24:55 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028727.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
68: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028728.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
69: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028729.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
70: Wed Oct 18 15:24:56 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028730.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
71: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029760.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
72: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029761.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
73: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029762.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
74: Wed Oct 18 15:24:59 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029763.0xe infected by "Trojan-Proxy.Win32.Wopla.ac" Virus. Action Taken: File Deleted.
75: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029772.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
76: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029773.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
77: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029774.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
78: Wed Oct 18 15:25:01 2006 => File C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029775.0xe infected by "Trojan.Win32.Zapchast.ca" Virus. Action Taken: File Deleted.
79: Wed Oct 18 16:04:17 2006 => Total Number of Disinfected Files: 0
80: Wed Oct 18 17:47:26 2006 => Total Number of Disinfected Files: 0
--------------------------------------------------
--------------------- TAGGED ---------------------
--------------------------------------------------
1: Wed Oct 18 14:29:34 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
2: Wed Oct 18 14:29:37 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
3: Wed Oct 18 14:30:18 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
4: Wed Oct 18 14:38:16 2006 => File C:\hp\bin\KillWind.exe tagged as not-a-virus:RiskTool.Win32.PsKill.p. No Action Taken.
5: Wed Oct 18 14:44:18 2006 => File C:\Investime\vnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
6: Wed Oct 18 15:13:33 2006 => File C:\Program Files\RealVNC\WinVNC\othread2.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
7: Wed Oct 18 15:13:34 2006 => File C:\Program Files\RealVNC\WinVNC\vnchooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
8: Wed Oct 18 15:13:34 2006 => File C:\Program Files\RealVNC\WinVNC\winvnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
9: Wed Oct 18 15:52:58 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
10: Wed Oct 18 15:53:02 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
11: Wed Oct 18 15:53:51 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
12: Wed Oct 18 16:14:02 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
13: Wed Oct 18 16:14:06 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
14: Wed Oct 18 16:14:42 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
15: Wed Oct 18 16:22:14 2006 => File C:\hp\bin\KillWind.exe tagged as not-a-virus:RiskTool.Win32.PsKill.p. No Action Taken.
16: Wed Oct 18 16:28:29 2006 => File C:\Investime\vnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
17: Wed Oct 18 16:56:53 2006 => File C:\Program Files\RealVNC\WinVNC\othread2.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
18: Wed Oct 18 16:56:53 2006 => File C:\Program Files\RealVNC\WinVNC\vnchooks.dll tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
19: Wed Oct 18 16:56:54 2006 => File C:\Program Files\RealVNC\WinVNC\winvnc.exe tagged as not-a-virus:RemoteAdmin.Win32.WinVNC-based.c. No Action Taken.
20: Wed Oct 18 17:36:15 2006 => File C:\WINDOWS\system32\rzspy.exe tagged as not-a-virus:AdWare.Win32.Raze.a. No Action Taken.
21: Wed Oct 18 17:36:20 2006 => File C:\WINDOWS\system32\SetupCarnival.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
22: Wed Oct 18 17:37:12 2006 => File C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe tagged as not-a-virus:AdWare.Win32.Casino.w. No Action Taken.
--------------------------------------------------
--------------------- ERRORS ---------------------
--------------------------------------------------
1: Wed Oct 18 14:27:20 2006 => ERROR!!! Invalid Entry VTTimer = VTTimer.exe. Removing it.
2: Wed Oct 18 14:27:22 2006 => ERROR!!! Invalid Entry AutoTBar = c:\Program Files\HP\Digital Imaging\bin\AUTOTBAR.EXE. Removing it.
3: Wed Oct 18 14:27:22 2006 => ERROR!!! Invalid Entry ChkDisk = C:\WINDOWS\system32\iesniff.exe. Removing it.
4: Wed Oct 18 14:27:30 2006 => ERROR!!! Invalid Entry C:\Program Files\Network Monitor\netmon.exe service in SYSTEM\CurrentControlSet\Services\Network Monitor...
5: Wed Oct 18 14:27:36 2006 => ERROR!!! Invalid Entry C:\WINDOWS\system32\usrbridg.exe in SYSTEM\CurrentControlSet\Services\USRBRIDG...
6: Wed Oct 18 14:27:44 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
7: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
8: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
9: Wed Oct 18 14:27:46 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
10: Wed Oct 18 14:28:35 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\jopbaaaa.exe
11: Wed Oct 18 14:29:09 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\mwhmwaaa.exe
12: Wed Oct 18 14:31:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com\profiles\HP_OMI~1\triggers.log
13: Wed Oct 18 14:31:17 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CALEND~1\vcalDB.dta
14: Wed Oct 18 14:31:17 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CONTAC~1\vcardDB.dta
15: Wed Oct 18 14:31:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\Motive\Acme\plugin\log\pchbtn.log
16: Wed Oct 18 14:33:21 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\Cookies\index.dat
17: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbdao
18: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbeao
19: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbm
20: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbvmh.ht1
21: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\hp
22: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpm1mh.ht1
23: Wed Oct 18 14:33:23 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpmh.ht1
24: Wed Oct 18 14:33:52 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYD7BC~1.CRW
25: Wed Oct 18 14:33:52 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYINDE~3.GTH
26: Wed Oct 18 14:33:56 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\00010012.ci
27: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\CiPT0000.000
28: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\INDEX.000
29: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\CiST0000.000
30: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\DocId.Map
31: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.GTH
32: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.GTH
33: Wed Oct 18 14:33:57 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY4F9E~1.GTH
34: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.DIR
35: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H0
36: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.DIR
37: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H1
38: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.DIR
39: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H3
40: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4A
41: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.DIR
42: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4B
43: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY8602~1.DIR
44: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.IDX
45: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.GTH
46: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY16BC~1.GTH
47: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSS.log
48: Wed Oct 18 14:33:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSStmp.log
49: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\RSApp.edb
50: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\tmp.edb
51: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Logs\MAPI.txt
52: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf63F.tmp
53: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf640.tmp
54: Wed Oct 18 14:33:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\PERFLI~1.DAT
55: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
56: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
57: Wed Oct 18 14:34:00 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\SIVUHI~1\History.IE5\index.dat
58: Wed Oct 18 14:35:12 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\sv3je.tmp\sv3jf.tmp
59: Wed Oct 18 14:35:42 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
60: Wed Oct 18 14:35:50 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER.DAT
61: Wed Oct 18 14:35:50 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER~1.LOG
62: Wed Oct 18 14:37:35 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
63: Wed Oct 18 14:37:35 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
64: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\Cookies\index.dat
65: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\SIVUHI~1\History.IE5\index.dat
66: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\TEMPOR~1\Content.IE5\index.dat
67: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER.DAT
68: Wed Oct 18 14:37:36 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER~1.LOG
69: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
70: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
71: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT
72: Wed Oct 18 14:37:37 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG
73: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\mastlog.ldf
74: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\model.mdf
75: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\modellog.ldf
76: Wed Oct 18 14:44:42 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPDB.MDF
77: Wed Oct 18 14:44:43 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPLOG.LDF
78: Wed Oct 18 14:44:44 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\LOG\ERRORLOG
79: Wed Oct 18 15:15:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\cache.dat
80: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.dat
81: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.idx
82: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.dat
83: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.idx
84: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\D0000000.FCS
85: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\fsbwupst.log
86: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\inuse.txt
87: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\L0000160.FCS
88: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\main.log
89: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.dat
90: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.idx
91: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.dat
92: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.idx
93: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_dnd.dat
94: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.dat
95: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.idx
96: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.dat
97: Wed Oct 18 15:15:21 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.idx
98: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.dat
99: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.idx
100: Wed Oct 18 15:15:22 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\admin.pub
101: Wed Oct 18 15:16:07 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.bpf
102: Wed Oct 18 15:16:07 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.ipf
103: Wed Oct 18 15:25:22 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP96\A0034231.exe
104: Wed Oct 18 15:25:32 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040343.exe
105: Wed Oct 18 15:25:34 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040411.exe
106: Wed Oct 18 15:25:35 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040412.exe
107: Wed Oct 18 15:25:36 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP99\change.log
108: Wed Oct 18 15:45:29 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
109: Wed Oct 18 15:49:15 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
110: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt
111: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default
112: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG
113: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM
114: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG
115: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt
116: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY
117: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG
118: Wed Oct 18 15:49:42 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG
119: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt
120: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system
121: Wed Oct 18 15:49:43 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG
122: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
123: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
124: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
125: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
126: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
127: Wed Oct 18 15:53:33 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
128: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
129: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
130: Wed Oct 18 15:53:57 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
131: Wed Oct 18 16:11:27 2006 => ERROR!!! Invalid Entry C:\Program Files\Network Monitor\netmon.exe service in SYSTEM\CurrentControlSet\Services\Network Monitor...
132: Wed Oct 18 16:11:37 2006 => ERROR!!! Invalid Entry C:\WINDOWS\system32\usrbridg.exe in SYSTEM\CurrentControlSet\Services\USRBRIDG...
133: Wed Oct 18 16:11:45 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
134: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
135: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
136: Wed Oct 18 16:11:47 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
137: Wed Oct 18 16:15:25 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\ALLUSE~1\APPLIC~1\Support.com\profiles\HP_OMI~1\triggers.log
138: Wed Oct 18 16:15:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CALEND~1\vcalDB.dta
139: Wed Oct 18 16:15:59 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\DATALA~1\354321~1\CONTAC~1\vcardDB.dta
140: Wed Oct 18 16:16:08 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\APPLIC~1\Motive\Acme\plugin\log\pchbtn.log
141: Wed Oct 18 16:17:56 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\Cookies\index.dat
142: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbdao
143: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbeao
144: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbm
145: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\dbvmh.ht1
146: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\hp
147: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpm1mh.ht1
148: Wed Oct 18 16:17:58 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\Google\GOOGLE~2\883BE6~1\rpmh.ht1
149: Wed Oct 18 16:18:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYD7BC~1.CRW
150: Wed Oct 18 16:18:24 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\GATHER~1\MyIndex\MYINDE~3.GTH
151: Wed Oct 18 16:18:29 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\00010012.ci
152: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\CiPT0000.000
153: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\CiFiles\INDEX.000
154: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\CiST0000.000
155: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\Build\Indexer\NlFiles\DocId.Map
156: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.GTH
157: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.GTH
158: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY4F9E~1.GTH
159: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.DIR
160: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H0
161: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~2.DIR
162: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H1
163: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~3.DIR
164: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H3
165: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4A
166: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.DIR
167: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.H4B
168: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY8602~1.DIR
169: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~1.IDX
170: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MYINDE~4.GTH
171: Wed Oct 18 16:18:30 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\Projects\MyIndex\MY16BC~1.GTH
172: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSS.log
173: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\MSStmp.log
174: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\RSApp.edb
175: Wed Oct 18 16:18:31 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\APPLIC~1\RSApp\PROPER~1\tmp.edb
176: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Logs\MAPI.txt
177: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf63F.tmp
178: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\Ntf640.tmp
179: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\DESKTO~1\Temp\RSSGTH~1\PERFLI~1.DAT
180: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
181: Wed Oct 18 16:18:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
182: Wed Oct 18 16:18:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\SIVUHI~1\History.IE5\index.dat
183: Wed Oct 18 16:19:20 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\sv3je.tmp\sv3jf.tmp
184: Wed Oct 18 16:19:42 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\LOCALS~1\TEMPOR~1\Content.IE5\index.dat
185: Wed Oct 18 16:19:49 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER.DAT
186: Wed Oct 18 16:19:49 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\HP_OMI~1\NTUSER~1.LOG
187: Wed Oct 18 16:21:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
188: Wed Oct 18 16:21:32 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
189: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\Cookies\index.dat
190: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\SIVUHI~1\History.IE5\index.dat
191: Wed Oct 18 16:21:33 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\LOCALS~1\Temp\TEMPOR~1\Content.IE5\index.dat
192: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER.DAT
193: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\LOCALS~1\NTUSER~1.LOG
194: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\UsrClass.dat
195: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\LOCALS~1\APPLIC~1\MICROS~1\Windows\USRCLA~1.LOG
196: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER.DAT
197: Wed Oct 18 16:21:34 2006 => ERROR!!! ScanFile fails for C:\DOCUME~1\NETWOR~1\NTUSER~1.LOG
198: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\mastlog.ldf
199: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\model.mdf
200: Wed Oct 18 16:28:54 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\modellog.ldf
201: Wed Oct 18 16:28:55 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPDB.MDF
202: Wed Oct 18 16:28:55 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\Data\TEMPLOG.LDF
203: Wed Oct 18 16:28:57 2006 => ERROR!!! ScanFile fails for C:\MSSQL7\LOG\ERRORLOG
204: Wed Oct 18 16:58:37 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\cache.dat
205: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.dat
206: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chandir.idx
207: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.dat
208: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\chn.idx
209: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\D0000000.FCS
210: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\fsbwupst.log
211: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\inuse.txt
212: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\L0000160.FCS
213: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\main.log
214: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.dat
215: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs.idx
216: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.dat
217: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_die.idx
218: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_dnd.dat
219: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.dat
220: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_ext.idx
221: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.dat
222: Wed Oct 18 16:58:38 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\prs_rcv.idx
223: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.dat
224: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\backweb\227364\Users\Default\Data\storydb.idx
225: Wed Oct 18 16:58:39 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\admin.pub
226: Wed Oct 18 16:59:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.bpf
227: Wed Oct 18 16:59:20 2006 => ERROR!!! ScanFile fails for C:\PROGRA~1\TIETOT~1\Common\policy.ipf
228: Wed Oct 18 17:08:36 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP98\A0040412.exe
229: Wed Oct 18 17:08:38 2006 => ERROR!!! ScanFile fails for C:\SYSTEM~1\_RESTO~1\RP99\change.log
230: Wed Oct 18 17:28:59 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SchedLgU.Txt
231: Wed Oct 18 17:32:41 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\SoftwareDistribution\ReportingEvents.log
232: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\AppEvent.Evt
233: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default
234: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\default.LOG
235: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM
236: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SAM.LOG
237: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SecEvent.Evt
238: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY
239: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SECURITY.LOG
240: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\software.LOG
241: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\SysEvent.Evt
242: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system
243: Wed Oct 18 17:33:07 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\config\system.LOG
244: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR
245: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP
246: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER
247: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP
248: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP
249: Wed Oct 18 17:36:53 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP
250: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiadebug.log
251: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\wiaservc.log
252: Wed Oct 18 17:37:17 2006 => ERROR!!! ScanFile fails for C:\WINDOWS\WindowsUpdate.log
--------------------------------------------------
------------- FILES ADDED TO DELETE --------------
--------------------------------------------------
1: C:\WINDOWS\system32\adfqlttg.0xe => Trojan.Win32.Zapchast.ca
2: C:\WINDOWS\system32\aqkaaaaa.0xe => Trojan.Win32.Zapchast.ca
3: C:\WINDOWS\system32\daucsqkb.0xe => Trojan.Win32.Zapchast.ca
4: C:\WINDOWS\system32\dvavfnwo.0xe => Trojan.Win32.Zapchast.ca
5: C:\WINDOWS\system32\gaesjbsa.0xe => Trojan.Win32.Zapchast.ca
6: C:\WINDOWS\system32\gajuwrcx.0xe => Trojan.Win32.Zapchast.ca
7: C:\WINDOWS\system32\gcfcsaaa.0xe => Trojan.Win32.Zapchast.ca
8: C:\WINDOWS\system32\gcvkkqdf.0xe => Trojan.Win32.Zapchast.ca
9: C:\WINDOWS\system32\gkqaaaaa.0xe => Trojan.Win32.Zapchast.ca
10: C:\WINDOWS\system32\gvjrawwi.0xe => Trojan.Win32.Zapchast.ca
11: C:\WINDOWS\system32\jvodaghx.0xe => Trojan.Win32.Zapchast.ca
12: C:\WINDOWS\system32\jwoojkkt.0xe => Trojan.Win32.Zapchast.ca
13: C:\WINDOWS\system32\jwutuaaa.0xe => Trojan-Proxy.Win32.Wopla.ac
14: C:\WINDOWS\system32\ld6CF2.0mp => Trojan-Downloader.Win32.Zlob.lu
15: C:\WINDOWS\system32\mbkumaaa.0xe => Trojan.Win32.Zapchast.ca
16: C:\WINDOWS\system32\metqikov.0xe => Trojan.Win32.Zapchast.ca
17: C:\WINDOWS\system32\MLXGD.0XE => Trojan.Win32.DNSChanger.ef
18: C:\WINDOWS\system32\mnasiqre.0xe => Trojan.Win32.Zapchast.ca
19: C:\WINDOWS\system32\pkmsthyw.0xe => Trojan.Win32.Zapchast.ca
20: C:\WINDOWS\system32\pudfnaaa.0xe => Trojan.Win32.Zapchast.ca
21: C:\WINDOWS\system32\puntaaaa.0xe => Trojan.Win32.Zapchast.ca
22: C:\WINDOWS\system32\puofcjdr.0xe => Trojan.Win32.Zapchast.ca
23: C:\WINDOWS\system32\rzspy.exe => tagged:AdWare.Win32.Raze.a.
24: C:\WINDOWS\system32\SetupCarnival.exe => tagged:AdWare.Win32.Casino.w.
25: C:\WINDOWS\system32\sgmgaaaa.0xe => Trojan.Win32.Zapchast.ca
26: C:\WINDOWS\system32\sjhgnaaa.0xe => Trojan-Proxy.Win32.Wopla.ac
27: C:\WINDOWS\system32\soyjqlsn.0xe => Trojan.Win32.Zapchast.ca
28: C:\WINDOWS\system32\spckaaaa.0xe => Trojan.Win32.Zapchast.ca
29: C:\WINDOWS\system32\spdkmgsg.0xe => Trojan.Win32.Zapchast.ca
30: C:\WINDOWS\system32\spouqaaa.0xe => Trojan.Win32.Zapchast.ca
31: C:\WINDOWS\system32\vgeaaaaa.0xe => Trojan.Win32.Zapchast.ca
32: C:\WINDOWS\system32\vhkfpcyr.0xe => Trojan.Win32.Zapchast.ca
33: C:\WINDOWS\system32\vhruaaaa.0xe => Trojan.Win32.Zapchast.ca
34: C:\WINDOWS\system32\vhudaaaa.0xe => Trojan.Win32.Zapchast.ca
35: C:\WINDOWS\system32\vlfyuaaa.0xe => Trojan.Win32.Zapchast.ca
36: C:\WINDOWS\system32\vtaxukuw.0xe => Trojan.Win32.Zapchast.ca
37: C:\WINDOWS\system32\vxocngov.0xe => Trojan.Win32.Zapchast.ca
38: C:\WINDOWS\system32\{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe => tagged:AdWare.Win32.Casino.w.
39: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\omfg.class-2a83097a-7768edd5.0lass => Trojan-Downloader.Java.OpenStream.y
40: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-1f8050ce-6a69a873.zip => Trojan.Java.ClassLoader.c
41: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-6bfe7dce-52bef249.zip => Trojan.Java.ClassLoader.c
42: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.zip-4d7779c9-466fbace.zip => Trojan.Java.ClassLoader.c
43: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1c4f5aab-414e6924.zip => Exploit.Java.ByteVerify
44: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-1cbac3a3-12bb8078.zip => Exploit.Java.ByteVerify
45: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-2de2e2c5-58014e8c.zip => Exploit.Java.ByteVerify
46: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count.jar-60ff787d-78ff68c2.zip => Exploit.Java.ByteVerify
47: C:\Documents and Settings\HP_Omistaja\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv637.jar-73722924-3889dd88.zip => Trojan-Downloader.Java.OpenStream.c
48: C:\hp\bin\KillWind.exe => tagged:RiskTool.Win32.PsKill.p.
49: C:\Investime\vnc.exe => tagged:RemoteAdmin.Win32.WinVNC-based.c.
50: C:\Program Files\RealVNC\WinVNC\othread2.dll => tagged:RemoteAdmin.Win32.WinVNC-based.c.
51: C:\Program Files\RealVNC\WinVNC\vnchooks.dll => tagged:RemoteAdmin.Win32.WinVNC-based.c.
52: C:\Program Files\RealVNC\WinVNC\winvnc.exe => tagged:RemoteAdmin.Win32.WinVNC-based.c.
53: C:\Q.0XE => Trojan.Win32.Dialer.ks
54: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026628.0xe => Trojan-Proxy.Win32.Wopla.ac
55: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP91\A0026630.0xe => Trojan-Proxy.Win32.Wopla.ac
56: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028708.0xe => Trojan.Win32.Zapchast.ca
57: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028709.0xe => Trojan.Win32.Zapchast.ca
58: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028710.0xe => Trojan.Win32.Zapchast.ca
59: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028711.0xe => Trojan.Win32.Zapchast.ca
60: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028712.0xe => Trojan.Win32.Zapchast.ca
61: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028713.0xe => Trojan.Win32.Zapchast.ca
62: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028714.0xe => Trojan.Win32.Zapchast.ca
63: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028715.0xe => Trojan.Win32.Zapchast.ca
64: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028716.0xe => Trojan-Proxy.Win32.Wopla.ac
65: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028717.0xe => Trojan.Win32.Zapchast.ca
66: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028718.0xe => Trojan.Win32.Zapchast.ca
67: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028719.0xe => Trojan.Win32.Zapchast.ca
68: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028720.0xe => Trojan.Win32.Zapchast.ca
69: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028721.0xe => Trojan.Win32.Zapchast.ca
70: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028722.0xe => Trojan.Win32.Zapchast.ca
71: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028723.0xe => Trojan.Win32.Zapchast.ca
72: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028724.0xe => Trojan.Win32.Zapchast.ca
73: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028725.0xe => Trojan.Win32.Zapchast.ca
74: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028726.0xe => Trojan.Win32.Zapchast.ca
75: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028727.0xe => Trojan.Win32.Zapchast.ca
76: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028728.0xe => Trojan.Win32.Zapchast.ca
77: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028729.0xe => Trojan.Win32.Zapchast.ca
78: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP92\A0028730.0xe => Trojan.Win32.Zapchast.ca
79: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029760.0xe => Trojan.Win32.Zapchast.ca
80: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029761.0xe => Trojan.Win32.Zapchast.ca
81: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029762.0xe => Trojan.Win32.Zapchast.ca
82: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP93\A0029763.0xe => Trojan-Proxy.Win32.Wopla.ac
83: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029772.0xe => Trojan.Win32.Zapchast.ca
84: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029773.0xe => Trojan.Win32.Zapchast.ca
85: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029774.0xe => Trojan.Win32.Zapchast.ca
86: C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP94\A0029775.0xe => Trojan.Win32.Zapchast.ca
--------------------------------------------------
-------------------- Statistik -------------------
--------------------------------------------------Lataa http://koti.mbnet.fi/pattaya1/lataus/hijackthis_self.exe
asenna
naputtele numerojärjestyksessä
1.Unzip
2.OK
3.Close
Paina nappia Do a system scan and save a logfile
Laita ponnahtava muistio tänne ( Hjt-loki )
ÄLÄ FIXSAA mitään rivejä etukäteen vaikka kuinka tekisi mieli. Odota vastauksia!! - eij
FixFix kirjoitti:
Lataa http://koti.mbnet.fi/pattaya1/lataus/hijackthis_self.exe
asenna
naputtele numerojärjestyksessä
1.Unzip
2.OK
3.Close
Paina nappia Do a system scan and save a logfile
Laita ponnahtava muistio tänne ( Hjt-loki )
ÄLÄ FIXSAA mitään rivejä etukäteen vaikka kuinka tekisi mieli. Odota vastauksia!!Niin, mitähän pitäisi näille tehdä??
Logfile of HijackThis v1.99.1
Scan saved at 19:24:23, on 18.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing) - Fix,,Fix
eij kirjoitti:
Niin, mitähän pitäisi näille tehdä??
Logfile of HijackThis v1.99.1
Scan saved at 19:24:23, on 18.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: localhost 127.0.0.1
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing)Lataa fixwareout.exe täältä > http://downloads.subratam.org/Fixwareout.exe
tai täältä >
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
ja tallenna se työpöydälle. Tuplaklikkaa sitä ja seuraa ohjeita. Klikkaa Next, sitten Install ja varmistu, että "Run fixit" on valittu. Sinun pitää käynnistää kone uudelleen, kun niin käsketään.
Lähetä uusi HjT-loki ja c:\fixwareout\report.txt sisältö
scannaa hjt:llä merkkaa ja paina Fix checked
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
käynnistä > suorita > kirjoita luukkuun services.msc ja paina ok
etsi tämmä servise
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
tuplalikkaa sitä paina seis ja alasvetovalikosta ei käytössä > käytä ja ok - eij
Fix,,Fix kirjoitti:
Lataa fixwareout.exe täältä > http://downloads.subratam.org/Fixwareout.exe
tai täältä >
http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
ja tallenna se työpöydälle. Tuplaklikkaa sitä ja seuraa ohjeita. Klikkaa Next, sitten Install ja varmistu, että "Run fixit" on valittu. Sinun pitää käynnistää kone uudelleen, kun niin käsketään.
Lähetä uusi HjT-loki ja c:\fixwareout\report.txt sisältö
scannaa hjt:llä merkkaa ja paina Fix checked
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
käynnistä > suorita > kirjoita luukkuun services.msc ja paina ok
etsi tämmä servise
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
tuplalikkaa sitä paina seis ja alasvetovalikosta ei käytössä > käytä ja okTein ohjeesi mukan, mutta "023 Service..." kaksoisklikkauksella ei tullut kuin ruksi ruutuun..
Tässä kuitenkin logit..
Logfile of HijackThis v1.99.1
Scan saved at 16:54:07, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing)
ja..Fixwareout ver 1.003
Last edited 8/11/2006
Post this report in the forums please
Reg Entries that were deleted
...
Random Runs removed from HKLM
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSCFZ.EXE 51 778 2006-10-12
C:\WINDOWS\SYSTEM32\DMMMT.EXE 60 987 2004-09-15
Other suspects.
Directory of C:\WINDOWS\system32
{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool. - FixFix
eij kirjoitti:
Tein ohjeesi mukan, mutta "023 Service..." kaksoisklikkauksella ei tullut kuin ruksi ruutuun..
Tässä kuitenkin logit..
Logfile of HijackThis v1.99.1
Scan saved at 16:54:07, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing)
ja..Fixwareout ver 1.003
Last edited 8/11/2006
Post this report in the forums please
Reg Entries that were deleted
...
Random Runs removed from HKLM
...
PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.
»»»»» Searching by size/names...
»»»»»
Search five digit cs, dm and jb files.
This WILL/CAN also list Legit Files, Submit them at Virustotal
C:\WINDOWS\SYSTEM32\CSCFZ.EXE 51 778 2006-10-12
C:\WINDOWS\SYSTEM32\DMMMT.EXE 60 987 2004-09-15
Other suspects.
Directory of C:\WINDOWS\system32
{E2F0E657-A3C7-49D1-9462-45553C48D3BB}.exe
»»»»» Misc files.
»»»»» Checking for older varients covered by the Rem3 tool.scannaa hjt:llä merkkaa paina fix checked
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
Poista kaikki javat lisää poista sovellutuksesta
Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Lataa tuolta uusi java
http://java.sun.com/javase/downloads/index.jsp
Java Runtime Environment (JRE) 5.0 Update 9
laita uusi hjt-loki - eij
FixFix kirjoitti:
scannaa hjt:llä merkkaa paina fix checked
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O17 - HKLM\System\CCS\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{5B1A4B62-A83C-4409-8D39-8C5E5AC06123}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{89A2FDF7-92B4-4350-8BCC-8312E54274C1}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{E1B2D3EB-CC29-4A93-A9AF-408FC6848021}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\..\{EBFF7373-ED71-4192-8134-A2A3C1AABF48}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS1\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
O17 - HKLM\System\CS2\Services\Tcpip\..\{59A401B3-C718-4DF9-BF48-672362E9BED0}: NameServer = 85.255.113.107,85.255.112.121
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.113.107 85.255.112.121
Poista kaikki javat lisää poista sovellutuksesta
Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Lataa tuolta uusi java
http://java.sun.com/javase/downloads/index.jsp
Java Runtime Environment (JRE) 5.0 Update 9
laita uusi hjt-lokiOlen noudattanut ohjeita. Olen hävittänyt javat.
Asennan uuden kun ehdin.
Tässä loki:
Logfile of HijackThis v1.99.1
Scan saved at 20:32:05, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing) - FixFix
eij kirjoitti:
Olen noudattanut ohjeita. Olen hävittänyt javat.
Asennan uuden kun ehdin.
Tässä loki:
Logfile of HijackThis v1.99.1
Scan saved at 20:32:05, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing)scannaa hjt:llä merkkaa paina Fix checked
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
käynnistä > suorita > kirjoita alla olevat ja paina enter
sc stop "Network Monitor"
sc delete "Network Monitor"
mene vikasietotilaan poista kansio
C:\Program Files\---> Network Monitor - FixFix
eij kirjoitti:
Olen noudattanut ohjeita. Olen hävittänyt javat.
Asennan uuden kun ehdin.
Tässä loki:
Logfile of HijackThis v1.99.1
Scan saved at 20:32:05, on 19.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\MSSQL7\binn\sqlservr.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Belkin\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing)C:\WINDOWS\SYSTEM32\>>>> instcat.dll
- eij
FixFix kirjoitti:
scannaa hjt:llä merkkaa paina Fix checked
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
käynnistä > suorita > kirjoita alla olevat ja paina enter
sc stop "Network Monitor"
sc delete "Network Monitor"
mene vikasietotilaan poista kansio
C:\Program Files\---> Network MonitorOheisena tämän loki!
"Network Monitor"kansiota ei ole!
Logfile of HijackThis v1.99.1
Scan saved at 8:10:32, on 20.10.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\windows\system\hpsysdrv.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopIndex.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopDisplay.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopCrawl.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\MSSQL7\Binn\sqlmangr.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
C:\Program Files\WinZip\WZQKPICK.EXE
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe
C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Tietoturvapalvelu\Common\FSMB32.EXE
C:\MSSQL7\binn\sqlservr.exe
C:\Program Files\Tietoturvapalvelu\Common\FCH32.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchFilter.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\PROGRA~1\TIETOT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Google\Google Desktop Search\GoogleDesktopOE.exe
C:\HJT\Scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=FI_FI&c=Q404&bd=pavilion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [SoneraAgent] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\FirstStart.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [OM_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master\Monitor.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
O4 - Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Service Manager.lnk = C:\MSSQL7\Binn\sqlmangr.exe
O4 - Global Startup: Tietoturvapalvelu.lnk = C:\Program Files\Tietoturvapalvelu\backweb\227364\Program\fspex.exe
O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?bb51fa4a63c74ee69ffcd1767f4cc740
O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Belkin\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: instcat - C:\WINDOWS\SYSTEM32\instcat.dll
O23 - Service: Tietoturvapalvelu (BackWeb Client - 227364) - BackWeb Technologies Inc. - C:\PROGRA~1\TIETOT~1\backweb\227364\Program\SERVIC~1.EXE
O23 - Service: Bluetooth Service (btwdins) - WIDCOMM, Inc. - C:\Program Files\Belkin\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Tietoturvapalvelu\backweb\227364\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: IrBridge User-Level Interface (USRBRIDG) - Unknown owner - C:\WINDOWS\system32\usrbridg.exe (file missing) - eij
FixFix kirjoitti:
C:\WINDOWS\SYSTEM32\>>>> instcat.dll
Tällainen tulos...
STATUS: SCANNINGFile "instcat.dll" received on 10.20.2006 at 07:32:31 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.
Antivirus Version Update Result
AntiVir 7.2.0.31 10.20.2006 HEUR/Malware
Authentium 4.93.8 10.20.2006 no virus found
Aditional Information - Poistelen vain
eij kirjoitti:
Tällainen tulos...
STATUS: SCANNINGFile "instcat.dll" received on 10.20.2006 at 07:32:31 (CET) is being scanned by VirusTotal in this moment. Results will be shown as they're generated.
Antivirus Version Update Result
AntiVir 7.2.0.31 10.20.2006 HEUR/Malware
Authentium 4.93.8 10.20.2006 no virus found
Aditional InformationLataa Killbox http://www.killbox.net/downloads/KillBox.exe
Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.
• Tallenna työpöydällesi.
• Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
• Valitse:
o Delete on Reboot
o sitten klikkaa All Files valintaa.
• Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):
C:\WINDOWS\SYSTEM32\instcat.dll
• Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.
• Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee. - eij
Poistelen vain kirjoitti:
Lataa Killbox http://www.killbox.net/downloads/KillBox.exe
Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.
• Tallenna työpöydällesi.
• Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
• Valitse:
o Delete on Reboot
o sitten klikkaa All Files valintaa.
• Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):
C:\WINDOWS\SYSTEM32\instcat.dll
• Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.
• Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee.Kun kopioin instcatin, se ei tule esiin "Full path.." ikkunaan...(se kyllä on leikepöydällä)
Pitäkö siihen kirjoittaa koko polku "C:\Win.."
jne ??? - Poistelen vain
eij kirjoitti:
Kun kopioin instcatin, se ei tule esiin "Full path.." ikkunaan...(se kyllä on leikepöydällä)
Pitäkö siihen kirjoittaa koko polku "C:\Win.."
jne ???rivi siihen
C:\WINDOWS\SYSTEM32\instcat.dll
- eij
Nyt kone pelaa ihan hyvin, mutta jäikö jokin kesken??
Vieläkään kone ei sammu Win-käskystä vaan väkisin.
Koneeni on HP-Pavillon749.fi ja sen oma korjausohjelma tarjoaa jotain.
Mitä tekisin??- Poistelen vain
oma korjausohjelma niin kokeile katso mitä tekee.
Ketjusta on poistettu 0 sääntöjenvastaista viestiä.
Luetuimmat keskustelut
- 773174
- 492400
- 322107
Sinkkujen kommentti järkyttävään raiskaukseen
Mikä on kommenttisi tähän järkyttävään raiskaukseen? https://www.is.fi/uutiset/art-2000011204617.html Malmin kohuttu sa4812102- 1371879
- 311745
Ryöstö hyrynsalmella!
Ketkä ryösti kultasepänliikkeen hyryllä!? 😮 https://yle.fi/a/74-20159313291701Sukuvikaako ?
Jälleen löytyi vastuulliseen liikennekäyttäytymiseen kasvatettu iisalmelainen nuori mies: Nuori mies kuollut liikenne91546Joskus mietin
miten pienestä se olisi ollut kiinni, että et koskaan olisi tullut käymään elämässäni. Jos jokin asia olisi mennyt toisi51260Hyvää yötä
Söpöstelen kaivattuni kanssa haaveissani. Halaan tyynyä ja leikin että hän on tässä ihan kiinni. *olet ajatuksissani61234