|
hjt jos joku jaksas kattoo... sattu iskee pöpö (uudet ewido ja hjt loki )
|
|
|
J77
Member
|
28. maaliskuuta 2006 @ 15:11 |
Linkki tähän viestiin
|
Logfile of HijackThis v1.99.1
Scan saved at 20:07:58, on 28.3.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [libmm] rundll32.exe C:\WINDOWS\System32\libmm.dll,start
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [zrmon] rundll32.exe C:\WINDOWS\System32\zrmon.dll,start
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
O23 - Service: NtDIC(ntdic) (NtDIC) - Unknown owner - C:\WINDOWS\system32\icntrl.exe (file missing)
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
|
|
kairis
Member
|
28. maaliskuuta 2006 @ 16:08 |
Linkki tähän viestiin
|
Sulje selaimet ja muut ohjelmat ja käynnistä Hijackthis, do a system scan and save a log file
Merkkaa seuraavat rivit:-->
O4 - HKLM\..\Run: [zrmon] rundll32.exe C:\WINDOWS\System32\zrmon.dll,start
O4 - HKLM\..\Run: [libmm] rundll32.exe C:\WINDOWS\System32\libmm.dll,start
O23 - Service: Win32Sr - Unknown owner - C:\WINDOWS\win32ssr.exe (file missing)
paina: fix checked!
Sitten käynnistä -> suorita -> services.msc ->ok
Etsi listalta Win32Sr, tuplaklikkaa, paina seis ja valitse käynnistymistavaksi "ei käytössä".
Sama temppu: NtDIC(ntdic) (NtDIC)
=>Avaa HjT -> open misc tools -> delete nt service
Syötä siihen NtDIC(ntdic) (NtDIC) sekä Win32Sr ja paina ok.
Laita piilotiedostot http://www.virustorjunta.net/modules.php?name=FAQ&myfaq=yes&id_ca...
Poista, jos löytyy:
( tarvittaessa vikasietotilassa )
libmm.dll
zrmon.dll
icntrl.exe
win32ssr.exe
(etsi Etsi-toiminnolla)
Kannattaa hakea
Ewido http://www.virustorjunta.net/modules.php?name=Forums&file=viewtop...
Päivitä ja scannaa Ewidolla
Complete system Scan" Eli ajat koko koneen läpi haittaohjelmien löytämiseksi.
Sitten kun hälyttää niin tee tämä.
Perform action -> Remove
ja laita ruksi kohtaan: Perform action with all infections
Näin se poistaa kaikki löydöt erikseen kysymättä.
Sitten kun Ewido on suorittanut skannauksen loppuun
Save report
ja lähetä Ewidon raportti tänne ja uusi hjt-loki, niin tutkaillaan.
Tarkasta C:\WINDOWS\system32\icntrl.exe-tiedosto Virustotalissa:
http://www.virustotal.com/flash/index_en.html
Anna siitäkin vastaus seuraavaan postaukseen.
~kairis~
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 28. maaliskuuta 2006 @ 16:08
|
|
J77
Member
|
28. maaliskuuta 2006 @ 17:33 |
Linkki tähän viestiin
|
|
kiitoksia sulle :) tuosta piilo kasioitten lähettämisestä en tajua tuon taivaallista mut alan ny hoitelee ton ewidon mut ku käynnistin uudellee ni ei aikaa f-secure valittanu mistää pöpöistä
|
|
J77
Member
|
28. maaliskuuta 2006 @ 19:19 |
Linkki tähän viestiin
|
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 0:10:54, 29.3.2006
+ Report-Checksum: 471432E7
+ Scan result:
:mozilla.6:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.11:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.12:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.13:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.17:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.20:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.76:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.89:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.90:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.107:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.108:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.109:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.110:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.111:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.113:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.114:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.115:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.128:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.129:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.130:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.131:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.133:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.135:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.136:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.137:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.141:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.142:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.143:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.144:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.145:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.146:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.147:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.148:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.149:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.150:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.151:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.152:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.153:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.154:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.155:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.156:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.157:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.158:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.159:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.160:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.161:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.162:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.163:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.164:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.165:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.166:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.167:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.168:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.169:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.170:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.171:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.172:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.173:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.179:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.180:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.181:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.184:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.214:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.215:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.231:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-1.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.7:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.11:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.12:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.13:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.14:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.15:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.28:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.29:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.30:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.32:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.33:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.37:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.41:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.42:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.43:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.44:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.46:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Clickbank : Cleaned with backup
:mozilla.49:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.116:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.133:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.134:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.135:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Valuead : Cleaned with backup
:mozilla.136:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.138:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.140:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.141:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.142:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.146:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.147:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.148:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.149:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.150:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.151:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.152:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.153:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.154:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.155:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.156:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.157:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.158:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.159:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.160:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.161:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.162:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.163:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.164:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.165:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.166:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.167:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.168:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.169:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.170:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.171:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.172:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Paypopup : Cleaned with backup
:mozilla.173:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.174:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.175:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.176:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.177:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.178:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.184:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.185:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Popuptraffic : Cleaned with backup
:mozilla.186:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.189:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.218:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.219:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.235:C:\Documents and Settings\dguiqfeq\Application Data\Mozilla\Firefox\Profiles\k96vmk6h.default\cookies-2.txt -> TrackingCookie.Mediaplex : Cleaned with backup
C:\WINDOWS\icont.exe -> Adware.AdURL : Cleaned with backup
C:\WINDOWS\system32\d4j00e1meh.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\enjul1191.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\i8240ifqe82e0.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\irr0l59m1.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\isfoctrs.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\j46m0ej1eho.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\kadhe.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\s0880aluedq80.dll -> Adware.Look2Me : Cleaned with backup
C:\WINDOWS\system32\t28u0cl9efq.dll -> Adware.Look2Me : Cleaned with backup
::Report End
------------------------------------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 0:16:06, on 29.3.2006
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe
C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
--------------------------------------------------------------------
Tarkasta C:\WINDOWS\system32\icntrl.exe-tiedosto Virustotalissa:
http://www.virustotal.com/flash/index_en.html
Anna siitäkin vastaus seuraavaan postaukseen. tuollasta tiedostoa löytyny eikä löytyny noita muitakaan mitä tuossa mainittit.
|
|
puuttis
Member
1 tuotearvio
|
29. maaliskuuta 2006 @ 00:09 |
Linkki tähän viestiin
|
|
en ymmärrä tosta logista muuta kuin että sulla on elisa tietoturva.minulla se ei toiminut laisinkaan,ei päivittynyt eikä löytänyt pöpöjä,joten heitin sen hus helvettiin ja otin avastin virustorjunnan ja ewidon ja ad-awaren haittaohjelmien poisto ohjelmat.koneella oli kaikenlaista mutta kun avastin otin ni ei tullut enään muuta.palomuuriasiat tietenkin pitää olla kunnossa myös,johan pelitti.toimiiko sinulla tietoturvapalvelu?
|
|
J77
Member
|
29. maaliskuuta 2006 @ 03:33 |
Linkki tähän viestiin
|
|
kyllähä tuo tahtoo aina välillä pätkiä ja oikutella mutta kyllä se pöpöt o aina ilmotellu ja poitellu
|
|
kairis
Member
|
29. maaliskuuta 2006 @ 04:15 |
Linkki tähän viestiin
|
|
Nyt näytti jo puhtaalta toi loki.
Teitkö tuon: käynnistä -> suorita -> services.msc ->ok
Etsi listalta Win32Sr, tuplaklikkaa, paina seis ja valitse käynnistymistavaksi "ei käytössä".
Sama temppu: NtDIC(ntdic) (NtDIC) ?
Ja teitkö tuon: Avaa HjT -> open misc tools -> delete nt service
Syötä siihen NtDIC(ntdic) (NtDIC) sekä Win32Sr ja paina ok.
Ei niitä kansioita/tiedostoja tarvitse lähettää minnekään ;-)
Piilotiedostot näkyviin ja vikasietotilassa etsit ne. Kun olet löytänyt, poistat ne ja tyhjennät roskakorin.
~kairis~
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 29. maaliskuuta 2006 @ 04:18
|
|
J77
Member
|
29. maaliskuuta 2006 @ 04:30 |
Linkki tähän viestiin
|
|
juu kyl tekasin noi kaikki mutta toi NtDIC(ntdic) (NtDIC) ei onnistunu tolla hjt:llä sano että tollasta ookkaa mut koittelen niitä vielä joskus nii toi piilotiedosto homma oli pelkkä luku virhe :D
|
|
kairis
Member
|
29. maaliskuuta 2006 @ 04:57 |
Linkki tähän viestiin
|
Nyt jos koneesi toimii normaalisti, suosittelen Windowsin päivitystä.
Windows ja Internet Explorer ovat vanhentuneet.
Mene Windows Updateen http://www.windowsupdate.microsoft.com/
Asenna kaikki tärkeät päivitykset koneeseesi!
~kairis~
|
|
J77
Member
|
29. maaliskuuta 2006 @ 08:11 |
Linkki tähän viestiin
|
|
toimii niin normaalisti ku voi ja eilen aamulla päivitin mahtaa olla jossai jatai häikkää senki suhtee sitte
|
|
kairis
Member
|
29. maaliskuuta 2006 @ 08:14 |
Linkki tähän viestiin
|
|
HJT logi kertoo, että sinulla ei ole SP2 asennettuna koneelle...
~kairis~
|
|
J77
Member
|
29. maaliskuuta 2006 @ 10:43 |
Linkki tähän viestiin
|
|
juu ei se mun piraatti xp:hen paljo halua alkaa asentelee mitää servise päkkejä ;)
|
|
J77
Member
|
31. maaliskuuta 2006 @ 05:55 |
Linkki tähän viestiin
|
nyt loppu HjT lokien lähettely tein viisaasti ja asensin linuxin ittelle perkele
|
|
Mainos
|
|
|
|
kairis
Member
|
31. maaliskuuta 2006 @ 15:12 |
Linkki tähän viestiin
|
|
Se oli viisas päätös. Onnittelut.
~kairis~
|
