|
Troijalainen ja pop upit.
|
|
|
ArtturiX
Member
|
10. huhtikuuta 2006 @ 11:39 |
Linkki tähän viestiin
|
|
Elikkäs nyt ois ongelmana tällänen juttu että kaatu toi nortoni yks päivä ku en ollu himassa niin siinä ajassa minkä toi oli nurin niin tuli kaks troijalaista ja iso kasa muuta haittaohjelmaa. Pistin norttonin sit kuntoo ja sain poistettua suurimman osan roskasta mm. kaikki virukset. Nyt vaivaa nää pop up ikkunat joita satelee jatkuvasti heti kun heittää verkkojohdon kiinni koneeseen. Käytän Mozillaa mutta se ei niitä pop up ikkunoita estä vaikka esto onkin päällä. Millä konstilla mä saisin loppumaan noi pop upit?
Kerro Minulle.
|
AfterDawn Addict
|
10. huhtikuuta 2006 @ 11:40 |
Linkki tähän viestiin
|
|
|
|
shelby
Member
|
10. huhtikuuta 2006 @ 11:58 |
Linkki tähän viestiin
|
|
Heitän tässä väliin, kun sulla FF, niin NoScript ja Adblock laajennokset autta noihin. Niin, jos sulla ei ole niitä jo.
Työkalut=> laajennukset=> hae laajennuksia.
Mustang is best!!!
|
AfterDawn Addict
|
10. huhtikuuta 2006 @ 12:07 |
Linkki tähän viestiin
|
|
No varsinaisesti adblock ei kyllä auta, koska nuo eivät ole mitään ns. "tavallisia" popuppeja, vaan haittaohjelman aiheuttamia. Noscript voi estää haittaohjelmien tarttumisen Javaskriptistä.
|
|
ArtturiX
Member
|
10. huhtikuuta 2006 @ 14:41 |
Linkki tähän viestiin
|
Elikkäs tällänen tuli:
Logfile of HijackThis v1.99.1
Scan saved at 18:38:59, on 10.4.2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\dllhosts.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\MediaKey\MMKeybd.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\windows\mousepad9.exe
C:\WINNT\system32\LVComS.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\rundll32.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.superwebsearch.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - Default URLSearchHook is missing
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int102647.exe -auto
O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard9.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad9.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname9.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1854008.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/09c91d9dc35b302d1e05/netzip/RdxIE601.cab
O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSha...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.werro.ee/activex/AxisCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/2.0.0.33/player.virtools.com/...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: ModuleUsage - C:\WINNT\system32\gp2ol3f31.dll
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: windows dll (dll host) - Unknown owner - C:\WINNT\dllhosts.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe (file missing)
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: F-Secure Network Request Broker - Unknown owner - C:\Program Files\F-Secure\Common\FNRB32.EXE (file missing)
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\F-Secure\Common\FSAA.EXE (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\F-Secure\Common\FSMA32.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RadClock - Unknown owner - C:\WINNT\system32\RadClock.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Kerro Minulle.
|
AfterDawn Addict
|
10. huhtikuuta 2006 @ 15:39 |
Linkki tähän viestiin
|
Vähän enemmänkin vikaa täällä :)
Ohjeesta tulee pitkä, joten suosittelen tämän tulostamista
Hae ja päivitä ewido, ÄLÄ skannaa vielä ->
http://keskustelu.afterdawn.com/thread_view.cfm/269186
Lataa tuosta Look2Me-Destroyer.exe -> http://www.atribune.org/ccount/click.php?id=7 työpöydällesi.
TÄRKEÄÄ: Ennen fixin jatkamista, sinun täytyy tehdä seuraavat:
[*] Tulosta tämä, tai tallenna tekstitiedostona sopivaan sijaintiin.
[*] Klikkaa käynnistä -> Suorita ja kirjoita: services.msc
[*] Klikkaa OK.
[*] Tarkista että tämä palvelu on käynnissä tai sen käynnistymistapa on automaattinen:
[*]Toissijainen kirjautuminen
[*] Seuraavaksi tietokoneesi on oltava offlinessa, vedä nettipiuha seinästä jos tarpeen.
[*] Virustorjuntasi, ja kaikkien muiden turvaohjelmistojen TÄYTYY olla suljettuja.
Jatka fixiä:
[*]Sulje ikkunat jatkaaksesi.
[*]Tupla-klikkaa Look2Me-Destroyer.exe filua ajaaksesi sen.
[*]Rastita Run this program as a task.
[*]Saat viestin joka sanoo "Look2Me-Destroyer will close and re-open in approximately 1 minute". Klikkaa OK
[*]Kun se avautuu uudestaan, klikkaa Scan for L2M valintaa, pikakuvakkeesi katoavat; tämä on normaalia.
[*]Kun skannaus on valmis, klikkaa Remove L2M.
[*]Saat Done Scanning viestin, klikkaa OK.
[*]Kun valmis, saat tämän viestin: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, klikkaa OK.
[*]Koneesi sammuu.
[*]Käynnistä se uudelleen.
[*]Postita C:\Look2Me-Destroyer.txt lokin sisältö seuraavaan viestiisi.
Jos Look2Me-Destroyer ei aukea automaattisesi, käynnistä tietokoneesi uudestaan ja koita uudelleen.
Poista ohjauspaneelista (lisää/poista sovellus, jos on):
Network Monitor
websx
P2P Networking
Lataa tuosta brute force uninstaller työpöydällesi http://www.merijn.org/files/bfu.zip työpöydällesi.
[*]Oikea-klikkaa BFU zippiä työpöydälläsi, ja valitse Pura kaikki.
[*]Klikkaa "Seuraava"
[*]Boksissa missä valita mihin haluat tiedostot purkaa,
[*]Klikkaa "Selaa"
[*]Klikkaa + merkkiä oman tietokoneen vieressä
[*]Klikkaa "Paikallinen Levy (C:)" tai mikä sinun tärkein levysi onkin
[*]Klikkaa "Tee uusi kansio"
[*]Kirjoita BFU
[*]Klikkaa "Seuraava", ja ÄLÄ rastita boksia "Näytä puretut tiedostot" ja klikkaa "Valmis".
Oikea-klikkaa tästä -> http://metallica.geekstogo.com/alcanshorty.bfu ja valitse "Save As" (Explorerissa "Save Target As") ladataksesi Alcra PLUS Poistajan.
Tallenna se samaan kansioon jonka teit aiemmin (c:\BFU).
Älä tee mitään tällä vielä!
Käynnistä koneesi vikasietotilaan naputtamalla F8 näppäintä käynnistyksen yhteydessä.
Klikkaa Käynnistä > Oma tietokone ja navigoi C:\BFU kansioon.
[*] Käynnistä Brute Force Uninstaller tupla-klikkaamalla BFU.exe
[*] Scriptline to execute kentässä kirjoita tai liitä c:\bfu\alcanshorty.bfu
[*] Klikkaa E]xecute ja anna sen tehdä työnsä. (Sinun pitäisi nähdä edistyspalkki jos teit tämän oikein.)
[*]Odota Complete script execution boksia ja klikkaa OK.
[*]Klikkaa exit lopettaaksesi Brute Force Uninstallerin.
Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked):
R3 - Default URLSearchHook is missing
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int102647.exe -auto
O4 - HKLM\..\Run: [P2P Networking] C:\WINNT\system32\P2P Networking\P2P Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [keyboard] C:\windows\keyboard9.exe
O4 - HKLM\..\Run: [mousepad] C:\windows\mousepad9.exe
O4 - HKLM\..\Run: [newname] C:\windows\newname9.exe
O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1854008.cab
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/09c91d9dc35b302d1e05/netzip/RdxIE601.cab
O23 - Service: windows dll (dll host) - Unknown owner - C:\WINNT\dllhosts.exe
O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe (file missing)
Sitten käynnistä -> suorita -> services.msc -> ok
Etsi listalta
windows dll
Network Monitor
Tuplaklikkaa niitä, paina seis ja valitse käynnistymistavaksi ei käytössä.
Avaa HjT -> open misc tools -> delete nt service
Syötä (yksi kerrallaan)
windows dll
Network Monitor
ja klikkaa ok
Poista jos löytyy:
C:\Program Files\websx
C:\WINNT\system32\P2P Networking
C:\windows\keyboard9.exe
C:\windows\mousepad9.exe
C:\windows\newname9.exe
C:\WINNT\dllhosts.exe
C:\Program Files\Network Monitor
Skannaa ewidolla, anna poistaa mitä löytää ja tallenna raportti
Käynnistä normaalisti uudelleen, postita tuore HijackThis logi, ewidon raportti ja C:\Look2Me-Destroyer.txtlokin sisältö.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 10. huhtikuuta 2006 @ 15:41
|
|
ArtturiX
Member
|
10. huhtikuuta 2006 @ 19:50 |
Linkki tähän viestiin
|
Nyt on kaikki noi jutut tehty.
Tällästä tuli:
Look2Me-Destroyer V1.0.12
Scanning for infected files.....
Scan started at 10.4.2006 21:15:15
Infected! C:\WINNT\system32\gp2ol3f31.dll
Infected! C:\WINNT\system32\gp2ol3f31.dll
Infected! C:\WINNT\system32\h22o0cf3ef2.dll
Infected! C:\WINNT\system32\hmsetup.dll
Infected! C:\WINNT\system32\guard.tmp
Attempting to delete infected files...
Attempting to delete: C:\WINNT\system32\gp2ol3f31.dll
C:\WINNT\system32\gp2ol3f31.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\gp2ol3f31.dll
C:\WINNT\system32\gp2ol3f31.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\h22o0cf3ef2.dll
C:\WINNT\system32\h22o0cf3ef2.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\hmsetup.dll
C:\WINNT\system32\hmsetup.dll Deleted successfully!
Attempting to delete: C:\WINNT\system32\guard.tmp
C:\WINNT\system32\guard.tmp Deleted successfully!
Making registry repairs.
Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ModuleUsage
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{499BFF18-3C38-423F-B039-47D64277D151}"
HKCR\Clsid\{499BFF18-3C38-423F-B039-47D64277D151}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{A8F4225D-035C-4F75-B87D-26FAE521FBFF}"
HKCR\Clsid\{A8F4225D-035C-4F75-B87D-26FAE521FBFF}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{AD840DEF-8CC1-4F8D-A6A2-9030B23ABCA3}"
HKCR\Clsid\{AD840DEF-8CC1-4F8D-A6A2-9030B23ABCA3}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{B83C87DD-FEAA-4839-B4B7-CC7519C2666A}"
HKCR\Clsid\{B83C87DD-FEAA-4839-B4B7-CC7519C2666A}
Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{6A0845A6-E60D-4E7C-B156-1F97B889FCAF}"
HKCR\Clsid\{6A0845A6-E60D-4E7C-B156-1F97B889FCAF}
Restoring Windows certificates.
Replaced hosts file with default windows hosts file
Restoring SeDebugPrivilege for Järjestelmänvalvojat - Succeeded
---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------
+ Created on: 23:37:25, 10.4.2006
+ Report-Checksum: A5D8313A
+ Scan result:
HKLM\SOFTWARE\Microsoft\Internet Explorer\Main\ins -> Adware.WebRebates : Cleaned with backup
HKU\S-1-5-21-789336058-706699826-1343024091-1000\Software\Premium Web Service -> Dialer.Generic : Cleaned with backup
HKU\S-1-5-21-789336058-706699826-1343024091-1000\Software\Premium Web Service\Content Browser -> Dialer.Generic : Cleaned with backup
HKU\S-1-5-21-789336058-706699826-1343024091-1000\Software\Premium Web Service\Content Browser\Settings -> Dialer.Generic : Cleaned with backup
:mozilla.23:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.24:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.32:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.33:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.34:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.35:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.48:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.49:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.50:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.51:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.52:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.53:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.54:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.66:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.67:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.68:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.76:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.81:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.82:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.83:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.84:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.85:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.86:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.87:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.88:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.95:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.97:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.98:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Centrport : Cleaned with backup
:mozilla.99:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.129:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.130:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.131:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.132:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.133:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.136:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.137:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.138:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.142:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.143:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.144:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.145:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.146:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.147:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.148:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.149:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.150:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.151:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.152:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.158:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Oewabox : Cleaned with backup
:mozilla.173:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.174:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned with backup
:mozilla.198:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.199:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.200:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.201:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.213:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.214:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.219:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.220:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.224:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.226:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.227:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.232:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.233:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.234:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Weborama : Cleaned with backup
:mozilla.249:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.250:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.251:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.252:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.253:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.264:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.265:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.266:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.267:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.274:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.278:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.293:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.294:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
:mozilla.297:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.312:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.314:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.315:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.316:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.332:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned with backup
:mozilla.348:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.349:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.350:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.367:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.373:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.375:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.376:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.377:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.378:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned with backup
:mozilla.385:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.386:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.407:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup
:mozilla.412:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.415:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.416:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.417:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.418:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.419:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.420:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.421:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.422:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.423:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.424:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.425:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.446:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.488:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.489:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.490:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.539:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.540:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.541:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
:mozilla.551:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Goldenpalace : Cleaned with backup
:mozilla.566:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Euniverseads : Cleaned with backup
:mozilla.567:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Ad-logics : Cleaned with backup
:mozilla.586:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned with backup
:mozilla.594:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.595:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.629:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.631:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.632:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.634:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.635:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.636:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Comclick : Cleaned with backup
:mozilla.638:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.639:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.640:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.666:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.667:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.671:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.672:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.673:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.674:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.675:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.678:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
:mozilla.682:C:\Documents and Settings\x\Application Data\Mozilla\Firefox\Profiles\plejz1qh.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned with backup
C:\Documents and Settings\x\Cookies\x@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup
C:\Documents and Settings\x\Cookies\x@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\x\Cookies\x@efashionsolutions.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\x\Cookies\x@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.8:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.10:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.11:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.12:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.13:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.14:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.15:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.16:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.18:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.19:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.20:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.21:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.22:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.23:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.24:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.25:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.26:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned with backup
:mozilla.35:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.37:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.39:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.40:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.83:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.88:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.89:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.90:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.91:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.94:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.110:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.111:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.112:C:\Documents and Settings\x\Omat tiedostot\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
C:\WINNT\Downloaded Program Files\gsda.dll -> Not-A-Virus.Downloader.Win32.SpyGame : Cleaned with backup
C:\WINNT\icont.exe -> Adware.AdURL : Cleaned with backup
C:\WINNT\NDNuninstall6_30.exe -> Adware.NewDotNet : Cleaned with backup
::Report End
Logfile of HijackThis v1.99.1
Scan saved at 23:41:09, on 10.4.2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\MediaKey\MMKeybd.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.superwebsearch.com/ie/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSha...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.werro.ee/activex/AxisCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/2.0.0.33/player.virtools.com/...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe (file missing)
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: F-Secure Network Request Broker - Unknown owner - C:\Program Files\F-Secure\Common\FNRB32.EXE (file missing)
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\F-Secure\Common\FSAA.EXE (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\F-Secure\Common\FSMA32.EXE (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RadClock - Unknown owner - C:\WINNT\system32\RadClock.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Kannattaako mun säästää noi ohjelmat mitä mä latasin ni mahdollista myöhempää käyttöä varten? Ja näyttääkö nyt koneen asiat paremmilta? Pop uppeja ei ainakaa tähän mennessä ole tullut.
Kerro Minulle.
|
AfterDawn Addict
|
11. huhtikuuta 2006 @ 04:32 |
Linkki tähän viestiin
|
Loki on lähes ok
Säästä se ewido, l2mdestroyerin ja bfu:n voit poistaa.
Fixaa vielä tämä:
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = http://www.superwebsearch.com/ie/
Ja jos F-secure ja Kerio on poistettu koneelta, niin fixaa myös nämä:
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE (file missing)
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe (file missing)
O23 - Service: F-Secure Gatekeeper Handler Starter - Unknown owner - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe (file missing)
O23 - Service: F-Secure Network Request Broker - Unknown owner - C:\Program Files\F-Secure\Common\FNRB32.EXE (file missing)
O23 - Service: F-Secure Authentication Agent (FSAA) - Unknown owner - C:\Program Files\F-Secure\Common\FSAA.EXE (file missing)
O23 - Service: F-Secure Management Agent (FSMA) - Unknown owner - C:\Program Files\F-Secure\Common\FSMA32.EXE (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Unknown owner - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe (file missing)
Sitten käynnistä -> suorita -> services.msc -> ok
Etsi listalta:
F-Secure BackWeb
F-Secure BackWeb LAN Access
F-Secure Gatekeeper Handler Starter
F-Secure Network Request Broker
F-Secure Authentication Agent
F-Secure Management Agent
Kerio Personal Firewall 4
Tuplaklikkaa niitä, paina seis ja valitse käynnistymistavaksi ei käytössä.
Poista:
C:\Program Files\F-Secure
C:\Program Files\Kerio
Käynnistä uudelleen ja lähetä uusi HjT-loki.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. huhtikuuta 2006 @ 04:32
|
|
ArtturiX
Member
|
11. huhtikuuta 2006 @ 11:20 |
Linkki tähän viestiin
|
Nonni nyt on neki poistettu ja fixattu.
Logfile of HijackThis v1.99.1
Scan saved at 15:14:28, on 11.4.2006
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\Ati2evxx.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\system32\svchost.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINNT\system32\hidserv.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\system32\stisvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\mspmspsv.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\Ati2evxx.exe
C:\WINNT\Explorer.EXE
C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
C:\WINNT\system32\LVComS.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\MediaKey\MMKeybd.EXE
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mtv3.fi/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\MediaKey\MMKeybd.EXE
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Shorten URL - http://www.cjb.net/menuext.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://spaces.msn.com//PhotoUpload/MsnPUpld.cab
O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSha...
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://webcam.werro.ee/activex/AxisCamControl.ocx
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/2.0.0.33/player.virtools.com/...
O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} - http://ax.phobos.apple.com.edgesuite.net/detection/ITDetector.cab
O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINNT\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINNT\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
O23 - Service: MSCSPTISRV - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: PACSPTISVR - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 - Service: RadClock - Unknown owner - C:\WINNT\system32\RadClock.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
Toimiiko tu ewido samalla periaatteella kuin ad aware?
Ja vielä TUHANNET KIITOKSET AVUSTA!!!!
Kerro Minulle.
|
|
Mainos
|
|
|
AfterDawn Addict
|
11. huhtikuuta 2006 @ 11:34 |
Linkki tähän viestiin
|
|
Loki on puhdas. Toimii samalla periaatteella, mutta on parempi ohjelma.
Ole hyvä vaan :)
|
