AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
sunnuntai 9.11.2025 / 15:53
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > virus system memoryssä... backdoor.trojan tiedosto: winowl32.dll
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Virus system memoryssä... backdoor.trojan tiedosto: winowl32.dll
  Siirry:
 
Kirjoittaja Viesti
jami87
Junior Member
_ 		27. huhtikuuta 2006 @ 04:36 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Joo tarkastelin tuossa koneelta normaalisti virukset ja spyware doctor huomasi troijalaisen... poistettua kaikki roskat niin tohtori sanoi että kone täytyy käynnistää uudestaan koska yksi roska on poistettu system memorystä... noh boottauksen jälkeen tarkistus niin siellä se oli vieläki ja ei auttanu mitään... nyt olen töissä joten logeja en pysty antamaan tällä hetkellä... jos joku keksii vastauksen ongelmaan miten saa poies niin kiitos...
[ + lainaa]
blade81
Senior Member
_ 		27. huhtikuuta 2006 @ 04:55 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Laita lokia, kun pääset töistä. Katsotaan sitten.
[ + lainaa]
ASAP & UNITE member since 2006



jami87
Junior Member
_ 		27. huhtikuuta 2006 @ 13:48 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
tässä tämä logi... eli nyt tiedän troijalaisen nimenkin mikä kiusaa...


Logfile of HijackThis v1.99.1
Scan saved at 17:47:24, on 27.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\DAEMON Tools\daemon.exe
F:\ohjelmat\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\ohjelmat\NetLimiter\NetLimiter.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
F:\ohjelmat\Spyware Doctor\swdoctor.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
F:\ohjelmat\Spyware Doctor\sdhelp.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Ohjelmat\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] F:\ohjelmat\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NetLimiter] F:\ohjelmat\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "f:\pelit2\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "F:\Ohjelmat\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WB - F:\ohjelmat\AlienGUIse\fastload.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\ohjelmat\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
[ + lainaa]
blade81
Senior Member
_ 		27. huhtikuuta 2006 @ 13:56 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Käynnistä HjT, klikkaa do a system scan only, merkkaa:
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

Sulje muut ikkunat ja klikkaa fix checked.

Hae Ewido ja päivitä ohjeiden mukaan (http://keskustelu.afterdawn.com/thread_view.cfm/269186). Käynnistä vikasietotilaan ja tee full scan Ewidolla. Tallenna loki.

Käynnistä normaalitilaan ja lähetä uusi HjT-loki ja Ewidon loki.
[ + lainaa]
ASAP & UNITE member since 2006



jami87
Junior Member
_ 		27. huhtikuuta 2006 @ 15:23 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
No niin kaikki nuo tehty...

Logfile of HijackThis v1.99.1
Scan saved at 19:21:07, on 27.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\Program Files\DAEMON Tools\daemon.exe
F:\ohjelmat\Winamp\winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
F:\ohjelmat\NetLimiter\NetLimiter.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
F:\Ohjelmat\Spyware Doctor\swdoctor.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
F:\ohjelmat\ewido anti-malware\ewidoctrl.exe
C:\Program Files\Icecast2 Win32\icecastService.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
F:\ohjelmat\Spyware Doctor\sdhelp.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\hjt\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Ohjelmat\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [WinampAgent] F:\ohjelmat\Winamp\winampa.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
O4 - HKLM\..\Run: [NetLimiter] F:\ohjelmat\NetLimiter\NetLimiter.exe /s
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Steam] "f:\pelit2\valve\steam\steam.exe" -silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "F:\Ohjelmat\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - Winlogon Notify: WB - F:\ohjelmat\AlienGUIse\fastload.dll
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: ewido security suite control - ewido networks - F:\ohjelmat\ewido anti-malware\ewidoctrl.exe
O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\ohjelmat\Spyware Doctor\sdhelp.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe





ja tässä on sitten tämä ewido logi

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 19:15:05, 27.4.2006
+ Report-Checksum: 627184C2

+ Scan result:

[260] C:\WINDOWS\system32\winowl32.dll -> Trojan.Agent.qt : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.24:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.25:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.26:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.27:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.29:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.33:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.34:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.58:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.67:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.68:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.73:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.163:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.172:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.191:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.211:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.216:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.217:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
:mozilla.287:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Etracker : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.316:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.319:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
:mozilla.355:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.364:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.365:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.366:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.369:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.370:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.371:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.372:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.373:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.374:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.375:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.379:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.380:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.381:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.382:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.383:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.384:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.392:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.393:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.394:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.422:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.423:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.424:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.429:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.437:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.445:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.454:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.474:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.520:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.530:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.531:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.545:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.546:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.577:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.578:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.579:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.580:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.596:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.650:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.651:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.653:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.658:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.659:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.669:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.671:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.691:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.692:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.693:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.694:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.695:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.696:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.697:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.698:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.699:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.700:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.709:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.710:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.713:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.719:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.734:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.735:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.759:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.767:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.774:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.775:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.807:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.808:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.809:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.821:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
:mozilla.823:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.843:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
:mozilla.857:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.863:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.874:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.877:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.878:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.879:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.880:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.881:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.889:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.894:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.905:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Räsänen\Cookies\räsänen@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temp\Cookies\räsänen@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temp\winB7.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temp\winC3.tmp.exe -> Downloader.IstBar.eq : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\4DIL4WKV\YazzleActiveX[1].cab/YazzleActiveX.ocx -> Adware.MediaTickets : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\782Z6ST8\mulbin1[1].exe -> Trojan.Dialer.oy : Cleaned with backup
C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\R4RBK24U\wizp32[1].exe -> Downloader.IstBar.eq : Cleaned with backup
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup
C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup
C:\WINDOWS\system32\winowl32.dll -> Trojan.Agent.qt : Cleaned with backup


::Report End
[ + lainaa]
Mainos
_ 		__
 
_
blade81
Senior Member
_ 		27. huhtikuuta 2006 @ 15:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Hjt:llä vielä fixi tälle:
O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)

Etsi ja poista, jos löytyy winowl32.dll (Ewidon pitäisi olla poistanut, mutta varmistetaan vielä).

Kannattaa muuten asentaa hosts filu. Muuttuu surffailu kerralla turvallisemmaksi. Tässä ohjetta -> http://keskustelu.afterdawn.com/thread_view.cfm/320373
[ + lainaa]
ASAP & UNITE member since 2006



afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > virus system memoryssä... backdoor.trojan tiedosto: winowl32.dll
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy