AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
maanantai 10.11.2025 / 00:43
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kone käyttäytyy kummasti ja virus alert! hjt log
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Kone käyttäytyy kummasti ja Virus Alert! HJT Log
  Siirry:
 
Kirjoittaja Viesti
Sivu:12>
Silense
Suspended due to non-functional email address
_ 		7. toukokuuta 2006 @ 20:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Juu, elikkä tässä ilmeni, että koneellani on tuollainen Virus Alert! Joka vilkkuu oikeassa alakulmassa. Ymmärrykseni mukaan se myös avaa IE:llä turhia pop-uppeja vaikka Firefoxia käytänkin.
Sitten välillä kun ikkuna on suurennettuna/pienennettynä niin se suurentyy/pienentyy itsestään...?

HJT lokia:
Logfile of HijackThis v1.99.1
Scan saved at 23:56:06, on 7.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dcomcfg.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\FSGK32.EXE
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMB32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fssm32.exe
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FCH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Common\FAMEH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsqh.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsrw.exe
C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsav32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\SAUNAL~1\ANTI-S~1\fsaw.exe
C:\Program Files\Saunalahden Turvapaketti\FSGUI\fsguidll.exe
C:\Program Files\Samurize\Client.exe
C:\Program Files\ewido anti-malware\securitysuite.exe
C:\WINDOWS\system32\atmclk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Windows\Työpöytä\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Nothing - {b0398eca-0bcd-4645-8261-5e9dc70248d0} - C:\WINDOWS\system32\hp75BC.tmp
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Saunalahden Turvapaketti\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Global Startup: Saunalahti Turvapaketti.lnk = C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{D54CCD50-14D3-4149-AB57-A02454ED757C}: NameServer = 195.74.0.47 195.74.0.55
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Saunalahti Turvapaketti (BackWeb Plug-in - 5006663) - Saunalahti Turvapaketti - C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)

Kiitos jo etukäteen.
[ + lainaa]
JaPK
Senior Member
_ 		8. toukokuuta 2006 @ 03:34 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Terve Silense, koneellasi on smitfraud pöpö.

Lataa SmitfraudFix (c) S!Ri -> http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd

Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		8. toukokuuta 2006 @ 10:32 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kiitos JaKP

Tuossa:
SmitFraudFix v2.40

Scan done at 14:30:11,54, ma 08.05.2006
Run from C:\Documents and Settings\Windows\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

C:\WINDOWS\system32\atmclk.exe FOUND !
C:\WINDOWS\system32\dcomcfg.exe FOUND !
C:\WINDOWS\system32\hp????.tmp FOUND !
C:\WINDOWS\system32\ld????.tmp FOUND !
C:\WINDOWS\system32\ot.ico FOUND !
C:\WINDOWS\system32\reglogs.dll FOUND !
C:\WINDOWS\system32\simpole.tlb FOUND !
C:\WINDOWS\system32\stdole3.tlb FOUND !
C:\WINDOWS\system32\ts.ico FOUND !
C:\WINDOWS\system32\1024\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Windows\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Windows\Suosikit

C:\DOCUME~1\Windows\Suosikit\Antivirus Test Online.url FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files

C:\Program Files\SpyFalcon\ FOUND !

»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{35a88e51-b53d-43e9-b8a7-75d4c31b4676}"="Register LogWare"

[HKEY_CLASSES_ROOT\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}\InProcServer32]
@="C:\WINDOWS\system32\reglogs.dll"

[HKEY_CURRENT_USER\Software\Classes\CLSID\{35a88e51-b53d-43e9-b8a7-75d4c31b4676}\InProcServer32]
@="C:\WINDOWS\system32\reglogs.dll"


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End
[ + lainaa]
JaPK
Senior Member
_ 		8. toukokuuta 2006 @ 11:14 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ja nyt puhdistus...

Puhdistusohjeet:

Printtaa ohjeet ulos.

Päivitä Ewido, ÄLÄ skannaa vielä.

Sitten käynnistä HijackThis, klikkaa do a system scan only ja merkkaa tämä rivi:
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

Paina Fix checked

Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi:
->Käynnistä tietokone
->Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa
->Seuraavaksi pitäisi ilmestyä valikko
->Valitse valikosta vikasietotila.

Kun vikasietotilassa, avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

Varoitus! : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.

Aja skannaus Ewidolla, puhdista mitä löytää ja tallenna loki.

Postita tänne seuraavat lokit:
-> uusi HijackThis loki
-> Ewidon loki
-> C:\rapport.txt tiedoston sisältö.
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 8. toukokuuta 2006 @ 11:15
Silense
Suspended due to non-functional email address
_ 		8. toukokuuta 2006 @ 13:00 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kiitos taas.

Virus Alert lähti ja ei pop uppeja enään.
Tuossa ne logit:

SmitFraudFix v2.40

Scan done at 16:22:54,73, ma 08.05.2006
Run from C:\Documents and Settings\Windows\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600]

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\system32\atmclk.exe Deleted
C:\WINDOWS\system32\dcomcfg.exe Deleted
C:\WINDOWS\system32\hp????.tmp Deleted
C:\WINDOWS\system32\ld????.tmp Deleted
C:\WINDOWS\system32\ot.ico Deleted
C:\WINDOWS\system32\reglogs.dll Deleted
C:\WINDOWS\system32\simpole.tlb Deleted
C:\WINDOWS\system32\stdole3.tlb Deleted
C:\WINDOWS\system32\ts.ico Deleted
C:\WINDOWS\system32\1024\ Deleted
C:\DOCUME~1\Windows\Suosikit\Antivirus Test Online.url Deleted
C:\Program Files\SpyFalcon\ Deleted

»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» End


Logfile of HijackThis v1.99.1
Scan saved at 16:55:42, on 8.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Samurize\Client.exe
C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\FSGK32.EXE
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fssm32.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMB32.EXE
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FCH32.EXE
C:\Program Files\ewido anti-malware\securitysuite.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FAMEH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsqh.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsrw.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsav32.exe
C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\SAUNAL~1\ANTI-S~1\fsaw.exe
C:\Program Files\Saunalahden Turvapaketti\FSGUI\fsguidll.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Waret\HijackThis.exe

O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Saunalahden Turvapaketti\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Startup: Client Default.lnk = C:\Program Files\Samurize\Client.exe
O4 - Global Startup: Saunalahti Turvapaketti.lnk = C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{D54CCD50-14D3-4149-AB57-A02454ED757C}: NameServer = 195.74.0.47 195.74.0.55
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Saunalahti Turvapaketti (BackWeb Plug-in - 5006663) - Saunalahti Turvapaketti - C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)


---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 16:59:12, 8.5.2006
+ Report-Checksum: EA17FD0A

+ Scan result:

:mozilla.29:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.30:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.31:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.32:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.118:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.119:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.120:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.121:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.122:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.123:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.124:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.125:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.140:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.141:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.144:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.145:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.153:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.170:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.171:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.173:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.174:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.175:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.176:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.190:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.200:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.201:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.202:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.204:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.209:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.210:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.212:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.213:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.214:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.221:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.222:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.223:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.224:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.225:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.226:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.227:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.228:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.229:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.230:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.231:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.247:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.248:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.250:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.251:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.252:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.280:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.281:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.303:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.304:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.306:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.307:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.314:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.342:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.353:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.354:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.356:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.357:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.358:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.359:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.360:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.375:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.406:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.407:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.409:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.410:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.427:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.493:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.497:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.502:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.528:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.529:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.543:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.558:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.566:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.571:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.606:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.607:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.638:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.639:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.646:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.648:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.658:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.682:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.683:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.700:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.712:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.734:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.735:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.811:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.812:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.816:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.817:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.820:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adition : Cleaned with backup
:mozilla.821:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adition : Cleaned with backup
:mozilla.846:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.847:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.886:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.887:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.889:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.890:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
C:\Documents and Settings\Windows\Cookies\windows@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup


::Report End
[ + lainaa]
JaPK
Senior Member
_ 		8. toukokuuta 2006 @ 13:47 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Puhdasta tuli :)
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		8. toukokuuta 2006 @ 14:01 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kiitos taas kerran!
[ + lainaa]
BackSmack
Member
_ 		8. toukokuuta 2006 @ 15:16 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Puhas se näytää olevan ;)
[ + lainaa]
AMD Sempron 3100+ (1800mhz), Windows XP SP2, 1gb RAM, NVIDIA GeForce 6600 GT
Silense
Suspended due to non-functional email address
_ 		12. toukokuuta 2006 @ 09:16 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mutta ei tunnu olevan?

En saa poistettua tiedostoja, työpöydän pikakuvakkeet siirtyy millon mitenkin, kone on hitaalla yms.

Koneen oon skannannu F-securella, escannilla ja ewidolla.
Mikä voisi olla?

Tuossa uusin HJT:

Logfile of HijackThis v1.99.1
Scan saved at 13:15:26, on 12.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
C:\WINDOWS\$NtUninstallKB904706$\IEXPLORE.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\FSGK32.EXE
C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMB32.EXE
C:\Program Files\Saunalahden Turvapaketti\Common\FCH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Common\FAMEH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsqh.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsrw.exe
C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsav32.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Waret\Jaossa\Ohjelmat\HjT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Saunalahden Turvapaketti\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Saunalahti Turvapaketti.lnk = C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{D54CCD50-14D3-4149-AB57-A02454ED757C}: NameServer = 195.74.0.47 195.74.0.55
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll,wbsys.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Saunalahti Turvapaketti (BackWeb Plug-in - 5006663) - Saunalahti Turvapaketti - C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
O23 - Service: DirectX Service (DirectWuzf) - Unknown owner - c:\windows\system32\directx.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)
[ + lainaa]
JaPK
Senior Member
_ 		12. toukokuuta 2006 @ 17:44 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Taitaapi olla uutta pöpöä pesiytynyt....

Laita piilotiedostot näkyviin
-->Ohjauspaneeli-->Työkalut-->Kansion Asetukset-->Piilotetut tiedostot ja kansiot
-->Valitse "Näytä piilotetut tiedostot ja kansiot"-->Ok

Sitten mene http://www.virustotal.com
-> Paina "Selaa"
-> Etsi tämä tiedosto c:\windows\system32\directx.exe
-> Paina "OK"
-> Paina "Send"
-> Odota tuloksia
-> Postita tulokset tänne, kun valmiit
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		13. toukokuuta 2006 @ 08:04 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Complete scanning result of "directx.exe", received in VirusTotal at 05.13.2006, 10:49:18 (CET).

Antivirus Version Update ResultComplete scanning result of "directx.exe", received in VirusTotal at 05.13.2006, 10:49:18 (CET).
Antivirus Version Update Result
AntiVir 6.34.1.27 05.12.2006 no virus found
Avast 4.6.695.0 05.12.2006 no virus found
AVG 386 05.12.2006 no virus found
BitDefender 7.2 05.13.2006 no virus found
CAT-QuickHeal 8.00 05.12.2006 (Suspicious) - DNAScan
ClamAV devel-20060426 05.12.2006 no virus found
DrWeb 4.33 05.13.2006 no virus found
eTrust-InoculateIT 23.72.7 05.12.2006 no virus found
eTrust-Vet 12.4.2207 05.12.2006 no virus found
Ewido 3.5 05.13.2006 no virus found
Fortinet 2.76.0.0 05.13.2006 suspicious
F-Prot 3.16c 05.12.2006 no virus found
Ikarus 0.2.65.0 05.12.2006 Net-Worm.Win32.Mytob.DE
Kaspersky 4.0.2.24 05.13.2006 no virus found
McAfee 4761 05.12.2006 no virus found
Microsoft 1.1372 05.13.2006 no virus found
NOD32v2 1.1535 05.12.2006 a variant of Win32/PSW.Gamania.CH
Norman 5.90.17 05.12.2006 no virus found
Panda 9.0.0.4 05.12.2006 Suspicious file
Sophos 4.05.0 05.13.2006 no virus found
Symantec 8.0 05.13.2006 no virus found
TheHacker 5.9.7.142 05.12.2006 no virus found
UNA 1.83 05.12.2006 no virus found
VBA32 3.11.0 05.12.2006 no virus found
Aditional Information
File size: 87040 bytes
MD5: 5f87446ced6943b4b82efaee028fe42e
SHA1: b59c4074716fbaf4962a0334b466e797a5a25d79
[ + lainaa]
JaPK
Senior Member
_ 		13. toukokuuta 2006 @ 09:26 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Pöpöhän se siellä.

Puhdistusohjeet:

Päivitä Ewido.

Avaa Muistio ja kopioi seuraavat rivit siihen:

@echo off
sc stop DirectWuzf
sc delete DirectWuzf

Sitten tallenna dokumentti työpöydälle nimellä Poisto.bat ja tiedostotyypiksi: All Files.
Sitten aja työpöydällä oleva Poisto.bat tiedosto ja vastaa kyllä jos kysytään jotain.

Käynnistä kone vikasietotilaan seuraavien ohjeiden mukaisesti:
->Käynnistä tietokone
->Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa
->Seuraavaksi pitäisi ilmestyä valikko
->Valitse valikosta vikasietotila.

Laita piilotiedostot näkyviin
-->Ohjauspaneeli-->Työkalut-->Kansion Asetukset-->Piilotetut tiedostot ja kansiot
-->Valitse "Näytä piilotetut tiedostot ja kansiot"-->Ok

Sitten poista seuraava tiedosto. (jos löytyy)
C:\windows\system32\directx.exe

Tyhjennä roskakori ja laita piilotiedostot takaisin piiloon
-> (Teet niin kuin aikaisemmin mutta valitset "Älä näytä piilotettuja tiedostoja ja kansioita")

Skannaa koneesi Ewidolla, puhdista mitä löytyy ja tallenna loki

Käynnistä koneesi normaalisti ja pistä piilotiedostot piiloon.

Postita uusi HijackThis loki ja Ewidon loki, jotta näemme onko koneesi puhdas.
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		13. toukokuuta 2006 @ 17:50 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Moi!

Tuossa logeja:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 21:41:58, 13.5.2006
+ Report-Checksum: 8FA36A48

+ Scan result:

:mozilla.62:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.79:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.80:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.81:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.82:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.83:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.84:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.85:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.88:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.89:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.90:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.92:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.93:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.94:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.95:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.97:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.98:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.99:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.100:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.107:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.108:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.110:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.111:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.112:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
:mozilla.113:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
:mozilla.126:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned with backup
:mozilla.127:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
:mozilla.165:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.166:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
:mozilla.233:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.234:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.235:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.236:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.237:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.238:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
:mozilla.239:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.240:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.241:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Liveperson : Cleaned with backup
:mozilla.245:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
:mozilla.249:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
:mozilla.253:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
:mozilla.254:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
:mozilla.255:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.257:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.258:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.259:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.260:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.261:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.262:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.265:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.266:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
:mozilla.267:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
:mozilla.282:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.283:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
:mozilla.284:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.285:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.286:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
:mozilla.290:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
:mozilla.291:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.292:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.293:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.294:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
:mozilla.299:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
:mozilla.305:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
:mozilla.311:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.312:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.313:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned with backup
:mozilla.317:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
:mozilla.320:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.321:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.322:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.326:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.327:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
:mozilla.376:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.377:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.378:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.386:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.387:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.388:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.389:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.390:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.391:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
:mozilla.397:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.403:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
:mozilla.411:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.412:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.413:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.414:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.415:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.416:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.417:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
:mozilla.418:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.419:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.430:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
:mozilla.446:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.447:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
:mozilla.449:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.450:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.451:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.452:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.455:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.456:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.461:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
:mozilla.475:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned with backup
:mozilla.479:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.480:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
:mozilla.482:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.483:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Goclick : Cleaned with backup
:mozilla.484:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
:mozilla.489:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.503:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.504:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.505:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.506:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.507:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.508:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.509:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
:mozilla.522:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.523:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.524:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.525:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.526:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
:mozilla.558:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
:mozilla.569:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.570:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
:mozilla.598:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.599:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.601:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.602:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.603:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.604:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.605:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned with backup
:mozilla.618:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.664:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
:mozilla.669:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.670:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.695:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
:mozilla.709:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
:mozilla.724:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Estat : Cleaned with backup
:mozilla.731:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
:mozilla.763:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.794:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.795:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
:mozilla.802:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.813:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
:mozilla.836:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.837:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.854:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
:mozilla.864:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
:mozilla.886:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.887:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
:mozilla.962:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.963:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
:mozilla.967:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.968:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Web-stat : Cleaned with backup
:mozilla.971:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adition : Cleaned with backup
:mozilla.972:C:\Documents and Settings\Windows\Application Data\Mozilla\Firefox\Profiles\wcrdnhbq.default\cookies.txt -> TrackingCookie.Adition : Cleaned with backup
C:\Documents and Settings\Windows\Cookies\windows@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned with backup


::Report End

Logfile of HijackThis v1.99.1
Scan saved at 21:43:50, on 13.5.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\FSGK32.EXE
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fssm32.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FSMB32.EXE
C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
C:\Program Files\Saunalahden Turvapaketti\Common\FCH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Common\FAMEH32.EXE
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsqh.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsrw.exe
C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsav32.exe
C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
C:\PROGRA~1\SAUNAL~1\ANTI-S~1\fsaw.exe
C:\Program Files\Saunalahden Turvapaketti\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ewido anti-malware\securitysuite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Waret\Jaossa\Ohjelmat\HjT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Saunalahden Turvapaketti\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Saunalahden Turvapaketti\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\FSSW.EXE" /reboot
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [News Service] "C:\Program Files\Saunalahden Turvapaketti\FSGUI\ispnews.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Saunalahti Turvapaketti.lnk = C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\Program\fspex.exe
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Saunalahden Turvapaketti\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: *.musicmatch.com
O15 - Trusted Zone: *.musicmatch.com (HKLM)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/cl...
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O17 - HKLM\System\CCS\Services\Tcpip\..\{D54CCD50-14D3-4149-AB57-A02454ED757C}: NameServer = 195.74.0.47 195.74.0.55
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 - AppInit_DLLs: MsgPlusLoader.dll,wbsys.dll
O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\Stardock\OBJECT~1\WINDOW~1\wbsrv.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Saunalahti Turvapaketti (BackWeb Plug-in - 5006663) - Saunalahti Turvapaketti - C:\PROGRA~1\SAUNAL~1\backweb\5006663\Program\SERVIC~1.EXE
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Anti-Virus\fsgk32st.exe
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Saunalahden Turvapaketti\backweb\5006663\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Saunalahden Turvapaketti\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: MSSQLServerADHelper - Unknown owner - C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqladhlp.exe (file missing)


Kone ei puhdistunut sen voin sanoa. Hitaalla käy. Sitten seuraavanlainen ongelma ilmeni. Kun painan hiirenoikealla painikkeella tiedostoa, niin kaikki kansiot menee jumiin, ja täytyy sammuttaa tehtävienhallinnasta. Sama pätee myös poistamiseen Delete painikkeitten kautta. Eli jokin pöpö estäisi tiedostojen poistamisen?

Poisto.bat valitti heti alkuun seuraavaa:
[SC] Openservice Failed 1060:
Määritettyä palvelua ei ole asennettu.

Tein tuon ohjeitten mukaan kolme kertaa, aina herjaa samaa.


Odotetaan vastausta.
[ + lainaa]
JaPK
Senior Member
_ 		13. toukokuuta 2006 @ 18:17 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Loki näyttää nyt puhtaalta.

Lataa ja asenna CCleaner -> http://www.ccleaner.com
Puhdista rekisteri ja väliaikaiset tiedostot sillä.

Voisit myös asentaa hosts-tiedoston koneeseen, aaxxeellin loisto-ohjeet täällä -> http://keskustelu.afterdawn.com/thread_view.cfm/320373

Löytyikös muuten tätä tiedostoa koneelta? -> C:\windows\system32\directx.exe



[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		13. toukokuuta 2006 @ 20:07 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Löytyihän tuo tiedosto.

Tämä alkaa tuntua jo turhauttavalta...

Aina kun klikkaan hiiren oikella kansiossa kun kansiossa tiedostoa, niin kone tilttaa, ja vasta tehtävienhallinnasta sammuttamalla kansion pääsen eteenpäin.

Mikä tuossa voi enään mikään olla vikana? Hosti tiedostonkin latasin ja pistin.
[ + lainaa]
JaPK
Senior Member
_ 		14. toukokuuta 2006 @ 04:27 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tiedosto siis löytyi, poistitko sen myös?

Tuo toinen ongelma kuulostaa ei-virusperäiseltä, ilmaantuiko se yhtäkkiä? Putsasitko rekisterit ja väliaikaistiedostot CCleanerillä?
[ + lainaa]
I have moved from AD, I won''t be taking new HijackThis logs from here. Reason: The AD''s Unsupportive athmosphere.
Silense
Suspended due to non-functional email address
_ 		14. toukokuuta 2006 @ 06:09 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kyllä sen poistin.

Skannannut olen myös nytten uudestaan ewidolla, eScanilla, F-securella ja CCleanerilla.

Ei auta, ei...

E: Tmähän ihan mahdottomaksi menee! Kone boottailee itseänsä milloin sattuu, ja boottas aina kun nettiin yhdistin, sen takia jouduin nekin tekemään uudestaan. Mistä tässä oikein olisi kyse?
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. toukokuuta 2006 @ 06:53
teppoI
Staff Member

1 tuotearvio
_ 		14. toukokuuta 2006 @ 07:26 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. toukokuuta 2006 @ 07:39
Silense
Suspended due to non-functional email address
_ 		14. toukokuuta 2006 @ 10:05 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ei kyseistä tiedostoa edes ole enään koneellani.
[ + lainaa]
aaxxeell
Senior Member
_ 		14. toukokuuta 2006 @ 13:52 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Teppo nuohan eivät paljoa hyödytä kuin vain Ikarus ja NOD32 tunnistavat vain tuon örkin.
ja miten muka tiedosto lähti mutta ewido silti löytää samat?
[ + lainaa]
>>>>> Oppaat <<<<<
Ewido Anti-spyware 4.0 -> http://aaxxeell.googlepages.com/ewido4
Koneen puhdistaminen. HijackThis-ohje -> http://aaxxeell.googlepages.com/koneenpuhdistaminen.hijackthis-ohje%21
Surffaile turvallisesti netissä! HOSTS-tiedosto -> http://aaxxeell.googlepages.com/surffaileturvallisestinetiss%C3%A4%21hosts-tiedosto%21
Messenger Plus! Opas turvalliseen asentamiseen -> http://aaxxeell.googlepages.com/messengerplus%21opasturvalliseenasentamiseen.
EULAlyzer -> http://aaxxeell.googlepages.com/eulalyzer
teppoI
Staff Member

1 tuotearvio
_ 		14. toukokuuta 2006 @ 13:57 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
No panda ainakin kertoo sivuillaan että tunnistavat örkin. Tai sellaisen kuvan sain.

e. en viitsi toita viestiä kirjjoittaa niin.

Myös Symantec näyttäisi tietävän http://securityresponse.symantec.com/avcenter/venc/data/w32.hllw....
pandalle en löydä linkkiä, se oli viimeksikin niin kiven takana, enkä löydä nytkään.
Ei tekisi pahaa ei.
[ + lainaa]

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. toukokuuta 2006 @ 14:19
aaxxeell
Senior Member
_ 		14. toukokuuta 2006 @ 13:58 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Mutta ei tekisi tosiaan paha kokeilla noita online Scanneja.
[ + lainaa]
>>>>> Oppaat <<<<<
Ewido Anti-spyware 4.0 -> http://aaxxeell.googlepages.com/ewido4
Koneen puhdistaminen. HijackThis-ohje -> http://aaxxeell.googlepages.com/koneenpuhdistaminen.hijackthis-ohje%21
Surffaile turvallisesti netissä! HOSTS-tiedosto -> http://aaxxeell.googlepages.com/surffaileturvallisestinetiss%C3%A4%21hosts-tiedosto%21
Messenger Plus! Opas turvalliseen asentamiseen -> http://aaxxeell.googlepages.com/messengerplus%21opasturvalliseenasentamiseen.
EULAlyzer -> http://aaxxeell.googlepages.com/eulalyzer
Silense
Suspended due to non-functional email address
_ 		14. toukokuuta 2006 @ 14:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tiedostoa ei koneellani ole, tarkistin kolmeen kertaan.

Taitaa toi Ewido logi olla ennen sen poistoa, vai miksen sitten löydä sitä?
[ + lainaa]
aaxxeell
Senior Member
_ 		14. toukokuuta 2006 @ 16:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Silense, ymmärretty on, että se lähti jo tiehensä ei siitä olekaan enään kyse.

Kyse on kuitenkin siittä, että koneesi temppuilee kuulemien mukaan edelleen, siksi suosittelen käymään muutaman online Scannerin läpi.
HJT-loki ei kerro kaikkea eikä yksi ohjelma auta varmistamaan puhtautta.
Niinpä käyhän nyt kaikilla mahdollisimmilla keinoilla kone vielä läpi ja teppo laittoikin hyviä linkkejä.

Sinun selailusta päätellet ainakin seikkailet haitallisilla sivustoilla, joten toivon, että HOSTS on oikein blokkaamassa sivuja muutoin koneesi ei kauaa tolla tyylillä selviä ja se syy ehkä siinä miksi se nyt on tässä kunnossa.
[ + lainaa]
>>>>> Oppaat <<<<<
Ewido Anti-spyware 4.0 -> http://aaxxeell.googlepages.com/ewido4
Koneen puhdistaminen. HijackThis-ohje -> http://aaxxeell.googlepages.com/koneenpuhdistaminen.hijackthis-ohje%21
Surffaile turvallisesti netissä! HOSTS-tiedosto -> http://aaxxeell.googlepages.com/surffaileturvallisestinetiss%C3%A4%21hosts-tiedosto%21
Messenger Plus! Opas turvalliseen asentamiseen -> http://aaxxeell.googlepages.com/messengerplus%21opasturvalliseenasentamiseen.
EULAlyzer -> http://aaxxeell.googlepages.com/eulalyzer

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. toukokuuta 2006 @ 16:41
Mainos
_ 		__
 
_
Silense
Suspended due to non-functional email address
_ 		14. toukokuuta 2006 @ 19:09 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Juu anteeksi en tiedä mitä ajattelin tuon tiedoston kanssa :D

Itse en ole ainakaan käynyt epäillyttävillä sivuilla, kerran serialia/crackeja etsiskelin, mutta onhan tässä taloudessa muitakin ihmisiä.

Noh nytten on koneeessa se HOSTS tiedosto, niin ei ainakaan en tule pöpöjä sitä kautta.

Skannailen nyt kaikilla mahdollisilla online scannereilla ja pistelen vastausta sitten.
[ + lainaa]
 
Sivu:12>
Aiheeseen liittyviä linkkejä
Lataa uusin versio HijackThis-ohjelmasta täältä!
 
Aiheeseen liittyviä viestiketjuja Viestejä Viimeisin viesti Keskustelualue
HJT Logi 2 3. kesäkuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-logi ja vale-firefox ongelmia....virus koneella ? 4 6. toukokuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT logi, kone jumittaa 1 3. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Näppäimistö sekoilee hjt log 1 2. huhtikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-log ja Malwarebytes- log, Troijalainen? Apu tarpeen! 2 10. maaliskuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT-loki, kone valtavan hidas ja perusskannereiden läpi ajamisella ei vaikutusta 1 19. helmikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
probook 445 hjt-logit 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
HJT loki tarkastukseen 1 19. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit
Win7 + HJT ongelma ja kummitteleva Mass effect 2 1 11. tammikuuta 2014 Windows -ongelmat
HJT-logia.. 1 9. tammikuuta 2014 Virukset ja haittaohjelmat - HijackThis -logit

 
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kone käyttäytyy kummasti ja virus alert! hjt log
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy