Koneessa kuulemma TAAS jotakin häikkää. Hjt-logi.
|
|
chili80
Junior Member
|
14. helmikuuta 2007 @ 12:23 |
Linkki tähän viestiin
|
Logfile of HijackThis v1.99.1
Scan saved at 16:57:40, on 14.2.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\Program Files\Common Files\Microsoft Shared\Media Manager\airsvcu.exe
C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre1.5.0_09\bin\jucheck.exe
C:\hjt\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [MPTBox] C:\PROGRA~1\Canon\MULTIP~1\MPTBox.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [ASM] "C:\Program Files\AOL\Active Security Monitor\ASMonitor.exe" HIDEMAIN
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: SMS-viesti - {16CAD19D-3F2B-4756-AEC2-57720F888E58} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {5E4AAEE1-7CF1-4730-BDDA-1065E3C80EAB} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {CDD5EE68-F9D9-49BE-B94B-5FA9267CCC59} - http://tuki.elisa.net/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: MpService - Canon Inc. - C:\Program Files\Canon\MultiPASS4\MPSERVIC.EXE
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Mikä tämä on?
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
Koneessa oli elisa tietoturvapalvelu, mutta viimekertaisen siivouksen aikana poistin sen.
|
Senior Member
8 tuotearviota
|
14. helmikuuta 2007 @ 12:43 |
Linkki tähän viestiin
|
O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm <--- Tuo on elisa tietoturvapalvelun ponnahdusikkunoidenestopalveluun liittyvä tiedosto. Joten älä poista sitä =) Puhtaalta tuo näyttää mutta lueppas seuraava: Onko koneesi hidas? Tässä muutama ohje sen viritykseen.
Lataa tuosta Startup niminen ohjelma ja asenna se: http://www.mlin.net/files/StartupCPL.zip
Ohjelma tulee näkyviin Ohjauspaneeliisin nimellä Startup. Sillä voit ottaa koneen
käynnistyksen yhteydessä käynnistyviä turhia ohjelmia pois. Esim: Adobe Reader Speed Launch,
Neron BgMonitor, Nero FilterCheck, iTunesHelper, Messenger, SoundMan, CTFMON, Winamp Agent,
Real Player Update (Real Sched), Quicktime, TkBell yms.
Lataa tuosta CCleaner ja asenna se: http://ccleaner.com/download/downloadpage.aspx?1
Kun asennat tätä ohjelmaa niin älä asenna sen mukana tulevaa yahoo-toolbaria. Tämä ohjelma
etsii ja poistaa ns. turhia tiedostoja koneeltasi eli esim: temp tiedostot ja tällä saat myös
puhdistettua rekisterisi.
Lataa tuosta RegSeeker ja pura se: http://fileforum.betanews.com/download/RegSeeker/1035382760/1
Pura se haluamaasi kansioo ja käynnistä tiedosto nimeltä RegSeeker.exe. Ohjelma oikeassa yläkulmassa
näet painikkeen 'languages', paina sitä ja aseta kieleksi suomi! Sen jälkeen paina vasemmassa laidassa
olevaa painiketta 'Puhdista Rekisteri' ja sen jälkeen 'OK'. Odota että skannaus loppuu ja paina 'valitse'
ja sitten 'valitse kaikki'. Sitten klikkaat hiiren oikealla jotain ohjelman löytänyttä kohdetta ja paina
'poista valitut kohteet', hyväksy poisto, hyväksy varmuuskopionluonti ja käynnistä kone uudelleen. Jos
jotain ongelmia niin backupit saat palautettua 'varmuuskopiot' valikosta.
|
chili80
Junior Member
|
14. helmikuuta 2007 @ 12:49 |
Linkki tähän viestiin
|
Mutta kun siinä koneessa ei pitäisi olla enää mitään elisan tietoturvapalvelusta. Se en poistettu muutamia kuukausia sitten.
Katon huomenna konetta, kun pääsen sen luokse. En tiedä yhtään, mikä siinä on vikana. Omistaja vaan sanoi, että joku taas tökkii. Tais puhua, ettei suostu välillä sulkemaan mozillan ikkunoita ja sitten käynnistyksessä on jotakin häikkää.
|
Senior Member
8 tuotearviota
|
14. helmikuuta 2007 @ 12:57 |
Linkki tähän viestiin
|
Puhdistakaa se kone nyt nuilla ohjelmilla. Eikä mikään ihme jos käynnistyksessä on ongelmia kun siel on 5 semmosta ohjelmaa mitä mä itse ottaisin pois mutta en pakota tekemään mitään =) ne ohjelmat olis: TkBellExe, CTFMON.EXE, SoundMan, Winamp Agent, SunJavaUpdateSched. Javan voi päivittää manuaalisesti kun menee käynnistä -> asetukset -> ohjauspaneeli -> java -> update välilehti -> update now painike. Ja tuo RegSeekerin tekemä rekisterinpuhdistus auttaa yleensä aika paljon kaikkeen sitten =)
|
chili80
Junior Member
|
26. helmikuuta 2007 @ 06:18 |
Linkki tähän viestiin
|
Escan löysi 97 virusta kyseisestä koneesta =( On kuitenkin edelleen hidas. En tosin vielä ole ehtinyt poistaa noita joitakin startupista. Olisko jotakin muuta virusohjelmaa, jolla kannattaisi skannata kone?
|
Hujo
Suspended permanently
|
26. helmikuuta 2007 @ 07:17 |
Linkki tähän viestiin
|
laita se escan virus loki tänne
aja tuosta
Ohje AVG Anti-Spyware 7.5:n käyttöön
Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis työkalun toimintaa.
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta
Lataa AVG Anti-Spyware 7.5 http://www.ewido.net/en/download/
ja tallenna ohjelma työpöydällesi.
? Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
? Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
? Käynnistä AVG Anti-Spyware.
? Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
? Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
? Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
? Sitten "Reports" valikon alta:
o Laita täppi kohtaan "Automatically generate report after every scan"
o Ota täppi pois kohdasta"Only if threats were found"
? Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
? "Resident shield is", muuta tila active:sta inactive:ksi
? Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan,
sammuta ja käynnistä
käynnistyksen yhteydessä naputtele F8
valitse nuoli näppäimellä vikasietotila
paina enter ja enter
HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
? Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
? Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
? Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
? Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
? Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

? Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
? Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
? Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.
C:\hjt\HijackThis.exe <-- nimeä uudelleen pommiksi
Laita myös uusi HjT loki
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 26. helmikuuta 2007 @ 07:22
|
chili80
Junior Member
|
26. helmikuuta 2007 @ 07:34 |
Linkki tähän viestiin
|
Koneen omistaja väitti, ettei saanut kopioitua sitä viruslogia, joten en voi sitä laittaa :(
Ja tyhmä kysymys: Voiko lisää tai poista sovelluksesta poistaa vanhoja windowsin suojauspäivitykyksiä tai hotfixeja? Ja vievätkö ne ylipäänsä edes tilaa eli, onko mitään järkeä edes poistaa niitä?
|
Hujo
Suspended permanently
|
26. helmikuuta 2007 @ 07:37 |
Linkki tähän viestiin
|
Anna olla ne windowsin päivitykset rauhassa.
laita tosta avg anti-spywaresta se loki tänne.
Poista siellä vikasiedossa kansio
C:\Program Files\Elisa Tietoturvapalvelu
Onkos siinä konessa jotain Ongelmia
escan viruslokin kopiointi
jos ala luukkuun tulee jotain niin kopioi se näin:
Klikkaa siihen alaluukkuun kerran.
Käytä komentoa Ctrl+A. <-- maalaa sen
Kopioi rivit komennolla Ctrl+C. <-- kopioi sen
Liitä rivit komennolla Ctrl+V. <-- liittää sen
Laita virus log tänne.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 26. helmikuuta 2007 @ 08:21
|
BolderDaz
Junior Member
|
28. helmikuuta 2007 @ 14:04 |
Linkki tähän viestiin
|
Jatkan Chili80 puolesta hänen siskon koneen puhdistamista.
Tuossa tuo "lyhyt" logi.
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:07:57 27.2.2007
+ Scan result:
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP80\A0056556.exe/clientax.dll -> Adware.180Solutions : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna\DoctorWeb\Quarantine\A0207715.exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/icont.exe -> Adware.AdURL : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna\mny.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\Program Files\Mozilla Firefox\mny.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/mny.exe -> Adware.Agent : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\AutoSearch.dll -> Adware.AutoSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0190730.dll -> Adware.Comet : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Classes\AutoSearch.AutoSearchObj -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Classes\AutoSearch.AutoSearchObj.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Classes\AutoSearch.AutoSearchObj\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\.DEFAULT\Software\Classes\AutoSearch.AutoSearchObj\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Classes\AutoSearch.AutoSearchObj -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Classes\AutoSearch.AutoSearchObj.1 -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Classes\AutoSearch.AutoSearchObj\CLSID -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
HKU\S-1-5-18\Software\Classes\AutoSearch.AutoSearchObj\CurVer -> Adware.CoolWebSearch : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna\DoctorWeb\Quarantine\A0187479.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/windows_e52.exe -> Adware.DollarRevenu : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/ESSPChck.dll -> Adware.ErrorSafe : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/FlFxr15.dll -> Adware.ErrorSafe : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/FxCore.dll -> Adware.ErrorSafe : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/InstHelp.exe -> Adware.ErrorSafe : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/MMFx.dll -> Adware.ErrorSafe : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/emptyERSF.exe -> Adware.ErrorSafe : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\IST -> Adware.ISTBar : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchUpgrader -> Adware.KeenValue : Cleaned with backup (quarantined).
HKLM\SOFTWARE\SearchUpgrader\{7EE60CF1-2DFF-41B5-91C9-9C1C518053FC} -> Adware.KeenValue : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0136133.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0136142.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0167313.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187492.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187496.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187497.exe -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187644.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187650.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187661.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP61\A0041822.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP61\A0041823.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP61\A0041824.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP61\A0041825.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP61\A0041826.dll -> Adware.Look2Me : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0207727.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/yz02.exe -> Adware.NewDotNet : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP85\A0056698.DLL -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187507.dll -> Adware.PrintView : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Yinstall.exe -> Adware.PurityScan : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\VVSN.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\VVSNI_S3_MYEM_Inst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0136153.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0136174.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0138162.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0139158.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0140155.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0141176.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0142166.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0142186.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0143159.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0144133.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0144180.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0145153.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0146152.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0147152.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0149149.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0150160.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0151149.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0152156.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0153234.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0154222.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0155230.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0165251.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187514.dll -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187594.dll -> Adware.Softomate : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A8B28872-3324-4CD2-8AA3-7D555C872D96} -> Adware.Softomate : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\Install.dll -> Adware.SpywareStorm : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\SimpleUpdate\TimerManagerConfig.xml.backup -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem1DFB.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem404.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem40F.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem417.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem47A.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem4CA.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem55D.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem646.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem7D9.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\Tem856.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\TemB0F.tmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindIt.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\FindItHot.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Highlight.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\HighlightHot.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Reference.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\ReferenceHot.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\Weather.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafe.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\cursorcafeA.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\findithotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\finditxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\games.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\gamesA.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlighthotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\highlightxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logo.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\logoxp.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\moviesA.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencehotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\referencexp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\smiley.bmp -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\smileyxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherhotxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\buttons\weatherxp.png -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\Related.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\error.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\contexts\travel.xml -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\images -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\All Users\Application Data\Starware\images\walertXP.bmp -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4B4C-8E49-5AF97014F4C1} -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4C6A-9D17-95018D228FF5} -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware\Options -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware\OriginalAutoSearch -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware\OriginalSearchAssistant -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware\OriginalURLSearchHooks -> Adware.Starware : Cleaned with backup (quarantined).
HKU\S-1-5-21-3713914087-1085326397-1295209744-1005\Software\Starware\SearchAssistant -> Adware.Starware : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0165335.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0165336.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0165337.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0190685.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0190686.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0190687.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0190689.dll -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0207699.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/DXC9.exe -> Adware.SurfSide : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187495.exe/IUCMORE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187495.exe/UCMTSAIE.DLL -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187495.exe/empty_00000001 -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187508.dll -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187511.dll -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP76\A0055753.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8F8B89E6-7403-484C-BE05-D5E50B10C18E}\RP76\A0055755.lnk -> Adware.Ucmore : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/Updater.exe -> Adware.WinFixer : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0207716.exe -> Adware.Zestyfind : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/iconu.exe -> Adware.Zestyfind : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187489.exe -> Downloader.Adload : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/windows_e53.exe -> Downloader.Adload.ncs : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187718.exe -> Dropper.Small : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\backup-20061114-203250-675.dll -> Not-A-Virus.Downloader.Win32.InsTool.a : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/protector.exe -> Proxy.Wopla.ac : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/Error Safe Free/ersd.sys -> Rootkit.Agent.af : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/ntio256.sys -> Rootkit.Agent.cf : Cleaned with backup (quarantined).
:mozilla.24:C:\Documents and Settings\Susanna \Application Data\Mozilla\Firefox\Profiles\x2vlz2kp.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Ignored.
:mozilla.13:C:\Documents and Settings\Susanna \Application Data\Mozilla\Firefox\Profiles\x2vlz2kp.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Atdmt : Ignored.
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0187719.exe -> Trojan.BHO.b : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0207719.exe -> Trojan.Favadd : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\A0210529.exe -> Trojan.Favadd : Cleaned with backup (quarantined).
C:\Documents and Settings\Susanna \DoctorWeb\Quarantine\Dc43.exe -> Trojan.Favadd : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/pp4ico.exe -> Trojan.Favadd : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/druid_unknown.exe -> Trojan.Kolweb.j : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/druid_unknown.exe-ren-283 -> Trojan.Kolweb.j : Cleaned with backup (quarantined).
C:\virusohjelmat\avenger\backup.zip/avenger/durvilx.exe -> Trojan.Kolweb.j : Cleaned with backup (quarantined).
::Report end
SITTEN VIELÄ AD AWAREN LOGI - Lyhensin sitä niin että siinä näkyy pääpiirteet vain. Mitä pitäisi tehdä?
Ad-Aware SE Build 1.06r1
Logfile Created on:27. helmikuuta 2007 18:01:29
Created with Ad-Aware SE Personal, free for private use.
Using definitions file:SE1R155 26.02.2007
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
References detected during the scan:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Adware.DollarRevenue(TAC index:10):14 total references
Adware.P2PNetworking(TAC index:3):2 total references
Adware.SearchingAll(TAC index:4):1 total references
CoolWebSearch(TAC index:10):9 total references
ErrorGuard(TAC index:7):3 total references
ErrorSafe(TAC index:10):20 total references
MRU List(TAC index:0):24 total references
SpywareStormer(TAC index:3):3 total references
Starware Toolbar(TAC index:5):3 total references
UCmore(TAC index:3):1 total references
Win32.Trojan.Downloader(TAC index:10):1 total references
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Performing conditional scans...
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
CoolWebSearch Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\microsoft\internet explorer\urlsearchhooks
CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Custom Search URL
CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Enable Browser Extensions
CoolWebSearch Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\new windows
Value : PopupMgr
CoolWebSearch Object Recognized!
Type : RegData
Data : no
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Search Asst
Data : no
CoolWebSearch Object Recognized!
Type : RegData
Data : about:blank
TAC Rating : 10
Category : Malware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Start Page
Data : about:blank
ErrorSafe Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\error safe free
ErrorSafe Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\error safe free
ErrorSafe Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\error safe free
Value : ProductCode
ErrorSafe Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\error safe free
Value : Abbr
ErrorSafe Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\error safe free
Value : InstallPath
ErrorSafe Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Misc
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : software\error safe free
Value : ActivationCode
SpywareStormer Object Recognized!
Type : Folder
TAC Rating : 3
Category : Misc
Comment : SpywareStormer
Object : C:\Program Files\Spyware Stormer
Adware.DollarRevenue Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\maxthon
Adware.DollarRevenue Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Value : Start
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Value : ErrorControl
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Value : ImagePath
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Value : DisplayName
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\cmdservice
Value : ObjectName
Adware.DollarRevenue Object Recognized!
Type : Regkey
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Value : Start
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Value : ErrorControl
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Value : ImagePath
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Value : DisplayName
Adware.DollarRevenue Object Recognized!
Type : RegValue
Data :
TAC Rating : 10
Category : Adware
Comment :
Rootkey : HKEY_LOCAL_MACHINE
Object : system\controlset001\services\network monitor
Value : ObjectName
ErrorGuard Object Recognized!
Type : Folder
TAC Rating : 7
Category : Malware
Comment : ErrorGuard
Object : C:\Program Files\ErrorGuard
Starware Toolbar Object Recognized!
Type : RegData
Data : no
TAC Rating : 5
Category : Adware
Comment :
Rootkey : HKEY_CURRENT_USER
Object : software\microsoft\internet explorer\main
Value : Use Search Asst
Data : no
Conditional scan result:
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
New critical objects: 28
Objects found so far: 81
18:09:29 Scan Complete
Summary Of This Scan
»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»
Total scanning time:00:08:00.391
Objects scanned:91353
Objects identified:57
Objects ignored:0
New critical objects:57
Millä tavalla noiden uusien virusten tuloa voisi estää??? AVG, palomuuri, AdAware ja Windows Defender on nyt koneella.
|
Mainos
|
  |
|
Hujo
Suspended permanently
|
28. helmikuuta 2007 @ 14:15 |
Linkki tähän viestiin
|
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 28. helmikuuta 2007 @ 15:14
|