|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
HjT-logi. Kone toimii hyvin, mutta ei enää uskalla käydä pankin sivuilla.
|
|
|
juuza
Newbie
|
11. maaliskuuta 2007 @ 10:05 |
Linkki tähän viestiin
|
Alapalkkiin tulee aina vähänväliä keltainen kolmio ja käskee lataamaan uuden virustorjunta-ohjelman, AntivirusGoldenin. Tämä varmaankin joku Spyware? Voisiko joku auttaa?
Logfile of HijackThis v1.99.1
Scan saved at 14:55:12, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\DAEMON Tools SearchBar\Search.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\honestech One Touch DVD\Receiver.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Arvo ja Piret\Työpöytä\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video Access ActiveX Object\isadd.dll (file missing)
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\DAEMON Tools SearchBar\search.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: honestech One Touch DVD Receiver.lnk = C:\Program Files\honestech One Touch DVD\Receiver.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
|
|
tomato71
Suspended due to non-functional email address
|
11. maaliskuuta 2007 @ 10:18 |
Linkki tähän viestiin
|
Moi!
Poista lisää/poista sovelluksen kautta DAEMON Tools SearchBar(tai WhenUSearch/tai Search)
Siirrä HijackThis.exe omaan kansioon C:\HJT\HijackThis.exe
.
Tee uusi HjT-scannaus Do a System scan only
Sulje kaikki muut ikkunat ja selaimen.Merkkaa nämä rivit ja paina Fix checked
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
[*]Käynnistä tietokone
[*]Kun kuulet koneen piippaavan, paina[color=blue] F8[/color], kuitenkin ennen Windowsin logon esiintuloa
[*]Seuraavaksi pitäisi ilmestyä valikko
[*]Valitse valikosta vikasietotila.
Poista kansio C:\Program Files\DAEMON Tools SearchBar
Lataa SmitfraudFix (by S!Ri) työpöydällesi.
Tuplaklikkaa tiedostoa SmitfraudFix.exe
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.
**Jos työkalu ei käynnisty työpöydältä niin siirrä SmitfraudFix.exe suoraan järjestelmäaseman juureen (yleensä C:). Kokeile sitten käynnistää ohjelma uudestaan sieltä.
Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
http://www.beyondlogic.org/consulting/processutil/processutil.htm
Lähetä uusi HjT-loki ja smitfraudloki
|
|
juuza
Newbie
|
11. maaliskuuta 2007 @ 10:35 |
Linkki tähän viestiin
|
Moi!
Kiitosta vaan, mutta pikkunen ongelma(?) tuli vastaan.
Tein kaiken aivan kutn sanoit tähän kohtaan asti:
Tee uusi HjT-scannaus Do a System scan only .
Näitä rivejä ei näkynyt:
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
Se kolmas näkyi kylläkin. En ruvennut mitään sähläämään ennen kuin tarkistan.
PS. Lataanko tuon SmitfraudFix (by S!Ri):n vikasietotilassa ollessani?
|
|
tomato71
Suspended due to non-functional email address
|
11. maaliskuuta 2007 @ 10:40 |
Linkki tähän viestiin
|
|
lataa ihan normitilas ja scannaa normitilas
|
|
juuza
Newbie
|
11. maaliskuuta 2007 @ 10:52 |
Linkki tähän viestiin
|
Nonii tässä uudet logit:
Lainaus:
Logfile of HijackThis v1.99.1
Scan saved at 15:51:19, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\honestech One Touch DVD\Receiver.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\NOTEPAD.EXE
C:\HJT\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video Access ActiveX Object\isadd.dll (file missing)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: honestech One Touch DVD Receiver.lnk = C:\Program Files\honestech One Touch DVD\Receiver.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Lainaus:
SmitFraudFix v2.148
Scan done at 15:50:27,73, su 11.03.2007
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ARVOJA~1\SUOSIKIT
C:\DOCUME~1\ARVOJA~1\SUOSIKIT\Online Security Test.url FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Video Access ActiveX Object\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{aed6f6a3-183c-488d-9f90-23db99f56e7f}"="apathies"
[HKEY_CLASSES_ROOT\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\InProcServer32]
@="C:\WINDOWS\system32\geplxss.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{aed6f6a3-183c-488d-9f90-23db99f56e7f}\InProcServer32]
@="C:\WINDOWS\system32\geplxss.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
|
|
tomato71
Suspended due to non-functional email address
|
11. maaliskuuta 2007 @ 11:02 |
Linkki tähän viestiin
|
ja sitten...
Lataa molemmat ohjelmat koneelle asenna ja päivitä avg:n ohjeitten mukaisesti ennen kuin menet vikasietotilaan,vikasietotilassa scannaa ensin Smitfraufixil(optio2)
ja sen jälkeen vasta AVG a-s:llä
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta
Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.
Kun vikasietotilassa, tuplaklikkaa tiedostoa SmitfraudFix.exe
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.
Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.
Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".
Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.
Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.
ja sitten..
Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta
Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.
[*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found
[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan, [URL=http://www.virustorjunta.net/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Yleisohjeita+ongelmatilanteiden+ratkaisuun#37] Ohje![/URL]
HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.
ja kun scannaukset on tehty niin päivitä java
[list]Javan päivitys ja välimuistin tyhjennys:
1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä: 
3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:
http://java.sun.com/javase/downloads/index.jsp
Rullaa alas kohteeseen Java Runtime Environment (JRE) 6
Paina Download
Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.
(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).
8. Varmista että kaikki kaksi valintaa ovat rastitettuja:
[list][*]Applications and Applets
[*]Trace and Log Files[/list]
Ja paina OK -nappia
9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.
10. Klikkaa OK jättääksesi Java asetusikkunasi.[/list]
Lähetä Smitfraud-loki + AVG-loki ja uusi HjT-loki
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. maaliskuuta 2007 @ 11:21
|
|
tomato71
Suspended due to non-functional email address
|
11. maaliskuuta 2007 @ 11:32 |
Linkki tähän viestiin
|
Lainaus:
Lataa molemmat ohjelmat koneelle asenna ja päivitä avg:n ohjeitten mukaisesti ennen kuin menet vikasietotilaan,vikasietotilassa scannaa ensin Smitfraufixil(optio2)
ja sen jälkeen vasta AVG a-s:llä
huom editti ohjeissa.
|
|
juuza
Newbie
|
12. maaliskuuta 2007 @ 15:15 |
Linkki tähän viestiin
|
AVG-n logi:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:07:15 12.3.2007
+ Scan result:
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Customer Support.lnk -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Uninstall Instructions.lnk -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\ACM.dll -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\Save.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\SaveUninst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\ffext.mod -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\save.htm -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Arvo ja Piret\Local Settings\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\Cache\A23E4567d01 -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.111:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.160:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.161:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.33:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.34:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.35:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.36:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.37:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.38:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Juss\Cookies\juss@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.302:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.303:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.190:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adocean : Cleaned.
:mozilla.87:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adocean : Cleaned.
:mozilla.24:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Adtech : Cleaned.
:mozilla.25:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Adtech : Cleaned.
:mozilla.33:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.34:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.55:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.56:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.126:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Advertising : Cleaned.
:mozilla.127:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Advertising : Cleaned.
:mozilla.154:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.155:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.156:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.127:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.14:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.153:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.33:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.83:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.86:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.104:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Burstnet : Cleaned.
:mozilla.106:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.107:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.108:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.109:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.110:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.112:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.113:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.114:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.115:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.116:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.117:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.118:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.161:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.162:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.163:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.287:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.288:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.33:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.34:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.35:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.36:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.37:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.272:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Clickzs : Cleaned.
:mozilla.273:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Clickzs : Cleaned.
:mozilla.250:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Com : Cleaned.
:mozilla.118:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.18:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.23:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.51:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.10:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.11:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.12:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.13:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.9:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.15:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.16:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.56:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.57:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.58:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.59:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.60:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.72:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.73:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.74:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.75:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.76:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.115:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.116:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.259:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.260:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.262:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.269:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.270:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.271:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.272:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.283:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.284:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.56:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.57:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.58:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.68:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.69:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.70:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Masterstats : Cleaned.
:mozilla.85:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.92:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.152:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.15:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.186:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.7:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.221:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Paycounter : Cleaned.
:mozilla.266:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Paypopup : Cleaned.
:mozilla.120:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.121:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.122:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.137:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.138:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.46:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.47:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.48:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.49:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.50:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.79:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.80:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.81:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.82:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.83:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.105:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.106:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.107:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.108:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.109:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.110:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.275:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.276:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.277:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.278:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.279:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.280:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.122:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Sextracker : Cleaned.
:mozilla.123:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Sextracker : Cleaned.
:mozilla.10:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.11:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.12:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.9:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.304:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tacoda : Cleaned.
:mozilla.17:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.17:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.18:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.18:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.26:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.26:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.27:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.27:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.42:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.43:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Juss\Cookies\juss@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.111:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.67:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.71:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.83:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.114:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.51:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.52:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.53:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.54:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.62:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.63:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.93:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.30:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.31:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.32:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.95:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.96:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.97:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.98:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.99:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
|
|
juuza
Newbie
|
12. maaliskuuta 2007 @ 16:00 |
Linkki tähän viestiin
|
Tosta linkistä tuli vissiin vähän uudempi versio tai jotain, kun mulla ei mitään liukusäädintä oo tossa General Settingsissä.
EDIT: Joo se oli vähän eri paikassa ;)
Tässä HjT:
Logfile of HijackThis v1.99.1
Scan saved at 21:04:37, on 12.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\honestech One Touch DVD\Receiver.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: honestech One Touch DVD Receiver.lnk = C:\Program Files\honestech One Touch DVD\Receiver.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe
Ja Smitfraud:
SmitFraudFix v2.148
Scan done at 21:03:22,85, ma 12.03.2007
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ARVOJA~1\SUOSIKIT
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32
»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 12. maaliskuuta 2007 @ 16:05
|
|
Mainos
|
|
|
|
tomato71
Suspended due to non-functional email address
|
12. maaliskuuta 2007 @ 19:50 |
Linkki tähän viestiin
|
|
Moi!
Loki alkaa näyttää hyvältä :)
Poista seuraavat kansiot:
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU
C:\Program Files\Save
Ja sitten aja Smitfraudfixi optio 2 uudestaan vikasietotilassa!!! ja lähetä loki
|
|
