|
Kone hidastunut ja Win restore kansiossa viruksia joita ei voi korjata
|
|
Senior Member
13 tuotearviota
|
14. maaliskuuta 2007 @ 04:26 |
Linkki tähän viestiin
|
Tein virusskannauksen pitkästä aikaa koneen buuttauksen yhteydessä ja
viruksia löytyi ainakin Windows:n restore kansiosta.
Tässä HjT-loki:
Logfile of HijackThis v1.99.1
Scan saved at 9:23:50, on 14.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Java\bin\jusched.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {177C9F14-369E-EA57-3E47-8C523130D3B8} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Java\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/2002...meInstaller.exe
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
|
|
Auttaja
Suspended permanently
|
14. maaliskuuta 2007 @ 04:57 |
Linkki tähän viestiin
|
1. Käynnistä Spybot-S&D Edistyneessä tilassa
2. Jos se ei ole Edistyneessä tilassa, mene Tila-valikkoon ja valitse Edistynyt tila
3. Klikkaa vasemmalla Työkalut
4. Klikkaa listassa Pysyvä suojaus
5. Ota rasti pois kohdasta "Pysyvä TeaTimer" ja paina OK.
6. Käynnistä kone uudelleen
******************
Avaa hijactkhis, merkkaa ja fixaa (fix checked) nää rivit
O2 - BHO: (no name) - {177C9F14-369E-EA57-3E47-8C523130D3B8} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://a1540.g.akamai.net/7/1540/52/2002...meInstaller.exe
*******************************
lataa ATF Cleaner
http://www.atribune.org/ccount/click.php?id=1
Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman. Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasi Klikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)
**************************
Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.
[*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found"
[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä tietokone vikasietotilaan:
1. Käynnistä tietokone uudelleen.
2. Kun tietokone käynnistyy, paina F8-näppäintä.
3. Näyttöön tulee erilaisia käynnistysvaihtoehtoja.
4. Valitse näppäimistön nuolinäppäinten avulla Vikasietotila.
5. Paina ENTER-näppäintä.
HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestiketjuusi.
*********************
Javan päivitys ja välimuistin tyhjennys:
1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä: 
3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:
http://java.sun.com/javase/downloads/index.jsp
Rullaa alas kohteeseen Java Runtime Environment (JRE) 6
Paina Download
Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.
(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).
8. Varmista että kaikki kaksi valintaa ovat rastitettuja:
*Applications and Applets
*Trace and Log Files
Ja paina OK -nappia
9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Klikkaa OK jättääksesi Java asetusikkunasi.
*******************
Laita uusi HijackThis logi
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. maaliskuuta 2007 @ 05:14
|
|
Hujo
Suspended permanently
|
14. maaliskuuta 2007 @ 05:03 |
Linkki tähän viestiin
|
|
Realiaikaset ensin pois päältä. :D
Voiko tietsikka koskaan toimia?
|
Senior Member
13 tuotearviota
|
14. maaliskuuta 2007 @ 09:33 |
Linkki tähän viestiin
|
Huomiseen!
Vanhan javan poistin uusi vielä asentamatta.
Tässä AVG:n raportti:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 14:23:43 14.3.2007
+ Scan result:
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\4CA8941Ad01/install.exe -> Downloader.Small.edb : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD0B8d01/keygen.exe -> Downloader.Small.edb : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD2B8d01/keygen.exe -> Downloader.Small.edb : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD3B8d01/keygen.exe -> Downloader.Small.edb : Cleaned.
C:\WINDOWS\system32\eMusicTDB3P.dlltmp -> Dropper.Small.mh : Cleaned.
C:\System Volume Information\_restore{3DF71D1E-ECB5-488D-B468-4DEB3708CBB4}\RP1223\A0163769.exe -> Heuristic.Win32.Dialer : Cleaned.
:mozilla.177:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.178:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.179:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.180:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.571:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.62:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.63:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.584:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.585:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.628:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.629:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.125:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.675:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.714:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.715:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Centrport : Cleaned.
:mozilla.65:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.206:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.666:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.582:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.669:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.670:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.712:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.713:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.693:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.54:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.652:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.155:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.156:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.575:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.576:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.681:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.682:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.683:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.684:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.685:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.123:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.124:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.53:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.159:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.160:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.161:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.162:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.163:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.164:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.165:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.166:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.167:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.168:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.169:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.170:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.171:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.172:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.173:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.174:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.175:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.176:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.587:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.588:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.589:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.41:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.427:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.648:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.649:C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\4CA8941Ad01/crack.exe -> Trojan.Agent.qt : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD0B8d01/crack.exe -> Trojan.Agent.qt : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD2B8d01/crack.exe -> Trojan.Agent.qt : Cleaned.
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\931DD3B8d01/crack.exe -> Trojan.Agent.qt : Cleaned.
C:\WINDOWS\WHVLXD.DAT -> Trojan.Cloner.b : Cleaned.
C:\WINDOWS\hosts.0 -> Trojan.Delude.f : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182432.0xe -> Worm.Klez.h : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0183168.0xe -> Worm.Klez.h : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184920.0xe -> Worm.Klez.h : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188348.0xe -> Worm.Klez.h : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190080.0xe -> Worm.Klez.h : Cleaned.
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192603.0xe -> Worm.Klez.h : Cleaned.
::Report end
ja viimeisin HjT-loki:
Logfile of HijackThis v1.99.1
Scan saved at 14:33:56, on 14.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. maaliskuuta 2007 @ 09:35
|
|
Auttaja
Suspended permanently
|
14. maaliskuuta 2007 @ 10:08 |
Linkki tähän viestiin
|
jep kerrotko vielä yhteenvedon mitä käytät viruksentorjunta + palomuuri. poistellaan sitten turhat.
|
Senior Member
13 tuotearviota
|
14. maaliskuuta 2007 @ 13:35 |
Linkki tähän viestiin
|
Viruksentorjunta on Avast ja palomuurina Zyxelin Prestige 660-61HW:n oma palomuuri ja NAT.
Sanokaa ihmeessä jos eivät riitä, mutta eipä noiden kanssa ole ylimääräisiä tunkenut koneelle ennen nykyistä tilannetta =)
|
|
Auttaja
Suspended permanently
|
14. maaliskuuta 2007 @ 13:47 |
Linkki tähän viestiin
|
|
Wallpaper Calendar, onko millanen ohjelma? Ihan mielenkiinnosta kysyn.
Kyllä noi riittää, mutta poistetaa TrendMicron jämät jos et niitä käytä?
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
Fixaa noi rivit, sitten avaa suorita rivi ja kirjota siihen yksitellen ,aina välissä entteriä painaen, liitä vaikka noi siihen :)
sc delete "Trend Micro Personal Firewall"
sc delete "Trend NT Realtime Service"
sc delete "Trend Micro Proxy Service"
Poista tää kansio C:\Program Files\Trend Micro
Laita uusi logi.
|
Senior Member
13 tuotearviota
|
15. maaliskuuta 2007 @ 03:42 |
Linkki tähän viestiin
|
|
|
Senior Member
13 tuotearviota
|
15. maaliskuuta 2007 @ 03:50 |
Linkki tähän viestiin
|
Lainaus, alkuperäisen viestin kirjoitti Auttaja:
Fixaa noi rivit, sitten avaa suorita rivi ja kirjota siihen yksitellen ,aina välissä entteriä painaen, liitä vaikka noi siihen :)
sc delete "Trend Micro Personal Firewall"
sc delete "Trend NT Realtime Service"
sc delete "Trend Micro Proxy Service"
Poista tää kansio C:\Program Files\Trend Micro
Laita uusi logi.
Missä avaan "suorita rivi"?
|
|
Auttaja
Suspended permanently
|
15. maaliskuuta 2007 @ 03:58 |
Linkki tähän viestiin
|
|
itelläni näkyy ainakin tälleen
käynnistä valikko
ja sitten siinä oikealla puolella on
toinen vaihto ehto avaa
käynnistä
apuohjelmat
ja sieltä komento rivi
|
Senior Member
13 tuotearviota
|
15. maaliskuuta 2007 @ 04:08 |
Linkki tähän viestiin
|
|
Erikoista on se, että toi C:/program files/trend micro löytyi alla olevasta kansiosta ainoastaan.
Internet Security Setup_(AL-LORD)_(ArabsGate.com)/Setup/program files
EDIT: Voikohan tuon koko Internet Security Setup_(AL-LORD).. kansion poistaa?
E2: Kyseinen kansio on ZIP-tiedosto, josta ohjelman asennus tiedosto löytyy, varmasti voin poistaa :D
sitten.
Komentorivissä joka kohdassa kun olen komennon kirjoittanut tulee error:
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Timo Inkeroinen>sc delete "Trend Micro Personal Firew
ll"
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Timo Inkeroinen>sc delete "Trend NT Realtime Service"
[SC] OpenService FAILED 1060:
The specified service does not exist as an installed service.
C:\Documents and Settings\Timo Inkeroinen>sc delete "Trend Micro Proxy Service"
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 15. maaliskuuta 2007 @ 04:24
|
|
Auttaja
Suspended permanently
|
15. maaliskuuta 2007 @ 05:01 |
Linkki tähän viestiin
|
|
laita uusi logi niin tutkitaan lisää
|
Senior Member
13 tuotearviota
|
15. maaliskuuta 2007 @ 05:02 |
Linkki tähän viestiin
|
Logfile of HijackThis v1.99.1
Scan saved at 10:03:21, on 15.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
|
|
Auttaja
Suspended permanently
|
15. maaliskuuta 2007 @ 05:50 |
Linkki tähän viestiin
|
Avaa HijackThis merkkaa ja paina näille fix checked
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
Poista jos löytyy C:\Program Files\Trend Micro\
Laita uusi logi
|
Senior Member
13 tuotearviota
|
15. maaliskuuta 2007 @ 05:53 |
Linkki tähän viestiin
|
tein tuon jo aikaisemmin
nyt uudestaan
Logfile of HijackThis v1.99.1
Scan saved at 10:54:04, on 15.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\SYSTEM32\NOTEPAD.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
Edit: Nuo Trend Micro kohdat eivät suostu poistumaan.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 15. maaliskuuta 2007 @ 09:14
|
|
Auttaja
Suspended permanently
|
15. maaliskuuta 2007 @ 14:02 |
Linkki tähän viestiin
|
no ei oo viruksia niin antaa jäädä sinne :D
**********************
Avaa omatietokone
Paina oikealla napilla C: asemaa
->valitse ominaisuudet
Avaa työkalut välilehti
->aja virheen etsintä
->eheytä kiintolevy
*********
Lataa tuosta CCleaner ja asenna se: http://ccleaner.com/download/downloadpage.aspx?1
Kun asennat tätä ohjelmaa niin älä asenna sen mukana tulevaa yahoo-toolbaria. Tämä ohjelma
etsii ja poistaa ns. turhia tiedostoja koneeltasi eli esim: temp tiedostot ja tällä saat myös
puhdistettua rekisterisi.
|
Senior Member
13 tuotearviota
|
17. maaliskuuta 2007 @ 12:19 |
Linkki tähän viestiin
|
Noniin, pitkästä aikaa tulin koneelle. Siivoukset tehty tässä viimeinen HjT-loki.
Logfile of HijackThis v1.99.1
Scan saved at 17:20:05, on 17.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Trend Micro Personal Firewall (PccPfw) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\PccPfw.exe (file missing)
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Trend NT Realtime Service (Tmntsrv) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\Tmntsrv.exe (file missing)
O23 - Service: Trend Micro Proxy Service (tmproxy) - Unknown owner - C:\Program Files\Trend Micro\Internet Security\tmproxy.exe (file missing)
Kiitokset avusta!
|
Senior Member
13 tuotearviota
|
19. maaliskuuta 2007 @ 03:34 |
Linkki tähän viestiin
|
Voisiko joku vahvistaa että tuo yllä oleva HjT-loki on nyt kunnossa?
|
|
tomato71
Suspended due to non-functional email address
|
19. maaliskuuta 2007 @ 05:51 |
Linkki tähän viestiin
|
Moi!
Kyllä nuo trendmicron jämät olisi hyvä saada pois,eihän trendmicroa enää näy lisää/poista sovelluksessa ??
Tallenna alla oleva teksti(lihavoitu teksti) muistiossa nimellädelfd.bat työpöydälle
(tallennusmuoto kaikki tiedostot, *.*):
@ECHO OFF
sc stop Tmntsrv
sc delete Tmntsrv
sc stop tmproxy
sc delete tmproxy
sc stop PccPfw
sc delete PccPfw
Tuplaklikkaa delfd.bat, komentoikkuna välähtää; se on normaalia.
Käynnistä kone vikasietotilaan ja poista kansio C:\Program Files\Trend Micro
Lähetä uusi HjT-loki
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 19. maaliskuuta 2007 @ 05:51
|
Senior Member
13 tuotearviota
|
19. maaliskuuta 2007 @ 06:13 |
Linkki tähän viestiin
|
|
Tein ohjeen mukaisesti asiat, mutta Trend Micro kansiota yms. ei löydy koko koneelta.
Edit: eikä löydy mitään muutakaan trend alkuista kun koneelta hain.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 19. maaliskuuta 2007 @ 06:13
|
|
tomato71
Suspended due to non-functional email address
|
19. maaliskuuta 2007 @ 06:23 |
Linkki tähän viestiin
|
Ok :)
Lähetätkö vielä HjT-lokin niin varmistetaan että ne palvelut poistu
|
Senior Member
13 tuotearviota
|
19. maaliskuuta 2007 @ 06:25 |
Linkki tähän viestiin
|
Näytti poistuvan =)
Muuten kaikki kunnossa?
Logfile of HijackThis v1.99.1
Scan saved at 11:25:16, on 19.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTHELPER.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\United Devices\UD.EXE
C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
C:\Program Files\United Devices\ud_7174683.exe
C:\Program Files\United Devices\ud_7174683_0.dir\ud_ligfit_Release.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HJT\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mbnet.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.1
O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\Updreg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [FreeRAM XP] "C:\Program Files\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: UD Agent.lnk = C:\Program Files\United Devices\UD.EXE
O4 - Startup: Wallpaper Calendar.lnk = C:\Program Files\zepsoft\Wallpaper Calendar\WallCal3.exe
O4 - Global Startup: Adobe Gamma Loader.lnk.disabled
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .mpg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O16 - DPF: {05D44720-58E3-49E6-BDF6-D00330E511D3} (StagingUI Object) - http://zone.msn.com/binFrameWork/v10/StagingUI.cab46479.cab
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15015/CTSUEng.cab
O16 - DPF: {27527D31-447B-11D5-A46E-0001023B4289} (CoGSManager Class) - http://gamingzone.ubisoft.com/dev/packages/GSManager.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab31267.cab
O16 - DPF: {8EC79FEF-A1CA-11D4-940D-000021CA5F4D} (ImageUploaderCtrl Class) - http://eirikuva.shareaphoto.com/ImageUploader40.cab
O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (ZPA_TexasHoldem Object) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab50108.cab
O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 - DPF: {BE833F39-1E0C-468C-BA70-25AAEE55775E} (System Requirements Lab) - http://www.systemrequirementslab.com/sysreqlab.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment 1.4.0) -
O16 - DPF: {CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA} (Java Runtime Environment 1.4.1_01) -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O16 - DPF: {DA2AA6CF-5C7A-4B71-BC3B-C771BB369937} (StadiumProxy Class) - http://zone.msn.com/binframework/v10/StProxy.cab41227.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15014/CTPID.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/Sol...wn.cab31267.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: Avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: Avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
|
|
tomato71
Suspended due to non-functional email address
|
19. maaliskuuta 2007 @ 06:37 |
Linkki tähän viestiin
|
Sinne läks :)
Voit tyhjentää AVG:n karanteenin:
Avaa AVG Anti Spyware
-> Infections
-> Selet All
-> Remove finally
-> Kyllä
-> Sulje Ohjelma
ja siiten vielä varmistus ennen kuin putsataan järjestelmä palautus(sen verran paljon örkkejä tuo AVG löysi)
Skannaa koneesi Kaspersky Online Skannerilla
Käytä Inetrrnet Explorer
Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.[list]
[*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
[*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
[*] Klikkaa nyt asetuksia, Scan Settings
[*] Tarkista asetuksista, että seuraavat ovat valittuina:
o Scan using the following Anti-Virus database:
+ Extended (Jos valittavissa, muuten valitse Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
[*] Klikkaa OK
[*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
[*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
[*] Klikkaa nyt Save as Text-painiketta.
[*] Tallenna tiedosto työpöydällesi.
[*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.[/list][/size]
|
Senior Member
13 tuotearviota
|
19. maaliskuuta 2007 @ 09:34 |
Linkki tähän viestiin
|
Noniin, lisää viruksia 7 infected objects 62 :(
Kävi kyllä sillai, että noista osa voi olla sen AVG Quarantine tiedostoja, kun olen sen aikaisemmin poistanut.
-------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER REPORT
Monday, March 19, 2007 2:34:34 PM
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.83.0
Kaspersky Anti-Virus database last update: 19/03/2007
Kaspersky Anti-Virus database records: 283004
-------------------------------------------------------------------------------
Scan Settings:
Scan using the following antivirus database: extended
Scan Archives: true
Scan Mail Bases: true
Scan Target - My Computer:
A:\
C:\
D:\
E:\
F:\
G:\
Scan Statistics:
Total number of scanned objects: 127386
Number of viruses found: 7
Number of infected objects: 62 / 0
Number of suspicious objects: 0
Duration of the scan process: 02:26:10
Infected Object Name / Virus Name / Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\LocalService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService.NT AUTHORITY\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\cert8.db Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\flashgot.log Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\history.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\key3.db Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\parent.lock Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\search.sqlite Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\urlclassifier2.sqlite Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\Logs\Dfsr00005.log Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\pending.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\Working\database_A0_1E3C_A01E_391C\dfsr.db Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\Working\database_A0_1E3C_A01E_391C\fsr.log Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\Working\database_A0_1E3C_A01E_391C\fsrtmp.log Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Messenger\opiskelija82@hotmail.com\SharingMetadata\Working\database_A0_1E3C_A01E_391C\tmp.edb Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Windows Live Contacts\opiskelija82@hotmail.com\real\members.stg Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Microsoft\Windows Live Contacts\opiskelija82@hotmail.com\shadow\members.stg Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\_CACHE_001_ Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\_CACHE_002_ Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\_CACHE_003_ Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Application Data\Mozilla\Firefox\Profiles\r4l8qb35.Oletuskäyttäjä\Cache\_CACHE_MAP_ Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\History\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\History\History.IE5\MSHist012007031920070320\index.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\Perflib_Perfdata_67c.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\~DF711B.tmp Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\~DF713F.tmp Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\~DF8ABD.tmp Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\~DF8B16.tmp Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temp\~DF91A7.tmp Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\ntuser.dat Object is locked skipped
C:\Documents and Settings\Timo Inkeroinen\ntuser.dat.LOG Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\aswResp.dat Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\Avast4.db Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\AshWebSv.ws Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\aswMaiSv.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\log\nshield.log Object is locked skipped
C:\Program Files\Alwil Software\Avast4\DATA\report\Taustasuojaus.txt Object is locked skipped
C:\Program Files\FinnishIRC XP\FIRC.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
C:\Program Files\HP\hpcoretech\hpcmerr.log Object is locked skipped
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.603 skipped
C:\Program Files\United Devices\tkcp.ud Object is locked skipped
C:\Program Files\United Devices\ud_7174683_0.dir\ligfit_mp_UD.out Object is locked skipped
C:\Program Files\United Devices\ud_7174683_0.dir\ligfit_mp_UD.sco Object is locked skipped
C:\Program Files\United Devices\ud_7174683_0.dir\ligfit_mp_UD.sd Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{3DF71D1E-ECB5-488D-B468-4DEB3708CBB4}\RP1223\A0163759.exe/proxy.exe Infected: not-a-virus:Server-Proxy.Win32.Acceleration skipped
C:\System Volume Information\_restore{3DF71D1E-ECB5-488D-B468-4DEB3708CBB4}\RP1223\A0163759.exe ZIP: infected - 1 skipped
C:\System Volume Information\_restore{3DF71D1E-ECB5-488D-B468-4DEB3708CBB4}\RP1227\change.log Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178684.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178684.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178684.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178684.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178844.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178845.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178846.ocx Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178847.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178848.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178849.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178850.sys Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178851.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178852.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178864.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178865.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178866.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178867.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178868.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178869.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178870.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0178871.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0180579.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0180579.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0180579.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0180579.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182381.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182465.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182465.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182465.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182465.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182620.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182621.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182622.ocx Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182623.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182624.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182625.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182626.sys Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182627.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182628.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182640.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182641.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182642.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182643.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0182644.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184565.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184648.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184648.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184648.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184648.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184868.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184952.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184952.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184952.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0184952.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0185900.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0185901.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0185906.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0185907.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0186692.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0186693.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0186698.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0186699.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188267.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188381.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188381.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188381.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0188381.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190018.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190139.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190139.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190139.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0190139.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191814.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191815.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191820.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191821.exe Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192184.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192185.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192186.ocx Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192187.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192188.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192189.sys Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192190.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192198.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192199.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192200.inf Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192201.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192202.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0192203.dll Object is locked skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198665.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198752.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198752.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198752.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198752.exe Inno: infected - 3 skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0198899.exe Infected: not-a-virus:AdWare.Win32.CommonName.p skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0199181.exe/data0004/cd_clint.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0199181.exe/data0004/cd_htm.dll Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0199181.exe/data0004 Infected: not-a-virus:AdWare.Win32.Cydoor skipped
C:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0199181.exe Inno: infected - 3 skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\Antivirus.Evt Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\drivers\sptd.sys Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\Temp\Perflib_Perfdata_730.dat Object is locked skipped
C:\WINDOWS\Temp\_avast4_\Webshlock.txt Object is locked skipped
C:\WINDOWS\temp.0xe Infected: not-a-virus:Client-IRC.Win32.mIRC.582 skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
C:\WINDOWS\{00000000-00000000-00000009-00001102-00000004-00531102}.CDF Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
D:\System Volume Information\_restore{3DF71D1E-ECB5-488D-B468-4DEB3708CBB4}\RP1227\change.log Object is locked skipped
D:\System Volume Information\_restore{6ACF6DBE-BB38-4280-B85A-8E8622474B83}\RP2\A0000096.exe Object is locked skipped
D:\System Volume Information\_restore{6ACF6DBE-BB38-4280-B85A-8E8622474B83}\RP2\A0000097.inf Object is locked skipped
D:\System Volume Information\_restore{6ACF6DBE-BB38-4280-B85A-8E8622474B83}\RP2\A0000098.dll Object is locked skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0179722.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0179722.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0181581.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP38\A0181581.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0183353.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0183353.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0186354.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP39\A0186354.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0187932.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0187932.exe WiseSFX: infected - 1 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191320.exe/WISE0087.BIN Infected: not-a-virus:AdWare.Win32.Gator.1050 skipped
D:\System Volume Information\_restore{BB46D2D4-F4F9-46F6-B4BE-CA25C0D99804}\RP40\A0191320.exe WiseSFX: infected - 1 skipped
D:\Timo\Ohjelmia\IRC\Firc30.exe/data0002 Infected: not-a-virus:Client-IRC.Win32.mIRC.601 skipped
D:\Timo\Ohjelmia\IRC\Firc30.exe Inno: infected - 1 skipped
Scan process completed.
|
|
Mainos
|
|
|
|
tomato71
Suspended due to non-functional email address
|
19. maaliskuuta 2007 @ 09:49 |
Linkki tähän viestiin
|
Moi!
juu.. ne on ne :)
poistetaan niitä koneelta puhdistelemalla järjestelmän palautuksen
näin...
Putsaa järjestelmän palautus:
1. Klikkaa oikealla käynnistävalikon My Computer- tai oma tietokone-kuvaketta
2. Valitse Properties/ominaisuudet
3. Valitse System Restore/järjestelmän palauttaminen välilehti
4. Valitse "Turn off System Restore"/poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Apply/käytä
6. Paina OK
7. Käynnistä kone uudelleen
8. Palauta asetukset takaisin
ja muutama vinkki ;)
Pysy Puhtaana !
Käytä Firefox
Firefox on nopeampi turvallisempi selain kuin Internet Explorer
Lataa Firefox
Asenna Hosts-tiedosto
Hosts-tiedosto estää haitalliset internet-osoitteet
Lataa Hosts-tiedosto
Opas!
Asenna AVG Anti-Spyware
AVG Anti-Spyware poistaa haittaohjelmia ja puhdistaa myös rekisteriä
Lataa AVG Anti-Spyware
Opas!
Asenna Ccleaner
Ccleaner puhdistaa väliaikaistiedostot ja rekisteriä
Lataa Ccleaner
Opas!
Asenna SpywareBlaster
SpywareBlaster estää haittaohjelmien asentumista koneelle
Lataa SpywareBlaster
Opas!
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste.
Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.
Opas!
Pidä järjestelmäsi ajantasalla
Windows Update
Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
Taistele vastaan!!--> Malware Complaints
Sivusto antaa haittaohjelmien uhreille mahdollisuuden kertoa tarinansa ja tehdä valituksen asiasta. Taistellaan yhdessä haittaohjelmien tekijöitä vastaan!
|
