|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
Win32:Obfuscated-BPO HJT logi
|
|
|
LAMPPU1
Junior Member
|
3. elokuuta 2007 @ 12:38 |
Linkki tähän viestiin
|
Tässä olisi hjt logi eli kyseinen ,Win32:Obfuscated-BPO, troijalainen löytyy koko ajan koneelta. Koneellani oli jo Hijackthis versio 1.99.1 olisiko pitänyt ladata uudempi versio? Jokatapauksessa tässä on se loki:
Logfile of HijackThis v1.99.1
Scan saved at 16:35:34, on 3.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PAFPoker\PAFPoker.exe
C:\HJT\scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holkkari.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\Messenger Plus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\Agnitum\OUTPOS~1.0\feedback.exe /dump:os_startup
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Rule 64] C:\DOCUME~1\HP_OMI~1\APPLIC~1\FLAWRO~1\ForSoap.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\PROGRA~1\Agnitum\OUTPOS~1.0\Plugins\BrowserBar\ie_bar.dll (file missing)
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
Apua siis kaivataan, kiitos.
|
|
Hujo
Suspended permanently
|
3. elokuuta 2007 @ 22:06 |
Linkki tähän viestiin
|
Päivitä AVG Anti-Spyware 7.5 ja aja vikasiedossa.
===================
Lataa tuolta http://www.ccleaner.com/download/builds.aspx
CCleaner v1.41.544 - Basic, ÄLÄ aseenna Yahoo toolbaria!
laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.
aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi
===============
Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki1
Linkki2
Linkki3
1.Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
2.Tuplaklikkaa NoLop.exe ajaaksesi sen
3.Klikkaa nappulaa "Search and Destroy"
<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
4, Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
5. Klikkaa "REBOOT"-painiketta.
6. NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
-- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 3. elokuuta 2007 @ 22:12
|
|
Auttaja
Suspended permanently
|
4. elokuuta 2007 @ 05:35 |
Linkki tähän viestiin
|
Jos käytät vain Windowsin omaa palomuuria, niin se ei ole riittävä suoja. Lataa vaikka näistä kolmesta Yksi palomuuri koneellesi ja asenna se. Poista sitten myös windowsin palomuuri käytöstä. Nämä 3 ovat aika suosittuja ja ilmaisia palomuureja:
Comodo
Kerio
Zonealarm
========
Laita siis uusi hijackthis ja nolopin logi..
|
|
LAMPPU1
Junior Member
|
8. elokuuta 2007 @ 11:59 |
Linkki tähän viestiin
|
Vihdoinkin taas internet-yhteys toimii!!!
Nyt auttaja ja muut ammattilaiset, täytyy lähteä liikkeelle ihan alusta, miten käynnistän sen vikasietotilan? Ja ajan ohjelman?
Miten vältän asentamasta yahoo tool barin?
MIstä tämä löytyy:
"laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot."
aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi
sori taas mutta mikä nappi?
TOn nolopin luulen osaavani asentaa ja ajaa. Mutta oikeasti jos jollain olisi voimia kertoa tai siis vääntää rautalangasta toi ylenpänä oleva, kiitos oikeasti.
T: Amatööri.
|
|
LAMPPU1
Junior Member
|
8. elokuuta 2007 @ 14:30 |
Linkki tähän viestiin
|
Hei taas
Suoritin haun täällä afterdawnin sivuilla hakusanalla vikasietotila ja sillä löytyi jollekin annettu neuvo että paina f8-näppäintä ennenku tietokone käynnistyy niin pääsee vikasietotilaan. Yritin sitä mutta mitään ei tapahdu??? Avg on päivitetty ja cc-cleanerkin on jo odottamassa. Jos joku osaisi neuvoa, vissiin kuitenkin on aivan yksinkertainen toiminpide se vikasietoon meno....?
|
|
Auttaja
Suspended permanently
|
8. elokuuta 2007 @ 18:19 |
Linkki tähän viestiin
|
Käynnistä tietokone vikasietotilaan:
tossa vähän ohjeen tynkää..
Laita se nolopin loki.. ja avg as raportti.. seuraavaan vastaukseen.. myös uusi hjtlogi.
|
|
LAMPPU1
Junior Member
|
8. elokuuta 2007 @ 21:58 |
Linkki tähän viestiin
|
Tässä avg skannaus tulos:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:14:10 9.8.2007
+ Scan result:
C:\Program Files\WinZix\WinZixManager.dll -> Adware.WinZix : Ignored.
C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP622\A0129562.exe -> Adware.WinZix : Ignored.
:mozilla.210:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.386:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.441:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.93:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.94:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.102:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.103:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.104:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.105:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.106:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.132:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.133:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.60:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.61:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.100:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.122:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.123:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.124:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.97:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.98:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.99:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.250:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Supailijat\Cookies\supailijat@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.350:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.237:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.240:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.241:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.242:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.392:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.364:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.214:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.215:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.216:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.217:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.106:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.16:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.130:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.369:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.197:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.198:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.199:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.224:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.225:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.365:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.366:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.367:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.321:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.89:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.27:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.469:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.470:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.166:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.167:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.169:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.136:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.137:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.138:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.139:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.140:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.141:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.244:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.245:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.246:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.432:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.433:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.252:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.399:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Skype : Cleaned.
:mozilla.447:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.448:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.449:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.11:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.19:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\Supailijat\Cookies\supailijat@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.126:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.127:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.128:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.129:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.130:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.55:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.56:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.57:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.58:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.59:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.111:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.112:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.61:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.63:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.68:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.69:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.48:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.49:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.50:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.51:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.52:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Tässä NoLopin:
NoLop! Log by Skate_Punk_21
Please Note: any existing old logs will have now been renamed to NoLop!OLD.log
Fix running from: C:\Documents and Settings\HP_Omistaja\Työpöytä
[9.8.2007]
[1:42:40]
---Infection Files Found/Removed---
NO INFECTION FILES FOUND - Cleaning Aborted.
---Listing AppData sub directories---
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Antivir Personaledition Classic
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Avg7 -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Cyberlink
C:\Documents and Settings\All Users\Application Data\Downloaded Installations -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Grisoft
C:\Documents and Settings\All Users\Application Data\Hewlett-packard
C:\Documents and Settings\All Users\Application Data\Hp
C:\Documents and Settings\All Users\Application Data\Intervideo
C:\Documents and Settings\All Users\Application Data\Licensefacesixthpoll
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Motive
C:\Documents and Settings\All Users\Application Data\Msn6
C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Pc Suite
C:\Documents and Settings\All Users\Application Data\Pixelstorm
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Skype
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Apple Computer
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\Intervideo
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Default User\Application Data\Sun
C:\Documents and Settings\Default User\Application Data\Symantec
C:\Documents and Settings\Hp_omistaja\Application Data\Adobe
C:\Documents and Settings\Hp_omistaja\Application Data\Adobeum
C:\Documents and Settings\Hp_omistaja\Application Data\Apple Computer
C:\Documents and Settings\Hp_omistaja\Application Data\Arcsoft
C:\Documents and Settings\Hp_omistaja\Application Data\Bsplayer Pro
C:\Documents and Settings\Hp_omistaja\Application Data\Comodo
C:\Documents and Settings\Hp_omistaja\Application Data\Datalayer
C:\Documents and Settings\Hp_omistaja\Application Data\Flaw Roam
C:\Documents and Settings\Hp_omistaja\Application Data\Help
C:\Documents and Settings\Hp_omistaja\Application Data\Hp
C:\Documents and Settings\Hp_omistaja\Application Data\Identities
C:\Documents and Settings\Hp_omistaja\Application Data\Intervideo
C:\Documents and Settings\Hp_omistaja\Application Data\Lavasoft
C:\Documents and Settings\Hp_omistaja\Application Data\Leadertech
C:\Documents and Settings\Hp_omistaja\Application Data\Macromedia
C:\Documents and Settings\Hp_omistaja\Application Data\Media Player Classic
C:\Documents and Settings\Hp_omistaja\Application Data\Microgaming
C:\Documents and Settings\Hp_omistaja\Application Data\Microsoft
C:\Documents and Settings\Hp_omistaja\Application Data\Microsoft Web Folders -- EMPTY Directory
C:\Documents and Settings\Hp_omistaja\Application Data\Motive
C:\Documents and Settings\Hp_omistaja\Application Data\Mozilla
C:\Documents and Settings\Hp_omistaja\Application Data\Msn6
C:\Documents and Settings\Hp_omistaja\Application Data\Nokia
C:\Documents and Settings\Hp_omistaja\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Hp_omistaja\Application Data\Pc Suite
C:\Documents and Settings\Hp_omistaja\Application Data\Real
C:\Documents and Settings\Hp_omistaja\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Hp_omistaja\Application Data\Skype
C:\Documents and Settings\Hp_omistaja\Application Data\Sonic
C:\Documents and Settings\Hp_omistaja\Application Data\Sun
C:\Documents and Settings\Hp_omistaja\Application Data\Symantec
C:\Documents and Settings\Hp_omistaja\Application Data\Veritas
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Apple Computer
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Identities
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Intervideo
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Microsoft
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Sun
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Symantec
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Supailijat\Application Data\Adobe
C:\Documents and Settings\Supailijat\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Apple Computer
C:\Documents and Settings\Supailijat\Application Data\Arcsoft
C:\Documents and Settings\Supailijat\Application Data\Bsplayer Pro
C:\Documents and Settings\Supailijat\Application Data\Comodo
C:\Documents and Settings\Supailijat\Application Data\Datalayer
C:\Documents and Settings\Supailijat\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Hp
C:\Documents and Settings\Supailijat\Application Data\Identities
C:\Documents and Settings\Supailijat\Application Data\Image Zone Express
C:\Documents and Settings\Supailijat\Application Data\Intervideo
C:\Documents and Settings\Supailijat\Application Data\Lavasoft
C:\Documents and Settings\Supailijat\Application Data\Leadertech
C:\Documents and Settings\Supailijat\Application Data\Macromedia
C:\Documents and Settings\Supailijat\Application Data\Media Player Classic
C:\Documents and Settings\Supailijat\Application Data\Microsoft
C:\Documents and Settings\Supailijat\Application Data\Mozilla
C:\Documents and Settings\Supailijat\Application Data\Nokia
C:\Documents and Settings\Supailijat\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Supailijat\Application Data\Pc Suite
C:\Documents and Settings\Supailijat\Application Data\Real
C:\Documents and Settings\Supailijat\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Skype
C:\Documents and Settings\Supailijat\Application Data\Sonic
C:\Documents and Settings\Supailijat\Application Data\Sun
C:\Documents and Settings\Supailijat\Application Data\Symantec
C:\Documents and Settings\Supailijat\Application Data\Veritas
Ja viimeiseksi uusin HJT-loki:
Logfile of HijackThis v1.99.1
Scan saved at 1:49:42, on 9.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Messenger Plus! 3\MsgPlus.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holkkari.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
|
|
Auttaja
Suspended permanently
|
9. elokuuta 2007 @ 06:57 |
Linkki tähän viestiin
|
|
|
LAMPPU1
Junior Member
|
9. elokuuta 2007 @ 09:28 |
Linkki tähän viestiin
|
Kysymys vielä: Palomuuri kysyy koko ajan että lasketaanko PCHButton. exe nettiin, mitä teen, nyt en ole laskenut?
Tässä olisi kyseiset tiedostot:
Deckard's System Scanner v20070807.62
Run by HP_Omistaja on 2007-08-09 at 13:13:26
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
61: 2007-08-09 10:13:32 UTC - RP634 - Deckard's System Scanner Restore Point
60: 2007-08-09 09:59:01 UTC - RP633 - ennen mesen poistoo
59: 2007-08-08 13:50:37 UTC - RP632 - Järjestelmän tarkistuspiste
58: 2007-08-05 14:12:02 UTC - RP631 - Järjestelmän tarkistuspiste
57: 2007-08-04 13:37:52 UTC - RP630 - Järjestelmän tarkistuspiste
-- First Restore Point --
1: 2007-05-07 15:18:23 UTC - RP574 - Järjestelmän tarkistuspiste
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as HP_Omistaja.exe) -----------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 13:14:18, on 9.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\dss.exe
C:\HJT\HP_Omistaja.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holkkari.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\MsgPlusUninst.bat"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
-- HijackThis Fixed Entries (C:\HJT\backups\) ----------------------------------
backup-20051130-180206-552 O4 - HKLM\..\Run: [msqsearc] c:\windows\system32\msqsearc.exe /install
backup-20051130-180206-897 O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
backup-20051130-191655-700 O4 - HKLM\..\Run: [msqsearc] c:\windows\system32\msqsearc.exe /install
backup-20070809-131222-333 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
backup-20070809-131222-365 R1 - HKLM\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
backup-20070809-131222-542 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customiz...//www.yahoo.com
backup-20070809-131222-553 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
backup-20070809-131222-636 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
backup-20070809-131222-728 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://red.clientapps.yahoo.com/customiz.../search/ie.html
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys
R1 ewido security suite driver - c:\program files\ewido\security suite\guard.sys
R1 sscdbhk5 - c:\windows\system32\drivers\sscdbhk5.sys
R1 ssrtln - c:\windows\system32\drivers\ssrtln.sys
R2 drvnddm - c:\windows\system32\drivers\drvnddm.sys
R2 tfsnboio - c:\windows\system32\dla\tfsnboio.sys
R2 tfsncofs - c:\windows\system32\dla\tfsncofs.sys
R2 tfsndrct - c:\windows\system32\dla\tfsndrct.sys
R2 tfsndres - c:\windows\system32\dla\tfsndres.sys
R2 tfsnifs - c:\windows\system32\dla\tfsnifs.sys
R2 tfsnopio - c:\windows\system32\dla\tfsnopio.sys
R2 tfsnpool - c:\windows\system32\dla\tfsnpool.sys
R2 tfsnudf - c:\windows\system32\dla\tfsnudf.sys
R2 tfsnudfa - c:\windows\system32\dla\tfsnudfa.sys
R3 Afc (PPdus ASPI Shell) - c:\windows\system32\drivers\afc.sys
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys
S3 SOCKFILT.DLL (Outpost Firewall PlugIn (SOCKFILT.DLL)) - c:\progra~1\agnitum\outpos~1.0\kernel\sockfilt.dll (file missing)
S3 USBVSP - c:\windows\system32\drivers\usbvsp.sys USB Serial Adapter>
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R3 ServiceLayer - "c:\program files\common files\pcsuite\services\servicelayer.exe" Nokia.; PC Connectivity Solution>
S4 ewido security suite guard - c:\program files\ewido\security suite\ewidoguard.exe
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-08-03 19:33:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-07-09 and 2007-08-09 -----------------------------
2007-08-09 01:39:39 212 --a------ C:\delete.bat
2007-08-09 01:36:58 0 dr-h----- C:\Documents and Settings\HP_Omistaja\Recent
2007-08-09 01:29:00 0 d-------- C:\Program Files\CCleaner
2007-08-04 16:15:07 0 d-------- C:\Documents and Settings\Supailijat\Application Data\Comodo
2007-08-03 22:50:22 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\Comodo
2007-08-03 22:50:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-08-03 22:47:58 0 d-------- C:\Program Files\Comodo
2007-07-25 12:03:07 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-07-18 13:17:39 11264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-07-13 14:21:27 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
-- Find3M Report ---------------------------------------------------------------
2007-08-08 21:26:33 0 d-------- C:\Program Files\PAFPoker
2007-08-02 15:23:05 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\flaw roam
2007-08-01 15:45:39 0 d-------- C:\Program Files\eMule
2007-07-26 04:31:41 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\Skype
2007-07-21 17:27:04 0 d-------- C:\Program Files\XviD
2007-07-18 13:20:17 4212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-05-31 15:04:00 7563 --a------ C:\WINDOWS\mozver.dat
2007-05-10 00:10:03 230432 --a------ C:\StiImg.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14.03.2007 03:43]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [08.05.1998 00:04]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [15.04.2004 04:43]
"NvCplDaemon"="C:\WINDOWS\System32\NvCpl.dll" [02.07.2004 07:12]
"nwiz"="nwiz.exe" [02.07.2004 07:12 C:\WINDOWS\system32\nwiz.exe]
"SiS Windows KeyHook"="C:\WINDOWS\System32\keyhook.exe" [20.05.2004 17:47]
"AGRSMMSG"="AGRSMMSG.exe" [04.03.2005 12:01 C:\WINDOWS\AGRSMMSG.exe]
"dla"="C:\WINDOWS\system32\dla\tfswctrl.exe" [19.11.2002 04:50]
"DVDBitSet"="C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" [08.01.2003 01:33]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 12:50]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [18.10.2005 12:58]
"KBD"="C:\HP\KBD\KBD.EXE" [02.02.2005 16:44]
"PCSuiteTrayApplication"="C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.exe" [15.06.2006 12:36]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [19.02.2006 03:41]
"avast!"="C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe" [30.04.2007 18:42]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [16.02.2007 11:54]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [03.08.2007 22:47]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Acme.PCHButton"="C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe" [01.01.2004 19:57]
"PcSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [27.06.2006 16:21]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [15.09.2004 02:12]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]
"MessengerPlusUninstall"=C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\MsgPlusUninst.bat"
C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
Adobe Gamma Loader.exe.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [6.1.2005 20:59:01]
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.9.2005 23:05:26]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [19.2.2006 5:21:22]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{421f6ee2-22aa-11d9-8f25-806d6172696f}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Info.exe protect.ed 480 480
-- End of Deckard's System Scanner: finished at 2007-08-09 at 13:15:43 ---------
Deckard's System Scanner v20070807.62
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6
CPU 0: AMD Athlon(tm) XP 3200+
Percentage of Memory in Use: 56%
Physical Memory (total/avail): 511.48 MiB / 223.52 MiB
Pagefile Memory (total/avail): 1250.68 MiB / 854.82 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1959.51 MiB
C: is Fixed (NTFS) - 181.87 GiB total, 28.17 GiB free.
D: is Fixed (FAT32) - 4.42 GiB total, 0.98 GiB free.
E: is CDROM (No Media)
F: is CDROM (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
AntiVirusDisableNotify is set.
FirewallDisableNotify is set.
FirewallOverride is set.
FW: COMODO Firewall Pro v2.3.035 (COMODO)
AV: avast! antivirus 4.7.1001 [VPS 000764-2] v4.7.1001 (ALWIL Software)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\Internet Explorer\\iexplore.exe"="C:\\Program Files\\Internet Explorer\\iexplore.exe:*:Disabled:Internet Explorer"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Kaspersky\\kavupd.exe"="C:\\Kaspersky\\kavupd.exe:*:Enabled:kavupd"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqnrs08.exe:*:Enabled:hpqnrs08.exe"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:MSN Messenger 7.5"
"C:\\Program Files\\Skype\\Phone\\Skype.exe"="C:\\Program Files\\Skype\\Phone\\Skype.exe:*:Enabled:Skype"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Omistaja\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=ATM1
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Omistaja
LOGONSERVER=\\ATM1
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;c:\Python22;C:\Program Files\QuickTime\QTSystem\;
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 6 Model 10 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0a00
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_10\lib\ext\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
USERDOMAIN=ATM1
USERNAME=HP_Omistaja
USERPROFILE=C:\Documents and Settings\HP_Omistaja
VeriSign=C:\Program Files\VeriSign
VeriSignTemp=C:\Program Files\VeriSign\Temp
VRSN=C:\Program Files\VeriSign
VRSNTemp=C:\Program Files\VeriSign\Temp
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
HP_Omistaja (admin)
Supailijat (admin)
Järjestelmänvalvoja (new local, admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {60E971B7-51A0-48CA-8687-C6B8F094A409}
--> C:\WINDOWS\System32\\MSIEXEC.EXE /x {8214CC02-6271-4DC8-B8DD-779933450264}
--> c:\WINDOWS\System32\\MSIEXEC.EXE /x {9541FED0-327F-4df0-8B96-EF57EF622F19}
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E06E4F4E-72D6-4497-BFFD-BCB43077C2F4}\setup.exe" -l0xb -uninst
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Photoshop 6.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Adobe\Photoshop 6.0\Uninst.isu" -c"C:\Program Files\Adobe\Photoshop 6.0\Uninst.dll"
Adobe Reader 7.0.9 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70900000002}
Adobe SVG Viewer --> C:\WINDOWS\IsUninst.exe -f"C:\WINDOWS\System32\Adobe\SVG Viewer\Uninst.isu"
Agere Systems PCI Soft Modem --> agrsmdel
Apple Software Update --> MsiExec.exe /I{A260B422-70E1-41E2-957D-F76FA21266D5}
ArcSoft VideoImpression 2 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5BD29DC3-EE5C-4E1F-932D-94848CFDD39E}\Setup.exe" -l0x9
Arkanoid - The Virtual Isles --> C:\Program Files\Alawar\Arkanoid - The Virtual Isles\uninstal.exe
avast! Antivirus --> rundll32 C:\PROGRA~1\ALWILS~1\Avast4\Setup\setiface.dll,RunSetup
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
BitComet 0.86 --> C:\Program Files\BitComet\uninst.exe
BSPlayer --> "C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
CiD Help --> C:\DOCUME~1\HP_OMI~1\APPLIC~1\FLAWRO~1\ForSoap.exe -uninstall
COMODO Firewall Pro --> C:\Program Files\Comodo\Firewall\fwconfig.exe -uninstalln
DLA --> MsiExec.exe /I{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}
EasyCleaner --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F5346614-B7C4-4E94-826A-E2363155233D}\setup.exe" -l0x9 -removeonly
eMule --> "C:\Program Files\eMule\Uninstall.exe"
Enhanced Multimedia Keyboard Solution --> C:\HP\KBD\Install.exe /u
ewido security suite --> C:\Program Files\ewido\security suite\Uninstall.exe
Expekt Poker --> "C:\Program Files\Expekt\unins000.exe"
Football Tigers --> "C:\Program Files\Football Tigers\unins000.exe"
Full Tilt Poker --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D4C9692E-4EFA-4DA0-8B7F-9439466D9E31}\setup.exe" -l0x9 -removeonly
GdiplusUpgrade --> MsiExec.exe /I{5421155F-B033-49DB-9B33-8F80F233D4D5}
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
High Definition Audio Driver Package - KB835221 --> C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 1.99.1 --> C:\HJT\HijackThis.exe /uninstall
Hotfix-päivitys Windows XP:lle (KB914440) --> "C:\WINDOWS\$NtUninstallKB914440$\spuninst\spuninst.exe"
HP Customer Participation Program 7.0 --> C:\Program Files\HP\Digital Imaging\ExtCapUninstall\hpzscr01.exe -datfile hpqhsc01.dat
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
hp dvd writer --> "C:\Program Files\HP CD-DVD\Support\Uninstall.exe"
HP Image Zone 4.2 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.2 --> C:\Program Files\HP\Digital Imaging\{5E1494D4-3562-4FFB-B35C-600F80F6934C}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Imaging Device Functions 7.0 --> C:\Program Files\HP\Digital Imaging\DeviceManagement\hpzscr01.exe -datfile hpqbud01.dat
HP Photo & Imaging 3.5 - HP Devices --> C:\Program Files\HP\Digital Imaging\{15B9DC72-73F9-4d99-9E28-848D66DA8D99}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP Photosmart Essential --> MsiExec.exe /X{6994491D-D491-48F1-AE1F-E179C1FFFC2F}
HP Photosmart, Officejet and Deskjet 7.0.A --> C:\Program Files\HP\Digital Imaging\{BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}\setup\hpzscr01.exe -datfile hposcr11.dat
HP Software Update --> MsiExec.exe /X{BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}
HP Solution Center 7.0 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
HPIZ402 --> MsiExec.exe /X{8D9768AE-DE42-4A04-A461-2361A58C384D}
InterVideo WinDVD Creator 2 --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{872653C6-5DDC-488B-B7C2-CF9E4D9335E5} /l1035
J2SE Runtime Environment 5.0 Update 10 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150100}
J2SE Runtime Environment 5.0 Update 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150060}
J2SE Runtime Environment 5.0 Update 8 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150080}
Java 2 Runtime Environment, SE v1.4.2_03 --> MsiExec.exe /I{7148F0A8-6813-11D6-A77B-00B0D0142030}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Macromedia Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Medal of Honor Pacific Assault(tm) Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8F2F6F0B-B43B-4A64-B137-8E0CE3F76F5F}\setup.exe" -l0x9 -removeonly
MicroDVD --> C:\PROGRA~1\MicroDVD\UNWISE.EXE C:\PROGRA~1\MicroDVD\INSTALL.LOG
Microsoft Data Access Components KB870669 --> C:\WINDOWS\muninst.exe C:\WINDOWS\INF\KB870669.inf
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF040B-6000-11D3-8CFE-0150048383C9}
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA7}
Microsoft Word 2002 --> MsiExec.exe /I{911B040B-6000-11D3-8CFE-0050048383C9}
Microsoft Works 7.0 --> MsiExec.exe /I{323F6CCF-BBBA-41FB-AF39-62C4FE717CA4}
Mozilla Firefox (1.5.0.10) --> C:\PROGRA~1\MOZILL~1\uninstall\uninstall.exe /ua "1.5.0.10 (fi)"
MSN Messenger 7.5 --> MsiExec.exe /I{9A379B72-03EC-11DA-BFBD-00065BBDC0B5}
MSN Työkalupalkki --> C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\mtbs.exe c
Nero 6 Demo --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nokia Connectivity Adapter Cable DKU-5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F1BA3CD5-89DC-4273-8603-A75F33E9B335}\Setup.exe" -l0x9
Nokia Connectivity Cable Driver --> MsiExec.exe /X{6882DD11-33B8-4DEA-8305-7E765BF74BD3}
Nokia PC Connectivity Solution --> MsiExec.exe /I{0D80391C-0A72-43BB-9BC2-143F63CC111D}
Nokia PC Suite --> MsiExec.exe /I{531317A5-586A-4E36-87C1-CA823447B375}
NVIDIA Drivers --> C:\WINDOWS\System32\nvudisp.exe UninstallGUI
Pacific Poker --> C:\PROGRA~1\PACIFI~1\UNWISE.EXE C:\PROGRA~1\PACIFI~1\INSTALL.LOG
PAF Diamond Poker --> C:\Casino\PAFDIA~1\UNWISE.EXE C:\Casino\PAFDIA~1\INSTALL.LOG
PAF POKER (remove only) --> "C:\Program Files\PAFPoker\uninstall.exe"
Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB896727) --> "C:\WINDOWS\$NtUninstallKB896727$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
PowerDVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}\Setup.exe" -uninstall
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 combined Win32 extensions --> C:\Python22\Lib\SITE-P~1\UNWISE~1.EXE C:\Python22\Lib\SITE-P~1\w32inst.log
Python 2.2.1 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> MsiExec.exe /I{5E863175-E85D-44A6-8968-82507D34AE7F}
RecordNow --> MsiExec.exe /I{8214CC02-6271-4DC8-B8DD-779933450264}
ShowBiz DVD --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{60E80B13-8649-4A69-85E2-1AE99E061F43}\Setup.exe" -l0x9
Simple Backup --> MsiExec.exe /I{60E971B7-51A0-48CA-8687-C6B8F094A409}
SiS VGA Utilities --> Rundll32 SiSInst.dll,Uninstall VGA,R
Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Sonic RecordNow! --> MsiExec.exe /I{9541FED0-327F-4DF0-8B96-EF57EF622F19}
Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB883939) --> "C:\WINDOWS\$NtUninstallKB883939$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899588) --> "C:\WINDOWS\$NtUninstallKB899588$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB903235) --> "C:\WINDOWS\$NtUninstallKB903235$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB916281) --> "C:\WINDOWS\$NtUninstallKB916281$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
UltimateBet --> C:\PROGRA~1\ULTIMA~1\UNWISE.EXE C:\PROGRA~1\ULTIMA~1\INSTALL.LOG
Windows Defender Signatures --> MsiExec.exe /I{A5CC2A09-E9D3-49EC-923D-03874BBD4C2C}
Windows Driver Package - Nokia Modem (06/12/2006 6.81.0.21) --> C:\PROGRA~1\DIFX\D6ACC4BE676423A2B130B78A4B627FC457D98997\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_62A340731F8930057B44B8864F236850B0D49D65\nokbtmdm.inf
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe
Vodei Multimedia Processor 2.00 --> C:\Program Files\Vodei\uninst.exe
XviD MPEG-4 Codec --> "C:\Program Files\XviD\UninstXviD.exe"
-- Application Event Log -------------------------------------------------------
Event ID #21679: Error
Event Submitted/Written: 08/08/2007 02:34:11 PM
Event Source: nview_info
Event Description:
NVIEW : WgaTray: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event
Event ID #21672: Warning
Event Submitted/Written: 08/05/2007 06:56:35 PM
Event Source: Userenv
Event Description:
Windows tallensi käyttäjän ATM1\HP_Omistaja rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä.
Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi.
Event ID #21671: Warning
Event Submitted/Written: 08/05/2007 06:56:33 PM
Event Source: Userenv
Event Description:
Windows ei voi poistaa luokkien rekisteritiedostoa muistista, koska toiset sovellukset tai palvelut käyttävät yhä kyseistä tiedostoa. Tiedosto poistetaan muistista, kun sitä ei enää käytetä .
Event ID #21661: Error
Event Submitted/Written: 08/04/2007 04:15:47 PM
Event Source: nview_info
Event Description:
NVIEW : hpqSTE08: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event
Event ID #21654: Error
Event Submitted/Written: 08/03/2007 01:51:20 PM
Event Source: nview_info
Event Description:
NVIEW : wmplayer: WAIT_TIMEOUT, while waiting for a read to clear - resetting read event
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event ID #76886: Warning
Event Submitted/Written: 08/09/2007 03:36:02 AM
Event Source: Dhcp
Event Description:
Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
verkkokortille, jonka verkko-osoite on 00112F9D653D.
Virhe:
%%121.
Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.
Event ID #76885: Warning
Event Submitted/Written: 08/09/2007 03:19:25 AM
Event Source: Dhcp
Event Description:
Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
verkkokortille, jonka verkko-osoite on 00112F9D653D.
Virhe:
%%121.
Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.
Event ID #76884: Warning
Event Submitted/Written: 08/09/2007 02:46:18 AM
Event Source: Dhcp
Event Description:
Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
verkkokortille, jonka verkko-osoite on 00112F9D653D.
Virhe:
%%121.
Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta.
Event ID #76849: Error
Event Submitted/Written: 08/09/2007 01:15:44 AM
Event Source: DCOM
Event Description:
DCOM vastaanotti virheen "%%1084" yrittäessään käynnistää palvelun EventSystem argumenteilla ""
suorittaakseen palvelinosan:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event ID #76848: Error
Event Submitted/Written: 08/09/2007 01:15:34 AM
Event Source: DCOM
Event Description:
DCOM vastaanotti virheen "%%1084" yrittäessään käynnistää palvelun netman argumenteilla ""
suorittaakseen palvelinosan:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
-- End of Deckard's System Scanner: finished at 2007-08-09 at 13:15:43 ---------
|
|
Auttaja
Suspended permanently
|
9. elokuuta 2007 @ 09:36 |
Linkki tähän viestiin
|
päästä vaan
O4 - HKLM\..\RunOnce: [MessengerPlusUninstall] C:\WINDOWS\system32\cmd.exe /C "C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\MsgPlusUninst.bat"
fixaa viel tuo rivi hijackthissillä
=======
Javan päivitys ja välimuistin tyhjennys:
1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä: 
3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:
http://java.sun.com/javase/downloads/index.jsp
Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2
Paina Download
Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.
(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos hjuomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).
8. Varmista että kaikki kaksi valintaa ovat rastitettuja:
*Applications and Applets
*Trace and Log Files
Ja paina OK -nappia
9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Klikkaa OK jättääksesi Java asetusikkunasi.
========
ja sitte viel uusi hijackthislogi
|
|
LAMPPU1
Junior Member
|
9. elokuuta 2007 @ 10:35 |
Linkki tähän viestiin
|
Kaikki käsketty tehty ja tässä uusin HJT:
Logfile of HijackThis v1.99.1
Scan saved at 14:35:06, on 9.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\BitComet\BitComet.exe
C:\WINDOWS\system32\msiexec.exe
C:\HJT\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holkkari.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
|
|
Auttaja
Suspended permanently
|
9. elokuuta 2007 @ 11:05 |
Linkki tähän viestiin
|
Pysy puhtaana
-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.
-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.
-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas
-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas
-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.
-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.
-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm
->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.
->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI
Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!
|
|
LAMPPU1
Junior Member
|
9. elokuuta 2007 @ 11:35 |
Linkki tähän viestiin
|
kiitosta avusta tähän asti, mutta nyt sitten kone rupesi katkomaan internet yhteyttä.
Eli kun olen n.puoli tuntia käyttämättä nettiä ja yritän sitten avata netin tai päivittää sivuja niin se ilmoittaa että lähiverkko yhteys puuttuu-> PAINAN KORJAA->WINDOWS SUORITTAA SEURAAVAN TOIMINNON, IP-OSOITTEEN UUSIMINEN-> pyydä apua henkilöltä joka hallinnoi verkkoa.... eli yhetys vaan katoaa, ja kun käynnistän koneen uudestaan niin se pelittää, missä vika? käsittääkseni itse olen se järjestelmänhaltija???
|
|
Auttaja
Suspended permanently
|
10. elokuuta 2007 @ 08:43 |
Linkki tähän viestiin
|
|
Toimiiko netti jo?
|
|
LAMPPU1
Junior Member
|
12. elokuuta 2007 @ 10:20 |
Linkki tähän viestiin
|
|
Hei.
Edelleen nettiyhteys katkeaa kun kone on käyttämättä n.puolen tunnin ajan sen jälkeen joutuu uudestaan käynnistämään että yhteys palaa...
|
|
Auttaja
Suspended permanently
|
12. elokuuta 2007 @ 14:53 |
Linkki tähän viestiin
|
|
Okei.. eli tuolla windowsin ongelmien puolella saattaa tietää asiasta enemmän... nää nettiyhteyden pätkimis ongelmat on monesti vaikeita selvittää.. laita vaikka tää viesti siihen...
"Event ID #76886: Warning
Event Submitted/Written: 08/09/2007 03:36:02 AM
Event Source: Dhcp
Event Description:
Verkon DHCP-palvelin ei voinut uusia IP-osoitetta tietokoneen
verkkokortille, jonka verkko-osoite on 00112F9D653D.
Virhe:
%%121.
Tietokone jatkaa osoitteen pyytämistä verkon DHCP-palvelimelta. "
|
|
LAMPPU1
Junior Member
|
12. elokuuta 2007 @ 15:49 |
Linkki tähän viestiin
|
|
okei näin teen, kiitoksia taas avusta!!!
|
|
LAMPPU1
Junior Member
|
19. elokuuta 2007 @ 04:39 |
Linkki tähän viestiin
|
Terve taas...
AVAST ilmoittaa taas että sama WIN32 troijalainen on tullut käymään...
Eli mulla on pöytäkoneella 2 käyttäjätiliä ja kun ton sivukäyttäjätilin puolella laittaa avastin pyöriin niin sieltä se taas löyty se troijalainen, ja sitten kuulin sen puolen käyttäjältä että kone on sammunu jo jonkin aikaa ja mennyt niin jumiin että joutunu boottaamaan koneen aika ajoin. Eikö toi hijack-loki ja muut toimenpiteet toimi koko koneessa riippumatta käyttäjätileistä, jos toimeenpanijana on ollut admin-oikeudet omaava?
APua tarvitaan taas...kohta luovutan.
|
|
Hujo
Suspended permanently
|
19. elokuuta 2007 @ 12:03 |
Linkki tähän viestiin
|
ajas hjt sen toisella tilillä ja aja sen puolella AVG Anti-Spyware 7.5 päivitä ensin laita siintä loki tänne.
Voiko tietsikka koskaan toimia?
|
|
LAMPPU1
Junior Member
|
19. elokuuta 2007 @ 16:06 |
Linkki tähän viestiin
|
Tässä tulee toisenkin käyttäjätilin HJT ja AVG-loki:
Logfile of HijackThis v1.99.1
Scan saved at 19:50:40, on 19.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HJT\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.telkku.fi/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 1:14:10 9.8.2007
+ Scan result:
C:\Program Files\WinZix\WinZixManager.dll -> Adware.WinZix : Ignored.
C:\System Volume Information\_restore{86283E28-56CD-405F-A5E5-91300FF64AF1}\RP622\A0129562.exe -> Adware.WinZix : Ignored.
:mozilla.210:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.386:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.441:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.54:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.55:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.56:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.57:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.92:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.93:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.94:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.102:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.103:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.104:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.105:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.106:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.132:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.133:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.60:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.61:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.100:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.122:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.123:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.124:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.97:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.98:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.99:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.250:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Supailijat\Cookies\supailijat@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.350:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Bfast : Cleaned.
:mozilla.237:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.240:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.241:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.242:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.392:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.364:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.214:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.215:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.216:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.217:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.106:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.125:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.16:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.130:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.369:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.197:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.198:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.199:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.224:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.225:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.365:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.366:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.367:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.321:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.89:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.27:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.469:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.470:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.166:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.167:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.169:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.170:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.136:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.137:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.138:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.139:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.140:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.141:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.244:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.245:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.246:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.432:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.433:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.252:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.399:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Skype : Cleaned.
:mozilla.447:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.448:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.449:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.11:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.19:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\Supailijat\Cookies\supailijat@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.126:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.127:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.128:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.129:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.130:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.55:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.56:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.57:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.58:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.59:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.75:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.111:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.112:C:\Documents and Settings\Supailijat\Application Data\Mozilla\Firefox\Profiles\v45bjvyb.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.61:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.63:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.68:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.69:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.70:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.47:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.48:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.49:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.50:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.51:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.52:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\zxyjta5y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
::Report end
Mutta edelleen AVAST siirtää viruskaranteeniin seuraavat kaverit:
A0131596.exe Win32:Obfuscated.BPO[trj]
bis104.exe Win32:Obfuscated.BPO[trj]
ForSoap.exe Win32:Obfuscated.BPO[trj]
|
|
Hujo
Suspended permanently
|
19. elokuuta 2007 @ 19:01 |
Linkki tähän viestiin
|
Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki1
Linkki2
Linkki3
1.Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
2.Tuplaklikkaa NoLop.exe ajaaksesi sen
3.Klikkaa nappulaa "Search and Destroy"
<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
4, Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
5. Klikkaa "REBOOT"-painiketta.
6. NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
-- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.
=====================
Lataa SmitfraudFix (c) S!Ri http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:
Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.
Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
=================================
Jos tuo ei ole käytössä niin poista
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\WINDOWS\System32\shdocvw.dll
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 19. elokuuta 2007 @ 19:04
|
|
LAMPPU1
Junior Member
|
21. elokuuta 2007 @ 12:20 |
Linkki tähän viestiin
|
NoLop! Log by Skate_Punk_21
Please Note: any existing old logs will have now been renamed to NoLop!OLD.log
Fix running from: C:\Documents and Settings\HP_Omistaja\Työpöytä
[21.8.2007]
[16:10:15]
---Infection Files Found/Removed---
NO INFECTION FILES FOUND - Cleaning Aborted.
---Listing AppData sub directories---
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Antivir Personaledition Classic
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Avg7 -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Comodo
C:\Documents and Settings\All Users\Application Data\Cyberlink
C:\Documents and Settings\All Users\Application Data\Downloaded Installations -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Google
C:\Documents and Settings\All Users\Application Data\Grisoft
C:\Documents and Settings\All Users\Application Data\Hewlett-packard
C:\Documents and Settings\All Users\Application Data\Hp
C:\Documents and Settings\All Users\Application Data\Intervideo
C:\Documents and Settings\All Users\Application Data\Licensefacesixthpoll
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Motive
C:\Documents and Settings\All Users\Application Data\Msn6
C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Pc Suite
C:\Documents and Settings\All Users\Application Data\Pixelstorm
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Skype
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Apple Computer
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\Intervideo
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Default User\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Default User\Application Data\Sun
C:\Documents and Settings\Default User\Application Data\Symantec
C:\Documents and Settings\Hp_omistaja\Application Data\Adobe
C:\Documents and Settings\Hp_omistaja\Application Data\Adobeum
C:\Documents and Settings\Hp_omistaja\Application Data\Apple Computer
C:\Documents and Settings\Hp_omistaja\Application Data\Arcsoft
C:\Documents and Settings\Hp_omistaja\Application Data\Bsplayer Pro
C:\Documents and Settings\Hp_omistaja\Application Data\Comodo
C:\Documents and Settings\Hp_omistaja\Application Data\Datalayer
C:\Documents and Settings\Hp_omistaja\Application Data\Flaw Roam
C:\Documents and Settings\Hp_omistaja\Application Data\Help
C:\Documents and Settings\Hp_omistaja\Application Data\Hp
C:\Documents and Settings\Hp_omistaja\Application Data\Identities
C:\Documents and Settings\Hp_omistaja\Application Data\Intervideo
C:\Documents and Settings\Hp_omistaja\Application Data\Lavasoft
C:\Documents and Settings\Hp_omistaja\Application Data\Leadertech
C:\Documents and Settings\Hp_omistaja\Application Data\Macromedia
C:\Documents and Settings\Hp_omistaja\Application Data\Media Player Classic
C:\Documents and Settings\Hp_omistaja\Application Data\Microgaming
C:\Documents and Settings\Hp_omistaja\Application Data\Microsoft
C:\Documents and Settings\Hp_omistaja\Application Data\Microsoft Web Folders -- EMPTY Directory
C:\Documents and Settings\Hp_omistaja\Application Data\Motive
C:\Documents and Settings\Hp_omistaja\Application Data\Mozilla
C:\Documents and Settings\Hp_omistaja\Application Data\Msn6
C:\Documents and Settings\Hp_omistaja\Application Data\Nokia
C:\Documents and Settings\Hp_omistaja\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Hp_omistaja\Application Data\Pc Suite
C:\Documents and Settings\Hp_omistaja\Application Data\Real
C:\Documents and Settings\Hp_omistaja\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Hp_omistaja\Application Data\Skype
C:\Documents and Settings\Hp_omistaja\Application Data\Sonic
C:\Documents and Settings\Hp_omistaja\Application Data\Sun
C:\Documents and Settings\Hp_omistaja\Application Data\Symantec
C:\Documents and Settings\Hp_omistaja\Application Data\Veritas
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Apple Computer
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Identities
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Intervideo
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Microsoft
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Sun
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Symantec
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Supailijat\Application Data\Adobe
C:\Documents and Settings\Supailijat\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Apple Computer
C:\Documents and Settings\Supailijat\Application Data\Arcsoft
C:\Documents and Settings\Supailijat\Application Data\Bsplayer Pro
C:\Documents and Settings\Supailijat\Application Data\Comodo
C:\Documents and Settings\Supailijat\Application Data\Datalayer
C:\Documents and Settings\Supailijat\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Hp
C:\Documents and Settings\Supailijat\Application Data\Identities
C:\Documents and Settings\Supailijat\Application Data\Image Zone Express
C:\Documents and Settings\Supailijat\Application Data\Intervideo
C:\Documents and Settings\Supailijat\Application Data\Lavasoft
C:\Documents and Settings\Supailijat\Application Data\Leadertech
C:\Documents and Settings\Supailijat\Application Data\Macromedia
C:\Documents and Settings\Supailijat\Application Data\Media Player Classic
C:\Documents and Settings\Supailijat\Application Data\Microsoft
C:\Documents and Settings\Supailijat\Application Data\Mozilla
C:\Documents and Settings\Supailijat\Application Data\Nokia
C:\Documents and Settings\Supailijat\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Supailijat\Application Data\Pc Suite
C:\Documents and Settings\Supailijat\Application Data\Real
C:\Documents and Settings\Supailijat\Application Data\Sampleview -- EMPTY Directory
C:\Documents and Settings\Supailijat\Application Data\Skype
C:\Documents and Settings\Supailijat\Application Data\Sonic
C:\Documents and Settings\Supailijat\Application Data\Sun
C:\Documents and Settings\Supailijat\Application Data\Symantec
C:\Documents and Settings\Supailijat\Application Data\Veritas
Logfile of HijackThis v1.99.1
Scan saved at 16:17:07, on 21.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HJT\scanner.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.holkkari.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect
O4 - HKLM\..\Run: [SiS Windows KeyHook] C:\WINDOWS\System32\keyhook.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [DVDBitSet] "C:\Program Files\HP CD-DVD\Umbrella\DVDBitSet.exe" /NOUI
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [Acme.PCHButton] C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
C:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra 'Tools' menuitem: EmpirePoker - {77E68763-4284-41d6-B7E7-B6E1F053A9E7} - C:\Program Files\EmpirePoker\EmpirePoker.exe (file missing)
O9 - Extra button: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra 'Tools' menuitem: UltimateBet - {94148DB5-B42D-4915-95DA-2CBB4F7095BF} - C:\Program Files\UltimateBet\UltimateBet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/sh...ash/swflash.cab
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
Ei anna ladata /avata tota:
Lataa SmitfraudFix (c) S!Ri http://siri.urz.free.fr/Fix/SmitfraudFix.zip
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:
ilmoitti ensin että sisältää viruksen trjan win32gen ja sitten että ei ole kelvollinen...
siis nyt olen ajanut nämä HJT ja muut järjestelmänvalvojan ominaisuudessa, pitääkö ne ajaa vielä toisella käyttäjätilillä?
|
|
LAMPPU1
Junior Member
|
21. elokuuta 2007 @ 12:23 |
Linkki tähän viestiin
|
|
kun yritän avata sen smitfraudin niin löytyy avatilla kauhee hälytys ja että WIN32:trojan-gen, että uskaltaako jatkaa?
|
|
Hujo
Suspended permanently
|
22. elokuuta 2007 @ 02:51 |
Linkki tähän viestiin
|
|
tee tuollanen rankka temppu ota avastin taustasuojaus pois päältä ja lataat tuon smitfraudfixsin. Älä pidä auki muita ikkunoita.
Voiko tietsikka koskaan toimia?
|
|
Mainos
|
|
|
|
LAMPPU1
Junior Member
|
22. elokuuta 2007 @ 10:24 |
Linkki tähän viestiin
|
Tässä smitti:
SmitFraudFix v2.214
Scan done at 14:21:51,67, ke 22.08.2007
Run from C:\Documents and Settings\HP_Omistaja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\System32\keyhook.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\HP\KBD\KBD.EXE
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\HELPAN~1\Pavilion\XPHWWBF4\plugin\bin\pchbutton.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\cmd.exe
C:\Program Files\Java\jre1.6.0_01\bin\jucheck.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Omistaja
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Omistaja\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_OMI~1\Suosikit
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: VIA Rhine II Fast Ethernet Adapter - Paketinajoituksen miniportti
DNS Server Search Order: 195.197.54.100
DNS Server Search Order: 195.74.0.47
HKLM\SYSTEM\CCS\Services\Tcpip\..\{386240E6-D3DD-43A6-9BE3-F6AAB071605B}: DhcpNameServer=195.197.54.100 195.74.0.47
HKLM\SYSTEM\CS1\Services\Tcpip\..\{386240E6-D3DD-43A6-9BE3-F6AAB071605B}: DhcpNameServer=195.197.54.100 195.74.0.47
HKLM\SYSTEM\CS3\Services\Tcpip\..\{386240E6-D3DD-43A6-9BE3-F6AAB071605B}: DhcpNameServer=195.197.54.100 195.74.0.47
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=195.197.54.100 195.74.0.47
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=195.197.54.100 195.74.0.47
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=195.197.54.100 195.74.0.47
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
|
|
