|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
CiD-pop uppeja Explorerissa
|
|
|
Marzie
Newbie
|
4. elokuuta 2007 @ 10:10 |
Linkki tähän viestiin
|
Kun konetta käyttää, näytölle pomppaa vähän väliä CiD-mainosikkunoita Explorerilla (oletusselaimena on Firefox). Millä ohjelmalla/ohjelmilla ongelman saisi korjattua ja miten? Kiitos etukäteen.
HjT-loki näyttää tältä:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:29:23, on 4.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\Grisoft\AVG7\avgcc.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\HjT\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TypeRemote] C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\amendraw.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?4c8e0a08c4974ce899d04c5dca5a44d6
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?4c8e0a08c4974ce899d04c5dca5a44d6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://onecare.live.com
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 8338 bytes
|
|
Auttaja
Suspended permanently
|
4. elokuuta 2007 @ 21:03 |
Linkki tähän viestiin
|
Sull on koneella kaks antivirus ohjelmaa.. norman ja avg7 poista toinen..
Poista myös wildtanget.. '
==========
Hijackthissillä muut ohjelmat suljettuna!
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [WildTangent CDA] "C:\Program Files\WildTangent\Apps\CDA\GameDrvr.exe" /startup "C:\Program Files\WildTangent\Apps\CDA\cdaEngine0500.dll"
O4 - HKCU\..\Run: [TypeRemote] C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\amendraw.exe
Merkkaa nuo rivit ja paina FIX CHECKED
=========
Lataa ATF Cleaner
http://www.atribune.org/ccount/click.php?id=1
Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman. Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasi Klikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)
==========
Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
http://www.spywareedge.net/nolop/NoLop.exe1
http://www.spywaretimes.com/Tools/Downlo...wareToolsLinkki
http://www.thespykiller.co.uk/index.php?action=tpmod;dl=get16
* Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
* Tuplaklikkaa NoLop.exe ajaaksesi sen
* Klikkaa nappulaa "Search and Destroy"
<>
* Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
* Klikkaa "REBOOT"-painiketta.
* NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
-- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx http://www.boletrice.com/downloads/mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan. --
=========
Laita piilotiedostot näkyviin ja poiston jälkeen piiloon takaisin
Poista nämä kansiot/tiedostot
C:\Program Files\WildTangent\
C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\ (lyhennetty nimi)
=========
'
Tarkista koneesi F-Securen online skannerilla
Huom, skanneri toimii vain Internet Explorer selaimella
* Lue sivun ohjeet huolella läpi
* Klikkaa Start scanning
* Mikäli saat Internet Explorer -suojausvaroituksen, klikkaa Asenna
* Klikkaa Accept
* Klikkaa Custom Scan
* Säädä asetukset seuraavasti
o "Virus Scan Option" kohdasta valitse Scan whole system
o "Other Scan Option" kohdasta valitse Scan All Files
o Valitse Scan whole system for rootkits
o Valitse Scan whole system for spyware
o Laita ruksi kohtaan Scan inside archives
o Varmista että Use advanced heuristics on valittuna
* Klikkaa Start
* Skannaus käynnistyy kun tarvittavat tiedostot/päivitykset on ladattu
* Odota kärsivällisesti
* Kun sakannaus on suoritettu, klikkaa Automatic cleaning
* Klikkaa Show Report
* Raportti aukeaa selaimessa, kopioi teksti kokonaan
* Liitä kopioitu teksti esim. muistioon tai Wordiin ja tallenna työpöydälle
* Voit sulkea skannerin
* Lähetä raportti viestiketjuusi
Myös uusi HIJACKTHISlogi
|
|
Marzie
Newbie
|
5. elokuuta 2007 @ 08:43 |
Linkki tähän viestiin
|
Tässä NoLop!in loki:
NoLop! Log by Skate_Punk_21
Fix running from: C:\Documents and Settings\Mikko\Desktop
[5.8.2007]
[12:06:51]
---Infection Files Found/Removed---
C:\WINDOWS\tasks\A417F05F918462F3.job
Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**
---Listing AppData sub directories---
C:\Documents and Settings\Administrator\Application Data\Adobe
C:\Documents and Settings\Administrator\Application Data\Identities
C:\Documents and Settings\Administrator\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Ahead
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Avg7 -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Hp
C:\Documents and Settings\All Users\Application Data\Ifi
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Nvidia
C:\Documents and Settings\All Users\Application Data\Nview_profiles -- EMPTY Directory
C:\Documents and Settings\All Users\Application Data\Skype
C:\Documents and Settings\All Users\Application Data\Sonic
C:\Documents and Settings\All Users\Application Data\Ubisoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\All Users\Application Data\Windows Live Toolbar
C:\Documents and Settings\Default User\Application Data\Adobe
C:\Documents and Settings\Default User\Application Data\Identities
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Mikko\Application Data\Adobe
C:\Documents and Settings\Mikko\Application Data\Adobeum
C:\Documents and Settings\Mikko\Application Data\Ahead
C:\Documents and Settings\Mikko\Application Data\Apple Computer
C:\Documents and Settings\Mikko\Application Data\Bitdownload
C:\Documents and Settings\Mikko\Application Data\Creative Ping Burn
C:\Documents and Settings\Mikko\Application Data\Help
C:\Documents and Settings\Mikko\Application Data\Hp
C:\Documents and Settings\Mikko\Application Data\Identities
C:\Documents and Settings\Mikko\Application Data\Ifi
C:\Documents and Settings\Mikko\Application Data\Intervideo
C:\Documents and Settings\Mikko\Application Data\Lavasoft
C:\Documents and Settings\Mikko\Application Data\Limewire
C:\Documents and Settings\Mikko\Application Data\Macromedia
C:\Documents and Settings\Mikko\Application Data\Microsoft
C:\Documents and Settings\Mikko\Application Data\Mozilla
C:\Documents and Settings\Mikko\Application Data\Real
C:\Documents and Settings\Mikko\Application Data\Sierra
C:\Documents and Settings\Mikko\Application Data\Skype
C:\Documents and Settings\Mikko\Application Data\Sun
C:\Documents and Settings\Mikko\Application Data\Talkback
C:\Documents and Settings\Mikko\Application Data\Template
C:\Documents and Settings\Networkservice\Application Data\Microsoft
... ja tässä HjT loki tiedostojen & ohjelmien poistojen, ATF Cleanerin ja NoLopin jälkeen. F-Securen Online skannausta en saanut toimimaan. Kun Custom Scanningin asetukset oli tehty ja klikkasin "Start", ohjelma ilmoitti "Unable to download necessary Online Scanner components! Please try again."
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:36:09, on 5.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\DAEMON Tools\daemon.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\HjT\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DAEMON Tools] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?4c8e0a08c4974ce899d04c5dca5a44d6
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?4c8e0a08c4974ce899d04c5dca5a44d6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7074 bytes
|
|
Auttaja
Suspended permanently
|
5. elokuuta 2007 @ 13:03 |
Linkki tähän viestiin
|
Jos käytät vain Windowsin omaa palomuuria, niin se ei ole riittävä suoja. Lataa vaikka näistä kolmesta Yksi palomuuri koneellesi ja asenna se. Poista sitten myös windowsin palomuuri käytöstä. Nämä 3 ovat aika suosittuja ja ilmaisia palomuureja:
Comodo
Kerio
Zonealarm
========
C:\Documents and Settings\All Users\Application Data\Book Slow Axis Web -- EMPTY Directory
Poistaa tää kansio
Laita piilotiedostot näkyviin ja poiston jälkeen piiloon takaisin
=======
Lataa Deckard's System Scanner Työpöydällesi.
Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.
[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.
|
|
Marzie
Newbie
|
5. elokuuta 2007 @ 16:29 |
Linkki tähän viestiin
|
Tässä Deckard's System Scannerin logit.
Main:
Deckard's System Scanner v20070804.61
Run by Mikko on 2007-08-05 at 20:12:02
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
75: 2007-08-05 17:12:10 UTC - RP286 - Deckard's System Scanner Restore Point
74: 2007-08-05 08:46:58 UTC - RP285 - Installed AVG 7.5
73: 2007-08-05 08:46:15 UTC - RP284 - Removed AVG 7.5
72: 2007-08-04 08:17:14 UTC - RP283 - Installed AVG 7.5
71: 2007-08-03 16:55:22 UTC - RP282 - Configured EA Link
-- First Restore Point --
1: 2007-05-08 16:21:26 UTC - RP212 - Järjestelmän tarkistuspiste
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as Mikko.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:13:11, on 5.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\Documents and Settings\Mikko\omat tiedostot\Vastaanotetut tiedostot\dss.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\HjT\HIJACK~2\Mikko.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?4c8e0a08c4974ce899d04c5dca5a44d6
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?4c8e0a08c4974ce899d04c5dca5a44d6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7225 bytes
-- HijackThis Fixed Entries (C:\HjT\HIJACK~2\backups\) -------------------------
backup-20070805-115315-428 O4 - HKCU\..\Run: [TypeRemote] C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\amendraw.exe
backup-20070805-115315-607 O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
backup-20070805-115315-649 O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
All drivers whitelisted.
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
All services whitelisted.
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2007-08-05 20:06:00 254 --a------ C:\WINDOWS\Tasks\Tarkistetaan Windows Live -työkalurivin päivitykset.job
2007-07-30 14:18:01 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
-- Files created between 2007-07-05 and 2007-08-05 -----------------------------
2007-08-05 20:04:41 0 d-------- C:\Documents and Settings\Mikko\Application Data\Comodo
2007-08-05 20:04:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-08-05 20:01:51 0 d-------- C:\Program Files\Comodo
2007-08-05 12:09:04 0 d-------- C:\NoLopBackups
2007-08-05 11:46:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-08-03 21:28:30 0 d-------- C:\Documents and Settings\Mikko\Application Data\Lavasoft
2007-07-21 12:49:15 0 d-------- C:\Program Files\EA GAMES
-- Find3M Report ---------------------------------------------------------------
2007-08-05 12:41:34 4356 --a------ C:\Documents and Settings\Mikko\Application Data\wklnhst.dat
2007-08-03 19:56:10 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-02 17:47:01 0 d-------- C:\Documents and Settings\Mikko\Application Data\LimeWire
2007-07-24 18:15:55 0 d-------- C:\Documents and Settings\Mikko\Application Data\Template
2007-07-06 22:22:19 2067 --a------ C:\Documents and Settings\Mikko\Application Data\HPSU_48BitScanUpdate.log
2007-07-06 22:10:07 348 --a------ C:\Documents and Settings\Mikko\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
2007-07-06 22:10:03 0 --a------ C:\Documents and Settings\Mikko\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
2007-07-06 22:09:52 2797 --a------ C:\Documents and Settings\Mikko\Application Data\PatchUpdate_InstantShareJPG.log
2007-07-06 22:09:43 3558 --a------ C:\Documents and Settings\Mikko\Application Data\PatchUpdate_IZClosingDiscError.log
2007-07-06 22:05:11 46566 --a------ C:\Documents and Settings\Mikko\Application Data\Update_HP_RedboxHprblog_HPSU.log
2007-07-06 22:03:12 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll
2007-07-06 21:59:09 0 d-------- C:\Documents and Settings\Mikko\Application Data\Skype
2007-07-02 13:45:12 0 d-------- C:\Documents and Settings\Mikko\Application Data\BitDownload
2007-06-12 15:50:29 796672 --a------ C:\WINDOWS\GPInstall.exe
2007-05-14 18:40:19 720 --a------ C:\WINDOWS\mozver.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [05.08.2005 14:56]
"RTHDCPL"="RTHDCPL.EXE" [28.06.2006 15:54 C:\WINDOWS\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [16.05.2006 19:04 C:\WINDOWS\SkyTel.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 12:50]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [22.10.2006 13:22]
"nwiz"="nwiz.exe" [22.10.2006 12:22 C:\WINDOWS\system32\nwiz.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11.05.2005 23:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14.03.2007 03:43]
"Norman ZANDA"="C:\Norman\Npm\bin\ZLH.exe" [27.04.2007 13:58]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [25.10.2006 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30.10.2006 10:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [14.05.2007 18:39]
"NvMediaCenter"="NvMCTray.dll" [22.10.2006 13:22 C:\WINDOWS\system32\nvmctray.dll]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [05.08.2007 20:01]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [10.08.2004 15:00]
"Steam"="" []
"BitDownload"="C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.9.2005 23:05:26]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11.5.2005 23:23:26]
HP Image Zone -pikak?ynnistys.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12.5.2005 0:49:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
*Newly Created Service* - CMDAGENT
*Newly Created Service* - CMDMON
*Newly Created Service* - INSPECT
-- Hosts -----------------------------------------------------------------------
127.0.0.1 bin.errorprotector.com ## added by CiD
127.0.0.1 br.errorsafe.com ## added by CiD
127.0.0.1 br.winantivirus.com ## added by CiD
127.0.0.1 br.winfixer.com ## added by CiD
127.0.0.1 cdn.drivecleaner.com ## added by CiD
127.0.0.1 cdn.errorsafe.com ## added by CiD
127.0.0.1 cdn.winsoftware.com ## added by CiD
127.0.0.1 de.errorsafe.com ## added by CiD
127.0.0.1 de.winantivirus.com ## added by CiD
127.0.0.1 download.cdn.drivecleaner.com ## added by CiD
60 more entries in hosts file.
-- End of Deckard's System Scanner: finished at 2007-08-05 at 20:13:46 ---------
Extra:
Deckard's System Scanner v20070804.61
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English
CPU 0: AMD Athlon(tm) 64 Processor 3500+
Percentage of Memory in Use: 46%
Physical Memory (total/avail): 1022.48 MiB / 541.98 MiB
Pagefile Memory (total/avail): 2458.24 MiB / 2029.43 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1965.78 MiB
C: is Fixed (NTFS) - 232.88 GiB total, 80.91 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is CDROM (No Media)
K: is CDROM (No Media)
L: is CDROM (No Media)
M: is CDROM (No Media)
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FirewallOverride is set.
FW: COMODO Firewall Pro v2.3.035 (COMODO)
AV: Norman Virus Control ver. 5.90 v5.90 (Norman ASA)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe:*:Enabled:hpqtra08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe:*:Enabled:hpqste08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe:*:Enabled:hpofxm08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe:*:Enabled:hposfx08.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe:*:Enabled:hposid01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe:*:Enabled:hpqscnvw.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe:*:Enabled:hpqkygrp.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe:*:Enabled:hpqcopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe:*:Enabled:hpfccopy.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe:*:Enabled:hpzwiz01.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe:*:Enabled:hpqphunl.exe"
"C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"="C:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe:*:Enabled:hpqdia.exe"
"C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"="C:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe:*:Enabled:hpoews01.exe"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\counter-strike source\\hl2.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\counter-strike source\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\eye\\The All-Seeing Eye\\eye.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\eye\\The All-Seeing Eye\\eye.exe:*:Disabled:Yahoo! All-Seeing Eye"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Disabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Disabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Messenger\\Msmsgs.exe"="C:\\Program Files\\Messenger\\Msmsgs.exe:*:Disabled:Windows Messenger"
"C:\\Program Files\\iTunes\\iTunes.exe"="C:\\Program Files\\iTunes\\iTunes.exe:*:Enabled:iTunes"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\the allsing eye\\The All-Seeing Eye\\eye.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\the allsing eye\\The All-Seeing Eye\\eye.exe:*:Disabled:Yahoo! All-Seeing Eye"
"C:\\Pihlajakumpu\\Viljele\\Viljele.exe"="C:\\Pihlajakumpu\\Viljele\\Viljele.exe:*:Disabled:Viljele"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\NHL 2001\\NHL2001.ICD"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\NHL 2001\\NHL2001.ICD:*:Disabled:NHL2001"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Skype\\Skype.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Skype\\Skype.exe:*:Enabled:Skype"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\source sdk base\\hl2.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\source sdk base\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\limevire\\LimeWire\\LimeWire.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\limevire\\LimeWire\\LimeWire.exe:*:Enabled:LimeWire"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\BitDownload\\BitDownload.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"
"C:\\Documents and Settings\\Mikko\\My Documents\\mikon kansio\\Phone\\Skype.exe"="C:\\Documents and Settings\\Mikko\\My Documents\\mikon kansio\\Phone\\Skype.exe:*:Enabled:Skype"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\koodit\\BitDownload\\BitDownload.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\koodit\\BitDownload\\BitDownload.exe:*:Enabled:Warez3"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\day of defeat source\\hl2.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\day of defeat source\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\amerikan's army\\System\\ArmyOps.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\amerikan's army\\System\\ArmyOps.exe:*:Enabled:ArmyOps"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2.exe:*:Enabled:Battlefield 2"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2VoipServer.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2VoipServer.exe:*:Enabled:BF2VoipServer"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2VoipServer_w32ded.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\BATTLEFIELD 2\\BF2VoipServer_w32ded.exe:*:Enabled:BF2VoipServer_w32ded"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\outbreak\\Outbreak Demo\\OutBreak.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\outbreak\\Outbreak Demo\\OutBreak.exe:*:Enabled:Codename: Outbrake"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\ET.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Return to Castle Wolfenstein\\ET.exe:*:Enabled:ET"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\GRAW_PC_demo\\GRAW_demo.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\GRAW_PC_demo\\GRAW_demo.exe:*:Enabled:GRAW_demo"
"C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe"="C:\\Program Files\\Microsoft Games\\Halo Trial\\halo.exe:*:Enabled:Halo"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\half-life 2 deathmatch\\hl2.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\half-life 2 deathmatch\\hl2.exe:*:Enabled:hl2"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\amerikan's army\\System\\Server.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\amerikan's army\\System\\Server.exe:*:Enabled:Server"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Soldat\\Soldat.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\Soldat\\Soldat.exe:*:Enabled:Soldat"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\SCDA-Offline\\System\\SplinterCell4.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\SCDA-Offline\\System\\SplinterCell4.exe:*:Enabled:SplinterCell4"
"C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\source dedicated server\\srcds.exe"="C:\\Documents and Settings\\Mikko\\omat tiedostot\\mikon kansio\\steam\\SteamApps\\makko90\\source dedicated server\\srcds.exe:*:Enabled:srcds"
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Mikko\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=FUJITSU
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Mikko
LOGONSERVER=\\FUJITSU
NpmLib=C:\Norman\Npm\Bin
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\QuickTime\QTSystem\;C:\Norman\Npm\Bin
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.5.0_11\lib\ext\QTJava.zip
SESSIONNAME=Console
sourcesdk=c:\documents and settings\mikko\omat tiedostot\mikon kansio\steam\steamapps\makko90\sourcesdk
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Mikko\LOCALS~1\Temp
TMP=C:\DOCUME~1\Mikko\LOCALS~1\Temp
USERDOMAIN=FUJITSU
USERNAME=Mikko
USERPROFILE=C:\Documents and Settings\Mikko
VProject=c:\documents and settings\mikko\omat tiedostot\mikon kansio\steam\steamapps\SourceMods\aa
windir=C:\WINDOWS
__COMPAT_LAYER=EnableNXShowUI
-- User Profiles ---------------------------------------------------------------
Mikko (admin)
Administrator (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> C:\DOCUME~1\Mikko\OMATTI~1\ad_aware\AD-AWA~1\UNWISE.EXE C:\DOCUME~1\Mikko\OMATTI~1\ad_aware\AD-AWA~1\INSTALL.LOG
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9b.exe -uninstallDelete
Adobe Flash Player 9 ActiveX --> MsiExec.exe /X{BB65C393-C76E-4F06-9B0C-2124AA8AF97B}
Adobe Reader 7.0.9 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A70900000002}
AGEIA PhysX v2.3.3 --> "C:\Program Files\AGEIA Technologies\uninstall.exe"
Aliens versus Predator 2 Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45EFEFDC-0007-4D31-A69E-8125F0229ACA}\Setup.exe"
America's Army --> MsiExec.exe /I{EF434C52-D882-43DB-8777-EC7B10D8943C}
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
Automaattiset valikot (Windows Live Toolbar) --> MsiExec.exe /X{AD211425-49BE-48D4-889C-C614DA6AC4AD}
Battlefield 2: Deluxe Edition --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
BitDownload 1.5.4 --> C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\Uninstall.exe
CiD Help --> C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\amendraw.exe -uninstall
Codename : Outbreak Demo --> C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\outbreak\OUTBRE~1\UNWISE.EXE C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\outbreak\OUTBRE~1\INSTALL.LOG
Colin McRae Rally --> C:\WINDOWS\IsUninst.exe -f"c:\documents and settings\mikko\omat tiedostot\mikon kansio\colin mcrae\Uninst.isu"
COMODO Firewall Pro --> C:\Program Files\Comodo\Firewall\fwconfig.exe -uninstalln
Counter-Strike: Source --> MsiExec.exe /I{9580813D-94B1-4C28-9426-A441E2BB29A5}
EA.com Matchup --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2F173C40-563E-11D4-89C5-0010ADDAAC33}\setup.exe" -l0xb
EA.com Update --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9AB97F52-512B-43EF-AAEC-4825C17B32ED}\setup.exe" -l0xb
Empire Earth II SP Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{15B4652F-38E8-4252-8374-EFE88AA2FDA7}\setup.exe" -l0x9 -removeonly
Ford Supercar Challenge from Ford (remove only) --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\ford\Ford Supercar Challenge\Uninstall.exe"
Game Maker 4 --> C:\WINDOWS\GPInstall.exe "/UNINST=C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\UnInst.log" "/APPNAME=Game Maker 4"
GameSpy Arcade --> C:\PROGRA~1\GAMESP~1\UNWISE.EXE C:\PROGRA~1\GAMESP~1\INSTALL.LOG
Ghost Recon Advanced Warfighter Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ED48E5CA-34D8-4339-8276-5E95C261A94A}\setup.exe" -l0x9
GTA San Andreas --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D417C96A-FCC7-4590-A1BB-FAF73F5BC98E}\setup.exe" -l0x9 -removeonly
Half-Life Dedicated Server Update Tool --> C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\steam\UNWISE.EXE C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\steam\INSTALL.LOG
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2 --> "C:\HjT\HijackThis\HijackThis.exe" /uninstall
Hitman: Blood Money Demo --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\steam\steam.exe" steam://uninstall/6950
HP Document Viewer 5.3 --> C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat
HP Image Zone 5.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Imaging Device Functions 5.3 --> C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat
HP PSC & OfficeJet 5.3.B --> "C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat
HP Software Update --> MsiExec.exe /X{15EE79F4-4ED1-4267-9B0F-351009325D7D}
HP Solution Center & Imaging Support Tools 5.3 --> C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat
Ifi Tilausohjelma 3.5 --> C:\Program Files\Ifi\OrderClient35\Uninstall.exe
InterVideo WinDVD --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
Java(TM) SE Runtime Environment 6 Update 1 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
LimeWire 4.12.11 --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\limevire\LimeWire\uninstall.exe"
Localization Pack for Microsoft Windows XP Media Center Edition --> MsiExec.exe /I{9E667C7C-F80C-4B91-BCBA-01CBA164A5E9}
MAGIX music maker 11 silver (FL) --> C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\music maker\instslct.exe
Microsoft Age of Empires II --> "C:\Program Files\Microsoft Games\Age of Empires II\UNINSTAL.EXE" /runtemp /uninstall
Microsoft Halo Trial --> "C:\Program Files\Microsoft Games\Halo Trial\UNINSTAL.EXE" /runtemp /addremove
Microsoft Works --> MsiExec.exe /I{6495D83E-3A5B-4674-A17F-3A6DDCDC0F89}
Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Need for Speed? Carbon --> C:\Program Files\Electronic Arts\Need for Speed Carbon\EAUninstall.exe
Nero BurnRights --> C:\WINDOWS\UNNeroBurnRights.exe /UNINSTALL
Nero Digital --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero OEM --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
NeroVision Express Content --> C:\WINDOWS\UNNVEContent.exe /UNINSTALL
NHL 2001 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BBA471C0-5EF2-11D4-0091-A500A0245DC0}\setup.exe" -l0xb Uninstall
Norman Virus Control --> C:\Norman\NVC\BIN\DelNVC5.exe
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OneCare Advisor (Windows Live Toolbar) --> MsiExec.exe /X{6B44B1E0-D79F-402E-B803-F44572071E4A}
Outlook-työkalurivi (Windows Live Toolbar) --> MsiExec.exe /X{EB36F61F-53CD-4813-BB7F-75B16AAC1713}
Ponnahdusikkunoiden esto (Windows Live Toolbar) --> MsiExec.exe /X{7A888168-7E7D-477C-9490-24CEB079435B}
PowerArchiver --> C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\PowerArchiver\UNINST.EXE
Prince of Persia The Sands of Time (Demo) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DCB4319C-D746-475B-B604-3D42C5564383}\Setup.exe" -l0x9
Prince of Persia Warrior Within --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6B7E731-A9E1-4AEC-A1E7-2E63646647FE}\setup.exe" -l0x9
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek High Definition Audio Driver --> RtlUpd.exe -r -m
RPG Maker 2000 1.07b --> C:\WINDOWS\UnGins.exe "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\rpg maker\install.log"
RTP for RM2K (Png, Wav, Midi, Fonts) --> C:\WINDOWS\UnGins.exe "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\rpg maker\RTP\install.log"
S.W.I.N.E. demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{0BF7A3AC-C530-4BE0-B939-3E4385CAB456}\Setup.exe"
Selaus välilehtiä käyttäen (Windows Live Toolbar) --> MsiExec.exe /X{E14FC354-9ED8-4D79-A7DA-356D66BF5F54}
Skype 3.0 --> "C:\Documents and Settings\Mikko\My Documents\mikon kansio\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Steam(TM) --> MsiExec.exe /X{048298C9-A4D3-490B-9FF9-AB023A9238F3}
Suomen linnut --> C:\WINDOWS\unin040b.exe -f"C:\Program Files\Suomen linnut\DeIsL1.isu" -c"C:\Program Files\Suomen linnut\_ISREG32.DLL"
Syötteen tunnistus (Windows Live Toolbar) --> MsiExec.exe /X{71A52B94-5BF1-4B0A-8098-37A9D495D5D8}
Text-To-Speech-Runtime --> MsiExec.exe /X{7B3F0113-E63C-4D6D-AF19-111A3165CCA2}
The Sims Keräilykokoelma --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}\setup.exe" -l0xb -l000b
Tom Clancy's Splinter Cell 3 - Chaos Theory --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{41188D27-E354-40A2-9C38-E361E830A9C1}\setup.exe" -l0x9 -removeonly
Tom Clancy's Splinter Cell Double Agent Demo --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{501BB464-E875-4E1E-9CF4-8C445DDAE01E}\setup.exe" -l0x9 -removeonly
Tomb Raider: Legend Demo --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\steam\steam.exe" steam://uninstall/7030
Trophy Hunter 2003 - Rocky Mountain Adventures --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Trophy hunter\Trophy Hunter 2003\unins000.exe"
Update Rollup 2 for Windows XP Media Center Edition 2005 --> C:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Viljele --> C:\WINDOWS\uninst.exe -fC:\Pihlajakumpu\Viljele\DeIsL1.isu -cC:\Pihlajakumpu\Viljele\_ISREG32.DLL
Windows Live Messenger --> MsiExec.exe /I{DF6FEB75-A0D1-44E5-A754-0072D4967734}
Windows Live Sign-in Assistant --> MsiExec.exe /I{49672EC2-171B-47B4-8CE7-50D7806360D7}
Windows Live Toolbar --> "C:\Program Files\Windows Live Toolbar\UnInstall.exe" {E33C2495-B60D-4073-80CD-90DC2E66966B}
Windows Live Toolbar --> MsiExec.exe /X{E33C2495-B60D-4073-80CD-90DC2E66966B}
Windows Live Toolbarin laajennus (Windows Live Toolbar) --> MsiExec.exe /X{2C4BFAFE-F698-421B-8687-4CBF9A5FD5E0}
Windows Messenger 5.1 --> MsiExec.exe /I{9D1C26BD-E792-4159-9D16-07EA222D8EF0}
Windows Messenger 5.1 MUI Pack --> MsiExec.exe /I{F3CBA4E6-436E-4B51-9651-93830EE38616}
Windows XP Media Center Edition 2005 KB914548 --> "C:\WINDOWS\$NtUninstallKB914548$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Documents and Settings\Mikko\omat tiedostot\winrar\uninstall.exe
WinZip --> "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\WinZip\WINZIP32.EXE" /uninstall
Wolfenstein - Enemy Territory --> C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\RETURN~1\Uninstall\Unwise.exe /u C:\DOCUME~1\Mikko\OMATTI~1\MIKONK~1\RETURN~1\Uninstall\Install.log
-- Application Event Log -------------------------------------------------------
Event ID #3556: Warning
Event Submitted/Written: 08/05/2007 08:03:42 PM
Event Source: Userenv
Event Description:
Windows tallensi käyttäjän FUJITSU\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä.
Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi.
Event ID #3555: Error
Event Submitted/Written: 08/05/2007 06:17:33 PM
Event Source: Application Error
Event Description:
Virhesovellus hl2.exe, versio 0.0.0.0, moduuli studiorender.dll, versio 0.0.0.0, osoite 0x0003197a.
Käsitellään mediakohtaista tapahtumaa: [hl2.exe!ws!]
Event ID #3546: Success
Event Submitted/Written: 08/05/2007 03:41:17 PM
Event Source: usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event ID #3531: Warning
Event Submitted/Written: 08/05/2007 11:48:03 AM
Event Source: Userenv
Event Description:
Windows tallensi käyttäjän FUJITSU\Mikko rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä.
Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi.
Event ID #3509: Success
Event Submitted/Written: 08/04/2007 00:56:28 PM
Event Source: usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event ID #16007: Error
Event Submitted/Written: 08/05/2007 08:04:36 PM
Event Source: Dhcp
Event Description:
DHCP-palvelin 192.168.0.1 eväsi IP-osoitteen 81.209.49.187 verkkokortilta, jonka verkko-osoite on 001731FA22C5
(DHCP-palvelin lähetti DHCPNACK-sanoman).
Event ID #15966: Error
Event Submitted/Written: 08/05/2007 00:10:43 PM
Event Source: Dhcp
Event Description:
DHCP-palvelin 192.168.0.1 eväsi IP-osoitteen 81.209.49.187 verkkokortilta, jonka verkko-osoite on 001731FA22C5
(DHCP-palvelin lähetti DHCPNACK-sanoman).
Event ID #15935: Error
Event Submitted/Written: 08/05/2007 11:48:59 AM
Event Source: Dhcp
Event Description:
DHCP-palvelin 192.168.0.1 eväsi IP-osoitteen 81.209.49.187 verkkokortilta, jonka verkko-osoite on 001731FA22C5
(DHCP-palvelin lähetti DHCPNACK-sanoman).
Event ID #15892: Warning
Event Submitted/Written: 08/04/2007 11:54:10 PM
Event Source: W32Time
Event Description:
Aikapalvelu ei ole voinut synkronoida järjestelmän kelloa 49152 sekuntiin, koska
aikatoimittaja ei ole voinut toimittaa käytettävää aikaleimaa. Järjestelmän kelloa
ei ole synkronoitu.
Event ID #15840: Error
Event Submitted/Written: 08/04/2007 10:14:35 AM
Event Source: W32Time
Event Description:
Aikatoimittajan NTP-asiakas on määritetty hakemaan aika vähintään yhdestä
aikalähteestä, mutta yksikään lähde ei ole käytettävissä. Aikalähteeseen ei yritetä
muodostaa yhteyttä 15 minuuttiin.
NTP-asiakkaan käytettävissä ei ole tarkkaa aikalähdettä.
-- End of Deckard's System Scanner: finished at 2007-08-05 at 20:13:46 ---------
Ja lopuksi vielä HjT-logi:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:18:10, on 5.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\Norman\Nvc\bin\cclaw.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\HjT\HijackThis\HijackThis.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?4c8e0a08c4974ce899d04c5dca5a44d6
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?4c8e0a08c4974ce899d04c5dca5a44d6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7152 bytes
|
|
Auttaja
Suspended permanently
|
5. elokuuta 2007 @ 19:52 |
Linkki tähän viestiin
|
Poista nämä ohjausapaneelin lisää/poista sovelluksen kautta
BitDownload 1.5.4 --> C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\Uninstall.exe
CiD Help --> C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1\amendraw.exe -uninstall
nää kansiot
C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload
C:\DOCUME~1\Mikko\APPLIC~1\CREATI~1
=======
Lataa HostsXpert.zip:
[*]Pura HostsXpert sopivaan kansioon, kuten C:\Hoster
[*]Aja HostsXpert.exe sen uudesta kansiosta
[*]Klikkaa "Make Hosts Writable?" oikeassa yläkulmassa (jos toiminnassa)
[*]Klikkaa "Restore Microsoft's Hosts File" ja sitten OK
[*]Sulje ohjelma.a
Huomaa: JOS käytit mukautettuja Hosts-filuja, sinun täytyy laitta
a yksikin niistä riveistä itse takaisin.
======
Lataa Deckard's System Scanner Työpöydällesi.
Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.
[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä Main.txt sisältö seuraavaan vastaukseesi.
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 5. elokuuta 2007 @ 20:09
|
|
Marzie
Newbie
|
6. elokuuta 2007 @ 16:58 |
Linkki tähän viestiin
|
Deckard's System Scanner v20070804.61
Run by Mikko on 2007-08-06 at 11:40:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Mikko.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:40:30, on 6.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Norman\Npm\bin\ELOGSVC.EXE
C:\Norman\Npm\Bin\Zanda.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ehome\mcrdsvc.exe
C:\Norman\Nvc\BIN\NVCSCHED.EXE
C:\Norman\Npm\bin\NJEEVES.EXE
C:\Norman\Nvc\bin\nvcoas.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Norman\Npm\bin\ZLH.EXE
C:\WINDOWS\eHome\ehmsas.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\RunDLL32.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
c:\documents and settings\mikko\omat tiedostot\mikon kansio\steam\steamapps\makko90\counter-strike source\hl2.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Mikko\omat tiedostot\Vastaanotetut tiedostot\dss.exe
C:\HjT\HIJACK~2\Mikko.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\Npm\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone -pikakäynnistys.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/230?4c8e0a08c4974ce899d04c5dca5a44d6
O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\Windows Live Toolbar\Components\fi-fi\msntabres.dll.mui/229?4c8e0a08c4974ce899d04c5dca5a44d6
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @c:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\Program Files\Messenger\msmsgs.exe
O15 - Trusted Zone: http://onecare.live.com
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Norman eLogger service 6 (eLoggerSvc6) - Norman ASA - C:\Norman\Npm\bin\ELOGSVC.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\Npm\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Norman ASA - C:\Norman\Npm\Bin\Zanda.exe
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman ASA - C:\Norman\Nvc\BIN\NVCSCHED.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
--
End of file - 7374 bytes
-- Files created between 2007-07-06 and 2007-08-06 -----------------------------
2007-08-06 11:32:10 0 d-------- C:\hoster
2007-08-05 20:04:41 0 d-------- C:\Documents and Settings\Mikko\Application Data\Comodo
2007-08-05 20:04:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Comodo
2007-08-05 20:01:51 0 d-------- C:\Program Files\Comodo
2007-08-05 12:09:04 0 d-------- C:\NoLopBackups
2007-08-05 11:46:58 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-08-03 21:28:30 0 d-------- C:\Documents and Settings\Mikko\Application Data\Lavasoft
2007-07-21 12:49:15 0 d-------- C:\Program Files\EA GAMES
-- Find3M Report ---------------------------------------------------------------
2007-08-05 12:41:34 4356 --a------ C:\Documents and Settings\Mikko\Application Data\wklnhst.dat
2007-08-03 19:56:10 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-08-02 17:47:01 0 d-------- C:\Documents and Settings\Mikko\Application Data\LimeWire
2007-07-24 18:15:55 0 d-------- C:\Documents and Settings\Mikko\Application Data\Template
2007-07-06 22:22:19 2067 --a------ C:\Documents and Settings\Mikko\Application Data\HPSU_48BitScanUpdate.log
2007-07-06 22:10:07 348 --a------ C:\Documents and Settings\Mikko\Application Data\HelpFilesUpdatePatch_PRINTHELPWRAPPER.log
2007-07-06 22:10:03 0 --a------ C:\Documents and Settings\Mikko\Application Data\HelpFilesUpdatePatch_HELPFILEREPLACE.log
2007-07-06 22:09:52 2797 --a------ C:\Documents and Settings\Mikko\Application Data\PatchUpdate_InstantShareJPG.log
2007-07-06 22:09:43 3558 --a------ C:\Documents and Settings\Mikko\Application Data\PatchUpdate_IZClosingDiscError.log
2007-07-06 22:05:11 46566 --a------ C:\Documents and Settings\Mikko\Application Data\Update_HP_RedboxHprblog_HPSU.log
2007-07-06 22:03:12 139264 --a------ C:\WINDOWS\system32\hpzjrd01.dll
2007-07-06 21:59:09 0 d-------- C:\Documents and Settings\Mikko\Application Data\Skype
2007-06-12 15:50:29 796672 --a------ C:\WINDOWS\GPInstall.exe
2007-05-14 18:40:19 720 --a------ C:\WINDOWS\mozver.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ehTray"="C:\WINDOWS\ehome\ehtray.exe" [05.08.2005 14:56]
"RTHDCPL"="RTHDCPL.EXE" [28.06.2006 15:54 C:\WINDOWS\RTHDCPL.EXE]
"SkyTel"="SkyTel.EXE" [16.05.2006 19:04 C:\WINDOWS\SkyTel.exe]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 12:50]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [22.10.2006 13:22]
"nwiz"="nwiz.exe" [22.10.2006 12:22 C:\WINDOWS\system32\nwiz.exe]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [11.05.2005 23:12]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [14.03.2007 03:43]
"Norman ZANDA"="C:\Norman\Npm\bin\ZLH.exe" [27.04.2007 13:58]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [25.10.2006 19:58]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [30.10.2006 10:36]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [14.05.2007 18:39]
"NvMediaCenter"="NvMCTray.dll" [22.10.2006 13:22 C:\WINDOWS\system32\nvmctray.dll]
"COMODO Firewall Pro"="C:\Program Files\Comodo\Firewall\CPF.exe" [05.08.2007 20:01]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [10.08.2004 15:00]
"Steam"="" []
"BitDownload"="C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" []
[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"RunNarrator"=Narrator.exe
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe [23.9.2005 23:05:26]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [11.5.2005 23:23:26]
HP Image Zone -pikak?ynnistys.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [12.5.2005 0:49:24]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
AutoRun\command- D:\AUTORUN.EXE
-- End of Deckard's System Scanner: finished at 2007-08-06 at 11:40:48 ---------
|
|
Auttaja
Suspended permanently
|
7. elokuuta 2007 @ 15:37 |
Linkki tähän viestiin
|
O4 - HKCU\..\Run: [BitDownload] "C:\Documents and Settings\Mikko\omat tiedostot\mikon kansio\Return to Castle Wolfenstein\koodit\BitDownload\BitDownload.exe" /minimized
fixaa tää hjtllä (avaa hjt, merkkaa ja paina fix checked)
======
Pysy puhtaana
-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.
-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.
-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas
-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas
-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.
-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.
-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm
->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.
->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI
Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!
|
|
smake
Suspended due to non-functional email address
|
7. elokuuta 2007 @ 18:59 |
Linkki tähän viestiin
|
|
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 7. elokuuta 2007 @ 21:31
|
|
Mainos
|
|
|
|
Auttaja
Suspended permanently
|
7. elokuuta 2007 @ 20:31 |
Linkki tähän viestiin
|
|
Avaappa oma ketju aiheellesi ja editoi viesti pois tästä ketjusta.. kiitos.. smake..
|
|
