AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
tiistai 11.11.2025 / 23:32
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > sanooko tämä mitään...
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Sanooko tämä mitään...
  Siirry:
 
Kirjoittaja Viesti
E3ti
Newbie
_ 		21. joulukuuta 2007 @ 16:57 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Jostain troijalaisesta tämä kaikki alkoi. ja nyt on koko pumppu ihan sekasin! mitä tässä voi enää tehdä??

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:50:43, on 21.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\FJS-AMILO\Omat tiedostot\sälää\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} -

C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://plaza.fi/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) -

http://cdn.scan.onecare.live.com/resourc...lscbase4009.cab
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware

2007\aawservice.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner -

C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common

Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall

Plus\FWService.exe (file missing)

--
End of file - 3992 bytes
[ + lainaa]
E3ti
Newbie
_ 		26. joulukuuta 2007 @ 21:32 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tässä vielä Deckard's System Scanner


Deckard's System Scanner v20071014.68
Run by FJS-AMILO on 2007-05-26 22:28:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as FJS-AMILO.exe) -------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:28:30, on 26.5.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\o2flash.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\FJS-AMILO\Omat tiedostot\sälää\dss.exe
C:\DOCUME~1\FJS-AM~1\OMATTI~1\SLB673~1\FJS-AM~1.EXE

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ISUSPM] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -scheduler
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\npjpi160_03.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://plaza.fi/
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} - http://gfx2.hotmail.com/mail/w2/pr02/resources/MSNPUpld.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} - http://cdn.scan.onecare.live.com/resourc...lscbase4009.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{0B20F6C9-F5EF-4E02-B447-206D26DD9516}: NameServer = 193.229.0.40 193.229.0.42
O17 - HKLM\System\CS3\Services\Tcpip\..\{0B20F6C9-F5EF-4E02-B447-206D26DD9516}: NameServer = 193.229.0.40 193.229.0.42
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: O2Micro Flash Memory (O2Flash) - Unknown owner - C:\WINDOWS\system32\o2flash.exe
O23 - Service: PC Tools Firewall Plus (PCToolsFirewallPlus) - Unknown owner - C:\Program Files\PC Tools Firewall Plus\FWService.exe (file missing)
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 6439 bytes

-- Files created between 2007-04-26 and 2007-05-26 -----------------------------

2007-12-19 21:24:20 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Identities
2007-12-19 21:24:20 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\ATI
2007-12-19 21:24:19 0 dr------- C:\Documents and Settings\Järjestelmänvalvoja\Käynnistä-valikko
2007-12-19 21:24:19 0 d--hs---- C:\Documents and Settings\Järjestelmänvalvoja\Cookies
2007-12-19 21:24:19 0 dr-h----- C:\Documents and Settings\Järjestelmänvalvoja\Application Data
2007-12-19 21:24:19 0 d---s---- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Microsoft
2007-12-19 21:24:18 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Local Settings
2007-12-19 21:24:17 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Verkkoympäristö
2007-12-19 21:24:17 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä
2007-12-19 21:24:17 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Tulostinympäristö
2007-12-19 21:24:17 0 dr------- C:\Documents and Settings\Järjestelmänvalvoja\Suosikit
2007-12-19 21:24:17 0 dr-h----- C:\Documents and Settings\Järjestelmänvalvoja\SendTo
2007-12-19 21:24:17 0 dr-h----- C:\Documents and Settings\Järjestelmänvalvoja\Recent
2007-12-19 21:24:17 0 dr------- C:\Documents and Settings\Järjestelmänvalvoja\Omat tiedostot
2007-12-19 21:24:17 0 d--h----- C:\Documents and Settings\Järjestelmänvalvoja\Mallit
2007-12-19 21:24:13 786432 --a------ C:\Documents and Settings\Järjestelmänvalvoja\ntuser.dat
2007-12-19 18:40:27 0 d-------- C:\Program Files\ToniArts
2007-12-19 16:36:29 0 d-------- C:\Program Files\Windows Live Safety Center
2007-12-19 16:28:36 0 d-------- C:\Program Files\Helper
2007-12-19 16:27:30 0 d-------- C:\WINDOWS\OpenOffice.org2
2007-12-19 15:40:12 0 d-------- C:\WINDOWS\DMU2AIQY5DLT19HO
2007-12-19 15:39:58 0 d-------- C:\WINDOWS\5ENV3BJRZ7FNV2AI
2007-12-19 15:30:39 0 d-------- C:\WINDOWS\5SBTCVDWEWFZH0J2
2007-12-19 15:30:23 1536 --a------ C:\WINDOWS\Ei?0X
2007-12-19 15:30:14 0 d-------- C:\WINDOWS\CLU2AIQY6EQ2AIQY
2007-12-19 15:07:06 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\PCToolsFirewallPlus
2007-12-19 15:01:41 8224 --a------ C:\WINDOWS\system32\GDIPFONTCACHEV1.DAT
2007-12-19 15:01:39 0 d-------- C:\Vodafone
2007-12-19 14:58:18 0 d-------- C:\WINDOWS\Mozilla
2007-12-19 12:20:46 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-12-18 23:09:33 0 d-------- C:\Program Files\CCleaner
2007-12-18 00:20:28 0 d-------- C:\fb6b485a59ebe7bd2e41f434
2007-12-18 00:14:55 0 d-------- C:\f92fdb15f1e9c2c64d13
2007-12-17 18:29:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2007-12-17 18:23:52 0 d-------- C:\Program Files\a-squared Free
2007-12-17 17:09:40 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2007-12-17 16:58:49 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\AntiSpywareBot
2007-12-17 16:51:16 0 --a------ C:\WINDOWS\system32\dllgh8jkd1q8.exe
2007-12-12 01:34:56 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-12-12 01:33:14 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-12-12 01:33:14 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-12-12 01:33:04 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-12-12 01:33:04 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-12 01:33:04 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-12 01:33:04 682496 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-12-12 01:32:28 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-11-27 22:28:53 0 d-------- C:\Program Files\Alwil Software
2007-11-16 12:47:58 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Microsoft Web Folders
2007-10-31 09:12:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-10-01 19:27:20 0 --a------ C:\Documents and Settings\FJS-AMILO\Install_Messenger(2).exe
2007-10-01 19:24:01 372487 --a------ C:\Documents and Settings\FJS-AMILO\autosearch(3).exe
2007-10-01 19:23:02 372487 --a------ C:\Documents and Settings\FJS-AMILO\autosearch(2).exe
2007-10-01 19:18:26 372487 --a------ C:\Documents and Settings\FJS-AMILO\autosearch.exe
2007-09-23 09:49:39 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Vodafone
2007-09-23 09:41:01 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\InstallShield
2007-09-23 09:41:00 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield
2007-09-23 09:36:51 8464 --a------ C:\WINDOWS\system32\SpOrder.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) 2000 Operating System>
2007-09-23 09:36:43 0 d-------- C:\WINDOWS\Downloaded Installations
2007-09-23 08:30:45 0 d-------- C:\Program Files\Vodafone
2007-09-05 08:55:07 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\AdobeUM
2007-09-05 08:30:38 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Template
2007-09-05 08:30:34 4502 --a------ C:\Documents and Settings\FJS-AMILO\Application Data\wklnhst.dat
2007-09-02 20:55:59 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-08-21 13:50:40 0 d-------- C:\Xvid
2007-08-20 15:49:51 0 d-------- C:\Program Files\Windows Media Connect 2
2007-08-20 15:48:17 0 d-------- C:\WINDOWS\system32\LogFiles
2007-08-20 15:48:17 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-08-19 18:51:25 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\DivX
2007-08-19 18:50:03 119951 --a------ C:\DivXBundleUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:50:02 119951 --a------ C:\DivXContentUploaderUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:50:00 119951 --a------ C:\DivXWebPlayerUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:50:00 0 d-------- C:\DivX Content Uploader
2007-08-19 18:49:59 0 d-------- C:\DivX Web Player
2007-08-19 18:49:58 119951 --a------ C:\DivXPlayerUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:49:51 0 d-------- C:\DivX Player
2007-08-19 18:49:51 119951 --a------ C:\ConverterUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:49:48 0 d-------- C:\DivX Converter
2007-08-19 18:49:47 119951 --a------ C:\DivXCodecUninstall.exe <Not Verified; DivX, Inc.; >
2007-08-19 18:49:36 0 d-------- C:\AutoUpdate
2007-08-19 18:49:36 0 d-------- C:\Artwork
2007-08-19 12:44:06 1912 --a------ C:\WINDOWS\mozver.dat
2007-08-19 10:59:35 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla
2007-08-16 13:21:26 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\OpenOffice.org2
2007-08-16 13:19:39 0 d-------- C:\Program Files\OpenOffice.org 2.2
2007-08-16 12:29:41 0 d-------- C:\Program Files\MSECache
2007-08-11 20:12:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-08-11 20:12:44 0 d-------- C:\Program Files\Common Files\Symantec Shared
2007-08-11 16:19:24 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\CyberLink
2007-08-11 13:57:00 0 d-------- C:\Program Files\Lavasoft
2007-08-11 13:57:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2007-08-11 13:56:06 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-08-11 12:09:14 0 d-------- C:\WINDOWS\system32\fi-fi
2007-08-11 12:06:43 0 d-------- C:\WINDOWS\network diagnostic
2007-08-11 12:03:46 0 d-------- C:\Program Files\MSXML 4.0
2007-08-11 11:12:16 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Ahead
2007-08-11 10:54:16 0 d-------- C:\Program Files\Winamp
2007-08-11 10:49:14 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink
2007-08-10 20:32:20 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\HP
2007-08-10 20:29:16 0 d-------- C:\Documents and Settings\All Users\Application Data\HP
2007-08-10 20:28:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Sonic
2007-08-10 20:23:02 0 d-------- C:\Program Files\HP
2007-08-10 20:21:14 90879 --a------ C:\WINDOWS\hpiins01.dat
2007-08-10 17:51:11 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Adobe
2007-08-10 15:54:28 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\F-Secure
2007-06-04 15:18:48 9344 --a------ C:\WINDOWS\system32\drivers\NSDriver.sys <Not Verified; Lavasoft AB; Ad-Watch Connections>
2007-06-04 15:17:02 8320 --a------ C:\WINDOWS\system32\drivers\AWRTRD.sys <Not Verified; Lavasoft AB; Ad-Watch Registry Protection>
2007-06-04 15:14:56 6272 --a------ C:\WINDOWS\system32\drivers\AWRTPD.sys <Not Verified; Lavasoft AB; Ad-Watch Beta>
2007-05-26 21:22:03 0 d-------- C:\Program Files\Sun
2007-05-26 21:14:16 0 d-------- C:\Program Files\Java
2007-05-26 20:51:42 0 d-------- C:\Program Files\Common Files\Java
2007-05-26 16:40:10 0 d-------- C:\Program Files\Uusi kansio
2007-05-25 23:11:46 0 d-------- C:\Program Files\DivX
2007-05-25 22:16:18 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Winamp
2007-05-25 16:51:16 4939776 --a------ C:\Documents and Settings\FJS-AMILO\ntuser.dat
2007-05-22 21:55:04 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Grisoft
2007-05-21 22:48:02 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\.clamwin
2007-05-21 20:14:29 0 d-------- C:\WINDOWS\CAVTemp
2007-05-21 19:34:40 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-05-21 18:58:55 0 d-------- C:\Documents and Settings\All Users\Application Data\CA
2007-05-21 18:58:53 0 d-------- C:\Program Files\CA
2007-05-21 17:25:37 0 d-------- C:\VundoFix Backups
2007-05-21 13:54:06 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\.clamwin
2007-05-21 13:53:54 0 d-------- C:\Program Files\ClamWin
2007-05-21 13:53:54 0 d-------- C:\Documents and Settings\All Users\.clamwin
2007-05-21 13:23:38 81984 --a------ C:\WINDOWS\system32\bdod.bin
2007-05-21 13:18:02 0 d-------- C:\Documents and Settings\All Users\Application Data\BitDefender
2007-05-20 20:36:42 0 d-------- C:\Program Files\EMCO Malware Destroyer
2007-05-20 20:26:07 0 d-------- C:\Program Files\SpywareBlaster
2007-05-19 23:55:23 0 --a------ C:\WINDOWS\nsreg.dat
2007-05-19 23:31:10 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-05-19 23:23:51 0 dr-h----- C:\Documents and Settings\FJS-AMILO\Recent
2007-05-19 22:51:34 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Mozilla
2007-05-19 22:48:27 0 d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Grisoft
2007-05-08 15:03:04 1275392 --a------ C:\WINDOWS\system32\msxml4.dll <Not Verified; Microsoft Corporation; Microsoft(R) MSXML 4.0 SP 2>


-- Find3M Report ---------------------------------------------------------------

2007-12-19 18:48:17 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Azureus
2007-12-19 18:40:26 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-11-16 12:47:31 0 d-------- C:\Program Files\microsoft frontpage
2007-08-10 18:48:55 0 d-------- C:\Program Files\Google
2007-08-10 18:48:54 0 d-------- C:\Program Files\Sonera Tietoturva
2007-08-10 17:50:32 0 d-------- C:\Program Files\Azureus
2007-05-26 22:18:57 311380 --a------ C:\WINDOWS\system32\perfh00B.dat
2007-05-26 22:18:57 63178 --a------ C:\WINDOWS\system32\perfc00B.dat
2007-05-26 20:51:42 0 d-------- C:\Program Files\Common Files
2007-05-20 14:36:42 0 d-------- C:\Program Files\Common Files\InstallShield
2007-05-20 14:36:34 0 d-------- C:\Program Files\CyberLink
2007-05-19 23:31:25 0 d-------- C:\Documents and Settings\FJS-AMILO\Application Data\Macromedia
2007-04-13 15:19:52 7680 --a------ C:\WINDOWS\system32\lsdelete.exe
2007-03-05 12:51:56 360580 -ra------ C:\WINDOWS\eSellerateEngine.dll <Not Verified; eSellerate Inc.; eSellerateEngine>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ClamWin"="C:\Program Files\ClamWin\bin\ClamTray.exe" [21.08.2007 21:05]
"cctray"="C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe" [23.11.2007 12:33]
"CAVRID"="C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe" [23.11.2007 11:48]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [11.06.2007 12:25]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [20.12.2007 18:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe" [25.09.2007 01:11]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [15.09.2004 15:00]
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" [11.09.2006 04:40]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system]
"DisableTaskMgr"=0 (0x0)
"DisableRegistryTools"=0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoWindowsUpdate"=0 (0x0)

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, wowfx.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\C]
AutoRun\command- C:\
open\Command- 043CDAF6.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\E]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16f0079c-684b-11dc-83c7-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{16f0079d-684b-11dc-83c7-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b704268-6996-11dc-83cc-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b704269-6996-11dc-83cc-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b70426a-6996-11dc-83cc-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{1b70426b-6996-11dc-83cc-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5db304e2-68df-11dc-83ca-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5db304e3-68df-11dc-83ca-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5db304e4-68df-11dc-83ca-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5db304e5-68df-11dc-83ca-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7fd92a22-c332-11db-835f-806d6172696f}]
AutoRun\command- C:\
open\Command- 043CDAF6.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98c45b9c-6945-11dc-83cb-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{98c45b9d-6945-11dc-83cb-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9775088-69a0-11dc-83ce-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a9775089-69a0-11dc-83ce-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aae15fbe-678d-11dc-83c1-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{aae15fbf-678d-11dc-83c1-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1e72440-69ff-11dc-83cf-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c1e72441-69ff-11dc-83cf-00c0a8cf2f26}]
AutoRun\command- E:\VMC_PBStarter.exe




-- End of Deckard's System Scanner: finished at 2007-05-26 22:29:58 ------------
[ + lainaa]
E3ti
Newbie
_ 		26. joulukuuta 2007 @ 21:35 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
..Ja vielä AVG raportit...


---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 15:53:06 26.5.2007

+ Scan result:



:mozilla.44:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.45:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.173:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.108:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.109:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.110:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.111:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.91:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.92:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.93:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.94:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.95:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.96:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.97:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.18:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.124:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.125:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.126:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.127:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.128:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.49:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.


::Report end



---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 0:44:32 25.5.2007

+ Scan result:



:mozilla.12:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.19:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.43:C:\Documents and Settings\FJS-AMILO\Application Data\Mozilla\Firefox\Profiles\7gjzltff.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.


::Report end
[ + lainaa]
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > sanooko tämä mitään...
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy