AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
torstai 13.11.2025 / 21:05
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > troijalainen poistettu,onkohan kone puhdas
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Troijalainen poistettu,onkohan kone puhdas
  Siirry:
 
Kirjoittaja Viesti
Sivu:12>
pmaatta
Newbie
_ 		28. maaliskuuta 2008 @ 16:37 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Koneesta löytyi troijalainen,jonka sain poistettua.Voisko joku viisas katsoa onko koneessa vielä mahdollisesti jotain?

Tässä loki

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:35:22, on 28.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Seekmo /fleok=1D8A83A5C2E711779EAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: (no name) - {66709CC4-7E4F-4FF2-AB51-51B30098C50D} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/21cd4213c650ebfccb05/netzip/RdxIE601.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O20 - Winlogon Notify: wvutuvu - wvutuvu.dll (file missing)
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 8847 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		28. maaliskuuta 2008 @ 18:24 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
scannaa hjt:llä merkkaa paina Fix checked

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Seekmo /fleok=1D8A83A5C2E711779EAE75760EA83FA5EF80752B9499803B2A2303766A - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O2 - BHO: (no name) - {66709CC4-7E4F-4FF2-AB51-51B30098C50D} - (no file)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Seekmo - {07AA283A-43D7-4CBE-A064-32A21112D94D} - (no file)
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://207.188.7.150/21cd4213c650ebfccb05/netzip/RdxIE601.cab
O20 - Winlogon Notify: wvutuvu - wvutuvu.dll (file missing)


[ + lainaa]
Voiko tietsikka koskaan toimia?
pmaatta
Newbie
_ 		30. maaliskuuta 2008 @ 09:34 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Fixaus tehty ja tässä hjt-loki

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:33:24, on 30.3.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\explorer.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 8168 bytes
[ + lainaa]
pmaatta
Newbie
_ 		7. huhtikuuta 2008 @ 15:05 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Jaahans,taitaa olla kone puhdas kun ei lisäohjeita ole tullut,vai?
[ + lainaa]
Hujo
Suspended permanently
_ 		7. huhtikuuta 2008 @ 15:23 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

===========

Javan päivitys ja välimuistin tyhjennys:

1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä:


3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:

http://java.sun.com/javase/downloads/index.jsp

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u5

Paina Download

Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

*Applications and Applets

*Trace and Log Files

Ja paina OK -nappia

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.

10. Klikkaa OK jättääksesi Java asetusikkunasi.

[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 7. huhtikuuta 2008 @ 15:24
pmaatta
Newbie
_ 		12. huhtikuuta 2008 @ 18:33 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Noniin,skannaus vihdoin käynnissä.F-Secure ilmoittaa vähänväliä viruksesta nimeltä Packed.Win32.Monder.gen.Onkohan jotain yhtäläisyyttä tähän eScaniin?
[ + lainaa]
pmaatta
Newbie
_ 		12. huhtikuuta 2008 @ 21:12 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Skannaus suoritettu ja java päivitetty.Mitään ei löytynyt.Huomasin myös ettei mese pysy päällä vaan sammuu itsekseen.Mulla myös toi fssm32.exe syö muistia.En pysty lähettämään skannauksen lokia kun firefox.exe syö loput.Nyt jos koskaan olisi hyvät neuvot kalliit.
[ + lainaa]
Hujo
Suspended permanently
_ 		12. huhtikuuta 2008 @ 23:43 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

===========

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.


================

paljos koneessa on sitä keskusmuistia.
[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 12. huhtikuuta 2008 @ 23:46
pmaatta
Newbie
_ 		21. huhtikuuta 2008 @ 20:11 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Dodii,vihdoin pääsin koneen kimppuun.Eli tässä combon,sdfix ja hjt-lokit

ComboFix 08-04-20.5 - Järjestelmänvalvoja 2008-04-21 19:17:11.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.224 [GMT 3:00]
Running from: C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\All Users\Application Data\2ACA5CC3-0F83-453D-A079-1076FE1A8B65
C:\Documents and Settings\All Users\Application Data\SeekmoSA
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA.dat
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_gdf.dat
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSA_kyf.dat
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAAbout.mht
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAau.dat
C:\Documents and Settings\All Users\Application Data\SeekmoSA\SeekmoSAEula.mht
C:\WINDOWS\BMd7fc891e.xml
C:\WINDOWS\cookies.ini
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\ggjlm.ini
C:\WINDOWS\system32\ggjlm.ini2
C:\WINDOWS\system32\qfyxqhea.ini

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DHLP


((((( Tiedostot, jotka on luotu seuraavalla aikav?lill?: 2008-03-21 to 2008-04-21 )))))))))))))))))
.

2008-04-12 20:43 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-09 11:07 . 2008-02-20 08:38 45,568 -----c--- C:\WINDOWS\system32\dllcache\dnsrslvr.dll
2008-03-28 16:15 . 2008-03-28 16:15 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2008-03-28 16:15 . 2008-03-28 16:15 118,842 -r------- C:\WINDOWS\bwUnin-6.3.2.116-7681197L.exe
2008-03-28 16:15 . 2005-06-21 18:32 70,224 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2008-03-28 16:15 . 2005-06-21 18:31 33,744 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2008-03-28 16:12 . 2008-03-28 16:14 <KANSIO> d-------- C:\Program Files\F-Secure
2008-03-26 21:55 . 2008-03-26 21:55 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-03-26 21:35 . 2008-03-26 21:35 <KANSIO> d-------- C:\Program Files\IObit
2008-03-22 11:55 . 2008-03-22 11:55 <KANSIO> d--hs---- C:\AntiSpywareControl
2008-03-22 11:51 . 2004-10-07 14:39 89,088 --a------ C:\WINDOWS\system32\atl71.dll

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-04-21 16:21 524,288 ----a-w C:\WINDOWS\system32\drivers\CnxE2FS.bin
2008-04-12 17:43 --------- d-----w C:\Program Files\Java
2008-03-28 13:06 --------- d-----w C:\Program Files\Winamp
2008-03-26 17:44 --------- d-----w C:\Program Files\eMule
2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-06 18:07 --------- d-----w C:\Documents and Settings\All Users\Application Data\TurvaPC
2008-03-06 18:07 --------- d-----r C:\Documents and Settings\All Users\Application Data\SalesMon
2008-03-01 13:01 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2007-02-08 15:43 2,879,031 ----a-w C:\Program Files\LiveUpdate14_Eng_Install.exe
2007-11-13 07:43 6,519 --sh--w C:\WINDOWS\system32\ttutv.bak1
2008-01-14 11:40 6,408 --sh--w C:\WINDOWS\system32\ttutv.bak2
2008-01-14 21:10 6,408 --sh--w C:\WINDOWS\system32\ttutv.ini2
.

(((((((((((((((((((((((((((((( Rekisterin k?ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhji? arvoja ja laillisia oletusarvoja ei n?ytet?

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 23:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 23:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2002-11-23 02:15 631362]
"CnxTrApp"="C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll" [2003-07-30 11:48 247296]
"F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.exe" [2005-06-03 01:37 122929]
"F-Secure TNB"="C:\Program Files\F-Secure\TNB\TNBUtil.exe" [2004-05-27 11:57 684032]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-09-14 16:12 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-06-21 18:32]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 09:02]
R1 VIAPFD;VIAPFD;C:\WINDOWS\system32\Drivers\VIAPFD.SYS [2001-12-18 14:45]
R2 BackWeb Plug-in - 7681197;F-Secure Automatic Update;C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [2008-03-28 16:15]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 18:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSgk.sys [2005-02-16 18:49]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2004-12-17 12:34]
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2002-01-12 02:22]
S2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files\HWiNFO32\HWiNFO32.SYS []
S2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe []

.
'Ajoitetut teht?v?t'-kansion sis?lt?
"2008-04-21 16:05:16 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\F-Secure\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\F-Secure\ANTI-V~1\report.txt
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 19:22:35
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\common\FSMA32.EXE
C:\Program Files\F-Secure\common\FSMB32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\F-Secure\common\FCH32.EXE
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\common\FNRB32.exe
C:\Program Files\F-Secure\common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\FSRW.exe
C:\Program Files\F-Secure\FWES\program\fsdfwd.exe
C:\Program Files\F-Secure\common\FIH32.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\F-Secure\Anti-Virus\FSAV32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\FSAW.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\WINDOWS\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-04-21 19:29:54 - machine was rebooted
ComboFix-quarantined-files.txt 2008-04-21 16:29:32

Pre-Run: 10,102,525,952 tavua vapaana
Post-Run: 10,002,935,808 tavua vapaana

153 --- E O F --- 2008-04-09 10:42:16
_________________________________________________________


SDFix: Version 1.173
Run by J?rjestelm?nvalvoja on ma 21.04.2008 at 19:52

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\DOCUME~1\JRJEST~1\TYPYT~1\SDFix\SDFix

Checking Services :


Restoring Windows Registry Values
Restoring Windows Default Hosts File

Rebooting


Checking Files :

No Trojan Files Found




Folder C:\Documents and Settings\All Users\Application Data\SalesMon - Removed


Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1353.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-04-21 19:59:07
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\Messenger\\msmsgs.exe"="C:\\Program Files\\Messenger\\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\\Program Files\\eMule\\emule.exe"="C:\\Program Files\\eMule\\emule.exe:*:Enabled:eMule"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"="C:\\Program Files\\Winamp Remote\\bin\\Orb.exe:*:Enabled:Orb"
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe:*:Enabled:OrbTray"
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"="C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"="C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\program\\fspex.exe"="C:\\Program Files\\F-Secure Internet Security\\backweb\\4476822\\program\\fspex.exe:*:enabled:F-Secure Internet Security 2005"
"%windir%\\system32\\sessmgr.exe"="%windir%\\system32\\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"="C:\\Program Files\\MSN Messenger\\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\\Program Files\\MSN Messenger\\livecall.exe"="C:\\Program Files\\MSN Messenger\\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\\Network Diagnostic\\xpnetdiag.exe"="%windir%\\Network Diagnostic\\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"="C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe:*:Enabled:F-Secure Automatic Update"

Remaining Files :


File Backups: - C:\DOCUME~1\JRJEST~1\TYPYT~1\SDFix\SDFix\backups\backups.zip

Files with Hidden Attributes :

Tue 11 Dec 2007 21,657 ..SH. --- "C:\WINDOWS\system32\ttutv.tmp"
Tue 13 Nov 2007 6,519 ..SH. --- "C:\WINDOWS\system32\ttutv.bak1"
Mon 14 Jan 2008 6,408 ..SH. --- "C:\WINDOWS\system32\ttutv.bak2"
Thu 8 Feb 2007 4,348 ..SH. --- "C:\Documents and Settings\All Users\DRM\DRMv1.bak"
Thu 8 Feb 2007 4,348 ...H. --- "C:\Documents and Settings\J?rjestelm?nvalvoja\Omat tiedostot\Omat musiikkitiedostot\K?ytt?oikeuden varmuuskopio\drmv1key.bak"
Thu 5 Apr 2007 20 A..H. --- "C:\Documents and Settings\J?rjestelm?nvalvoja\Omat tiedostot\Omat musiikkitiedostot\K?ytt?oikeuden varmuuskopio\drmv1lic.bak"
Mon 5 Sep 2005 312 A.SH. --- "C:\Documents and Settings\J?rjestelm?nvalvoja\Omat tiedostot\Omat musiikkitiedostot\K?ytt?oikeuden varmuuskopio\drmv2key.bak"

Finished!

________________________________________________________________

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:09:18, on 21.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 8103 bytes
_______________________________________________________________

Mistä johtuu että koneen käynnistyksen yhteydessä työpöydälle tulee escanin kansiota?
[ + lainaa]
pmaatta
Newbie
_ 		21. huhtikuuta 2008 @ 20:15 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ainiin,keskusmuistia löytyy 512MB
[ + lainaa]
Hujo
Suspended permanently
_ 		21. huhtikuuta 2008 @ 22:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
just sitä pitäis vähintään olla 1g
[ + lainaa]
Voiko tietsikka koskaan toimia?
pmaatta
Newbie
_ 		22. huhtikuuta 2008 @ 14:58 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ok,täytynee käydä kaupasta hakemassa.Miltäs noi lokit näyttää?Ja miks noita kuvakkeita tulee työpöydälle kun koneen käynnistää?
[ + lainaa]
Hujo
Suspended permanently
_ 		22. huhtikuuta 2008 @ 15:19 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Lataa TÄSTÄ VundoFix.exe työpöydällesi.

Tupla-klikkaa VundoFix.exe ajaaksesi sen.
Klikkaa Scan for Vundo valintaa.
Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
Sinulta kysytään haluatko poistaa filut - klikkaa YES.
Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.

Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

=============

Mitäs kuvakeita sinne tulee
[ + lainaa]
Voiko tietsikka koskaan toimia?
pmaatta
Newbie
_ 		23. huhtikuuta 2008 @ 22:20 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
vundo fixin skannaus tehty ei löytyny mitään.


VundoFix V6.5.0

Checking Java version...

Java version is 1.5.0.10

Scan started at 22:08:39 23.4.2008

Listing files found while scanning....

No infected files were found.


Beginning removal...


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:18:23, on 23.4.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: hpzrcv01.LNK = C:\Program Files\HP\Temp\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}\setup\hpzstub.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: HP-leikekirja - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart -valitse - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 9194 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		24. huhtikuuta 2008 @ 07:51 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Poista tuo vanha VundoFix V6.5.0
ja lataa uusi

=================

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 24. huhtikuuta 2008 @ 07:59
pmaatta
Newbie
_ 		25. huhtikuuta 2008 @ 14:59 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Melkoinen määrä löytyi,tässä loki

Malwarebytes' Anti-Malware 1.11
Tietokantaversio: 679

Tarkistustyyppi: Täysi tarkistus (C:\|D:\|)
Tarkistetut kohteet: 68985
Kulunut aika: 52 minute(s), 5 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 50
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 14
Saastuneita tiedostoja: 262

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\Interface\{00b77587-be1b-4201-b8e9-09fcf50ab771} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{067c6a37-72ea-4437-863a-5be20c246f3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{34e29700-0d13-46aa-b9a5-ace68e21a091} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3661af2d-c27b-499c-9bcf-66c8502a3806} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{99123ac9-7dda-4c82-b252-44c2804bf392} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{08755390-f46d-4d09-968c-3430166b3189} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{5a4737a8-b92a-4e54-970e-c2891d98ce3f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ace99e77-aa2a-43c2-8c9d-caf2020fdf2b} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e0fb1610-b25b-49f6-be20-751b2f230e6f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{3f0915b8-b238-4c2d-ad1e-60db1e14d27a} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{ea58c2ea-be26-49dd-9b9a-c8e4e5ca7791} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{fca28ac5-c1e1-4d67-a5ae-c44d6c374d9f} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{0923208c-e259-4ed5-a778-cb607da350ad} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1230cf51-6bc4-4a23-b3f1-c7cf0afed619} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{1a2af056-1fe1-47ca-993d-5d09d18e674e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4e8b851b-05b0-4baf-b24d-d0dfe88dded3} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{50c3e2b3-4fd7-4cb9-91f9-641a6e6b3689} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{62b0b239-f9ac-4a5b-bfae-62c7a23f7627} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{726f0ab9-b842-4ae4-90c7-230e233e6a99} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b9cc2b92-5611-453f-8381-8b6f72d9c0b8} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{c4543e64-1498-410d-8e72-4744eea99ab9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{229d2451-a617-4b30-b5e8-8138694240cb} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{2b81f920-6660-4f76-93bf-b1c67bf5d1a0} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{49155dae-c471-40fa-98ee-b2b3cad115ce} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{4d783385-0dda-4188-a529-c97dc3d67cbd} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{54a3f8b7-228e-4ed8-895b-de832b2c3959} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{5b2e150d-4c8a-40e4-8c36-dd9c02771c67} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{627d894a-8a77-416e-b522-432eaf2c818e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{6e10479b-31e8-4a3b-81b1-ddaf39097f19} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{7138f250-5b72-48dd-adfb-9a83b429dd9e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{8971cb48-9fca-445a-be77-e8e8a4cc9df7} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Explorer Bars\{93b0fa7b-50f6-41b4-ac7e-612a72ce8c3c} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{e420a65f-9984-4b8c-9fa9-1ed69d3b0a13} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{9720de03-5820-4059-b4a4-639d5e52bd09} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{b247f5bf-bd9d-4ecd-8fc1-365f36a1fda1} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{b88e4484-3ff6-4ea9-815b-a54fe20d4387} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{bbbfb891-98ae-4678-86f3-bd5a2eed86c9} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bf1bf02c-5a86-4ecf-adac-472c54c4d21e} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{bfc08cff-c737-4433-bd5a-0ee7efcfee54} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{c23fa5a4-1fea-419f-8b14-f7465df062bc} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{ccc6e232-aa4c-4813-a019-9c14b27776b6} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{d2221ccb-f2bb-4858-aad4-57c754153603} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{ea0b6a1a-6a59-4a58-9c41-9966504898a5} (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\568267acfc5644dab06f058006ddbae3 (Adware.Zango) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\Software\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\affri (Malware.Trace) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MS Juan (Malware.Trace) -> Quarantined and deleted successfully.

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\notes (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\promo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\1943219 (Adware.Casino) -> Quarantined and deleted successfully.
C:\AntiSpywareControl (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.
C:\AntiSpywareControl\AVQuar (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\AntiSpywareControl (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\AntiSpywareControl\Logs (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.

Saastuneita tiedostoja:
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101319.sys (Rogue.PCSecureSystem) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101350.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101355.exe (Rogue.PCSecureSystem) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101356.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101357.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101358.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101359.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101363.exe (Rogue.PCSecureSystem) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101364.old (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101365.old (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101384.exe (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101804.dll (Rogue.Multiple) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101811.exe (Rogue.PCPrivacyTool) -> Quarantined and deleted successfully.
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101903.exe (Rogue.Installer) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\creditdebit.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\mutedplayers.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_cashier.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\1943219\archive.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\1943219\history_0748.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\1943219\session133624820.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\history\1943219\stats_GAME_THM.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\notes\1943219.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\notes\1943526.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\promo\sundayspecial.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\PAF Diamond Poker\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\AntiSpywareControl\Logs\threats.log (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.
C:\Documents and Settings\Järjestelmänvalvoja\Application Data\AntiSpywareControl\Logs\update.log (Rogue.AntiSpywareControl) -> Quarantined and deleted successfully.
[ + lainaa]
Hujo
Suspended permanently
_ 		25. huhtikuuta 2008 @ 15:12 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Scannaa koneesi Kaspersky Online Scannerin

Ohjelman käynnistyessä kysytään sallitaanko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
" Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
" Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
" Klikkaa nyt asetuksia, Scan Settings
" Tarkista asetuksista, että seuraavat ovat valittuina:
o Scan using the following Anti-Virus database:
+ Extended (Jos valittavissa, muuten valitse Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
" Klikkaa OK
" Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
" Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
" Klikkaa nyt Save as Text-painiketta.
" Tallenna tiedosto työpöydällesi.
" Mikäli haluat jatkaa asian käsittelyä foorumissa niin kopioi tiedoston sisältö viestiisi.

[ + lainaa]
Voiko tietsikka koskaan toimia?
pmaatta
Newbie
_ 		5. toukokuuta 2008 @ 11:04 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
KASPERSKY ONLINE SCANNER REPORT
Monday, May 05, 2008 10:56:34 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/05/2008
Kaspersky Anti-Virus database records: 740320
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 40672
Number of viruses found 13
Number of infected objects 21
Number of suspicious objects 0
Duration of the scan process 01:09:58

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05f91187fffc154415d4c7958ad30235_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e40e6199324d7484e299f539e9d5cda_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\429c49ea99fb817268850d1eb410f049_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a3b9d55b05fa0e799f878c5eb1469c3_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e3a7c9739500aa7f6eea5809d5bf8e3_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63837f248f289e16817fd409a70f8baa_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\762b4ed0e384ce1faaa5e3edcb56ab9b_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8dd96d94e7b55dbba7854e4f971b6826_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1718c9b30660d5f0103c9ca84b5d956_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b483132460b09c7cd086ce2fe1713e06_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b97c1057c97dedf0db394b45d4eeea71_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d66d6e0071b28ed67be23c5c1455082a_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\ntuser.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\F-Secure\Anti-Virus\dbupdate.log Object is locked skipped
C:\Program Files\F-Secure\Anti-Virus\Qrt.log Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\cache.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\L0000003.FCS Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\F-Secure\common\policy.bpf Object is locked skipped
C:\Program Files\F-Secure\common\policy.ipf Object is locked skipped
C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.ilg Object is locked skipped
C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.ilg Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101805.exe Infected: not-a-virus:FraudTool.Win32.SanitarDiska.p skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101824.dll Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101827.dll Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file01 Infected: not-a-virus:FraudTool.Win32.ErrClean.a skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file04 Infected: not-a-virus:RiskTool.Win32.PsKill.an skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file14 Infected: not-a-virus:FraudTool.Win32.BestSeller.n skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file70 Infected: not-a-virus:Downloader.Win32.WinFixer.cv skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe Inno: infected - 4 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101885.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file005 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.p skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file483 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.q skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file485 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.q skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file486 Infected: not-a-virus:Downloader.Win32.WinFixer.dh skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe Inno: infected - 4 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101891.dll Infected: not-a-virus:AdWare.Win32.HotBar.ch skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101897.dll Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101904.dll Infected: not-a-virus:AdWare.Win32.180Solutions.bq skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101905.exe Infected: not-a-virus:AdWare.Win32.180Solutions.bp skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101907.dll Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101909.exe Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP842\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\itss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx Object is locked skipped
C:\WINDOWS\$NtUninstallQ828026$\wmp.dll Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.

tämmöstä shittii löyty mikä olis seuraava liike?
[ + lainaa]
MarsWin
Senior Member

3 tuotearviota
_ 		5. toukokuuta 2008 @ 11:35 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Lainaus, alkuperäisen viestin kirjoitti pmaatta:
 KASPERSKY ONLINE SCANNER REPORT
Monday, May 05, 2008 10:56:34 AM
Operating System: Microsoft Windows XP Professional, Service Pack 2 (Build 2600)
Kaspersky Online Scanner version: 5.0.98.0
Kaspersky Anti-Virus database last update: 5/05/2008
Kaspersky Anti-Virus database records: 740320
Scan Settings
Scan using the following antivirus database extended
Scan Archives true
Scan Mail Bases true
Scan Target My Computer
A:\
C:\
D:\
E:\
F:\
Scan Statistics
Total number of scanned objects 40672
Number of viruses found 13
Number of infected objects 21
Number of suspicious objects 0
Duration of the scan process 01:09:58

Infected Object Name Virus Name Last Action
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\05f91187fffc154415d4c7958ad30235_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\1e40e6199324d7484e299f539e9d5cda_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\429c49ea99fb817268850d1eb410f049_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5a3b9d55b05fa0e799f878c5eb1469c3_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\5e3a7c9739500aa7f6eea5809d5bf8e3_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\63837f248f289e16817fd409a70f8baa_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\762b4ed0e384ce1faaa5e3edcb56ab9b_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\8dd96d94e7b55dbba7854e4f971b6826_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b1718c9b30660d5f0103c9ca84b5d956_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b483132460b09c7cd086ce2fe1713e06_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\b97c1057c97dedf0db394b45d4eeea71_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys\d66d6e0071b28ed67be23c5c1455082a_bee717ac-3dfd-4a7b-a673-55f4489021ba Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat Object is locked skipped
C:\Documents and Settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Temporary Internet Files\AntiPhishing\B3BB5BBA-E7D5-40AB-A041-A5B1C0B26C8F.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\ntuser.dat Object is locked skipped
C:\Documents and Settings\Järjestelmänvalvoja\NTUSER.DAT.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Cookies\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Sivuhistoria\History.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat Object is locked skipped
C:\Documents and Settings\LocalService\ntuser.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat Object is locked skipped
C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft\Windows\UsrClass.dat.LOG Object is locked skipped
C:\Documents and Settings\NetworkService\NTUSER.DAT Object is locked skipped
C:\Documents and Settings\NetworkService\ntuser.dat.LOG Object is locked skipped
C:\Program Files\F-Secure\Anti-Virus\dbupdate.log Object is locked skipped
C:\Program Files\F-Secure\Anti-Virus\Qrt.log Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\cache.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chandir.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\chn.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\D0000000.FCS Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\inuse.txt Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\L0000003.FCS Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\main.log Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_die.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_dnd.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_ext.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\prs_rcv.idx Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.dat Object is locked skipped
C:\Program Files\F-Secure\BackWeb\7681197\Users\Default\Data\storydb.idx Object is locked skipped
C:\Program Files\F-Secure\common\policy.bpf Object is locked skipped
C:\Program Files\F-Secure\common\policy.ipf Object is locked skipped
C:\Program Files\InstallShield Installation Information\{036AA4D4-6D32-11D4-9875-00105ACE7734}\setup.ilg Object is locked skipped
C:\Program Files\InstallShield Installation Information\{5809E7CF-4DCF-11D4-9875-00105ACE7734}\setup.ilg Object is locked skipped
C:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101805.exe Infected: not-a-virus:FraudTool.Win32.SanitarDiska.p skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101824.dll Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP822\A0101827.dll Object is locked skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file01 Infected: not-a-virus:FraudTool.Win32.ErrClean.a skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file04 Infected: not-a-virus:RiskTool.Win32.PsKill.an skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file14 Infected: not-a-virus:FraudTool.Win32.BestSeller.n skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe/file70 Infected: not-a-virus:Downloader.Win32.WinFixer.cv skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101879.exe Inno: infected - 4 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101885.exe Infected: not-a-virus:FraudTool.Win32.BestSeller.a skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file005 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.p skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file483 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.q skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file485 Infected: not-a-virus:FraudTool.Win32.SanitarDiska.q skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe/file486 Infected: not-a-virus:Downloader.Win32.WinFixer.dh skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101888.exe Inno: infected - 4 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101891.dll Infected: not-a-virus:AdWare.Win32.HotBar.ch skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe/stream/data0002 Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe/stream Infected: not-a-virus:AdWare.Win32.180Solutions.bj skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101896.exe NSIS: infected - 2 skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101897.dll Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101904.dll Infected: not-a-virus:AdWare.Win32.180Solutions.bq skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101905.exe Infected: not-a-virus:AdWare.Win32.180Solutions.bp skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101907.dll Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP823\A0101909.exe Infected: not-a-virus:AdWare.Win32.HotBar.ck skipped
C:\System Volume Information\_restore{678F0597-4076-4442-82B5-BD978C438C2E}\RP842\change.log Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\user32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB824141$\win32k.sys Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\cryptsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\hhsetup.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\itss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB826939$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828028$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\msgsvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828035$\wkssvc.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\catsrvut.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatex.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\clbcatq.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\colbact.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comadmin.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comrepl.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comsvcs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\comuid.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\es.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\migregdb.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcprx.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtctm.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\msdtcuiu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxclu.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\mtxoci.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\ole32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcrt4.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\rpcss.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB828741$\txflog.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\callcont.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\cmdevtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\evtgprov.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\gdi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323.tsp Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\h323msp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\helpctr.exe Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\ipnathlp.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\lsasrv.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mf3216.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msasn1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\msgina.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\mst120.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\netapi32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\nmcom.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\rtcdll.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\schannel.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB835732$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\dao360.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msexcl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjet40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetol1.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjetoledb40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msjtes40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mspbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msrepl40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\mstext40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB837001$\msxbde40.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\fldrclnr.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\shell32.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\sxs.dll Object is locked skipped
C:\WINDOWS\$NtUninstallKB839645$\xpsp2res.dll Object is locked skipped
C:\WINDOWS\$NtUninstallQ828026$\msdxm.ocx Object is locked skipped
C:\WINDOWS\$NtUninstallQ828026$\wmp.dll Object is locked skipped
C:\WINDOWS\CSC\00000001 Object is locked skipped
C:\WINDOWS\Debug\PASSWD.LOG Object is locked skipped
C:\WINDOWS\SchedLgU.Txt Object is locked skipped
C:\WINDOWS\SoftwareDistribution\ReportingEvents.log Object is locked skipped
C:\WINDOWS\Sti_Trace.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\edb.log Object is locked skipped
C:\WINDOWS\system32\CatRoot2\tmp.edb Object is locked skipped
C:\WINDOWS\system32\config\AppEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\default Object is locked skipped
C:\WINDOWS\system32\config\default.LOG Object is locked skipped
C:\WINDOWS\system32\config\Internet.evt Object is locked skipped
C:\WINDOWS\system32\config\SAM Object is locked skipped
C:\WINDOWS\system32\config\SAM.LOG Object is locked skipped
C:\WINDOWS\system32\config\SecEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\SECURITY Object is locked skipped
C:\WINDOWS\system32\config\SECURITY.LOG Object is locked skipped
C:\WINDOWS\system32\config\software Object is locked skipped
C:\WINDOWS\system32\config\software.LOG Object is locked skipped
C:\WINDOWS\system32\config\SysEvent.Evt Object is locked skipped
C:\WINDOWS\system32\config\system Object is locked skipped
C:\WINDOWS\system32\config\system.LOG Object is locked skipped
C:\WINDOWS\system32\h323log.txt Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.BTR Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\INDEX.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING.VER Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING1.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\MAPPING2.MAP Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.DATA Object is locked skipped
C:\WINDOWS\system32\wbem\Repository\FS\OBJECTS.MAP Object is locked skipped
C:\WINDOWS\wiadebug.log Object is locked skipped
C:\WINDOWS\wiaservc.log Object is locked skipped
C:\WINDOWS\WindowsUpdate.log Object is locked skipped
D:\System Volume Information\MountPointManagerRemoteDatabase Object is locked skipped
Scan process completed.

tämmöstä shittii löyty mikä olis seuraava liike?
Aika paljon koneellas moskaa. Löytyykös sulta avg anti spyware? kannattaa ladata se ja skannata kone sillä läpi
[ + lainaa]
Hujo
Suspended permanently
_ 		5. toukokuuta 2008 @ 12:15 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Niin onkos se vanha vudofix poitettu ja tuosta se uusi

Lataa TÄSTÄ VundoFix.exe työpöydällesi.

Tupla-klikkaa VundoFix.exe ajaaksesi sen.
Klikkaa Scan for Vundo valintaa.
Kun skannaus on valmis, klikkaa Remove Vundo valintaa.
Sinulta kysytään haluatko poistaa filut - klikkaa YES.
Kun olet klikannut yes, työpöytäsi tyhjenee kun se alkaa poistamaan Vundoa.
Kun se on valmis, fiksi ilmoittaa käynnistäväsi koneesi uudelleen, klikkaa OK.
Postita C:\vundofix.txt lokin sekä tuoreen HijackThis lokin sisältö.

Huomaa: Se on mahdollista että VundoFix löysi tiedoston jota se ei pystynyt poistamaan.
Tässä tilanteessa, VundoFix ajaa itsensä rebootissa, seuraa vain yläpuolelle olevia ohjeita alkaen kohdasta "Klikkaa Scan for Vundo valintaa." kun VundoFix ilmaantuu uudelleenkäynnistyksen yhteydessä.

============

Uudelleen nimeäminen

1. Klikkaa hiiren oikealla painikkeella HijackThis ikonia.



2. Valitse Uudelleennineä/ Rename.


3. Kirjoita scanner.exe



[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 5. toukokuuta 2008 @ 12:15
pmaatta
Newbie
_ 		5. toukokuuta 2008 @ 20:18 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Vundo ei löytänyt mitään,tässä hjt-loki

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:22, on 5.5.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\internet explorer\iexplore.exe
c:\program files\winamp toolbar\WinampTbServer.exe
C:\Program Files\HP\Smart Web Printing\hpswp_clipbook.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Temporary Internet Files\Content.IE5\F625WC71\VundoFix[1].exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: HP-leikekirja - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart -valitse - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/eng/partner...can_unicode.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 9281 bytes
[ + lainaa]
Hujo
Suspended permanently
_ 		5. toukokuuta 2008 @ 21:46 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ei ole nimetty uudelleen
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

laita se vudofix raportti

1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK

=========

aja combofix uudelleen
[ + lainaa]
Voiko tietsikka koskaan toimia?

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 5. toukokuuta 2008 @ 21:46
pmaatta
Newbie
_ 		7. toukokuuta 2008 @ 21:43 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ComboFix 08-05-01.3 - Järjestelmänvalvoja 2008-05-07 21:02:44.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1035.18.168 [GMT 3:00]
Running from: C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\ComboFix.exe
* Created a new restore point
* Resident AV is active


WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Järjestelmänvalvoja\ResErrors.log
C:\WINDOWS\system32\AutoRun.inf
C:\WINDOWS\system32\ttutv.bak1
C:\WINDOWS\system32\ttutv.bak2
C:\WINDOWS\system32\ttutv.ini
C:\WINDOWS\system32\ttutv.ini2
C:\WINDOWS\system32\ttutv.tmp
C:\WINDOWS\system32\xavhroyv.ini

.
((((( Tiedostot, jotka on luotu seuraavalla aikavälillä: 2008-04-07 to 2008-05-07 )))))))))))))))))
.

2008-05-07 20:11 . 2008-05-07 20:11 <KANSIO> d-------- C:\VundoFix Backups
2008-05-05 21:13 . 2008-05-05 21:13 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Grisoft
2008-05-05 21:12 . 2008-05-05 21:12 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-05-05 21:12 . 2007-05-30 15:10 10,872 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2008-05-05 20:32 . 2008-05-05 20:32 <KANSIO> d-------- C:\Program Files\CCleaner
2008-04-25 13:58 . 2008-04-25 13:58 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Malwarebytes
2008-04-25 13:58 . 2008-04-25 13:58 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-04-25 13:49 . 2008-04-25 13:49 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\WEBREG
2008-04-25 13:48 . 2007-03-08 07:20 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-04-25 13:47 . 2008-04-25 13:47 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Hewlett-Packard
2008-04-25 13:47 . 2007-03-30 18:07 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-04-25 13:47 . 2007-03-28 14:01 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll
2008-04-25 13:47 . 2007-03-08 07:20 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-04-25 13:47 . 2007-03-08 07:20 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-04-25 13:46 . 2007-03-17 19:11 675,840 -ra------ C:\WINDOWS\system32\hpowiax3.dll
2008-04-25 13:46 . 2007-03-17 19:11 569,344 -ra------ C:\WINDOWS\system32\hpotscl3.dll
2008-04-25 13:46 . 2007-03-08 07:20 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-04-25 13:46 . 2007-03-08 07:20 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-04-25 13:46 . 2007-03-17 19:11 303,104 -ra------ C:\WINDOWS\system32\hpovst10.dll
2008-04-25 13:43 . 2008-04-25 13:43 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\HPAppData
2008-04-25 13:43 . 2008-04-25 13:43 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\HPSSUPPLY
2008-04-25 13:41 . 2008-04-25 13:41 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\HP Product Assistant
2008-04-25 13:28 . 2008-04-25 13:49 157,377 --a------ C:\WINDOWS\hpoins14.dat
2008-04-25 13:28 . 2007-09-20 04:14 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-04-25 13:22 . 2008-05-07 21:02 1,024 --ah----- C:\Documents and Settings\Jõrjestelmõnvalvoja\ntuser.dat.LOG
2008-04-25 13:13 . 2008-04-25 13:13 <KANSIO> d-------- C:\Documents and Settings\Järjestelmänvalvoja\Application Data\HP
2008-04-23 21:20 . 2008-04-23 21:20 <KANSIO> d-------- C:\Program Files\Common Files\HP
2008-04-23 21:20 . 2008-04-25 13:41 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\HP
2008-04-23 21:19 . 2008-04-23 21:19 <KANSIO> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-04-23 21:17 . 2008-04-25 13:43 <KANSIO> d-------- C:\Program Files\HP
2008-04-23 21:17 . 2004-08-03 23:08 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2008-04-23 21:17 . 2004-08-03 23:08 31,616 --a--c--- C:\WINDOWS\system32\dllcache\usbccgp.sys
2008-04-23 21:17 . 2004-08-03 23:01 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2008-04-23 21:17 . 2004-08-03 23:01 25,856 --a--c--- C:\WINDOWS\system32\dllcache\usbprint.sys
2008-04-21 19:48 . 2008-04-21 19:48 <KANSIO> d-------- C:\WINDOWS\ERUNT
2008-04-21 19:30 . 2008-04-25 13:22 <KANSIO> d-------- C:\Documents and Settings\Jõrjestelmõnvalvoja
2008-04-12 20:43 . 2008-02-22 02:33 69,632 --a------ C:\WINDOWS\system32\javacpl.cpl
2008-04-09 11:07 . 2008-02-20 08:38 45,568 -----c--- C:\WINDOWS\system32\dllcache\dnsrslvr.dll

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-07 17:50 524,288 ----a-w C:\WINDOWS\system32\drivers\CnxE2FS.bin
2008-05-05 17:22 --------- d-----w C:\Program Files\Common Files\InstallShield
2008-05-05 17:21 --------- d-----w C:\Documents and Settings\Järjestelmänvalvoja\Application Data\Lavasoft
2008-04-12 17:43 --------- d-----w C:\Program Files\Java
2008-03-30 07:30 --------- d-----w C:\Documents and Settings\Järjestelmänvalvoja\Application Data\F-Secure
2008-03-28 13:15 118,842 ------r C:\WINDOWS\bwUnin-6.3.2.116-7681197L.exe
2008-03-28 13:15 --------- d-----w C:\Documents and Settings\All Users\Application Data\F-Secure
2008-03-28 13:14 --------- d-----w C:\Program Files\F-Secure
2008-03-28 13:06 --------- d-----w C:\Program Files\Winamp
2008-03-26 18:55 --------- d-----w C:\Program Files\Trend Micro
2008-03-26 18:35 --------- d-----w C:\Program Files\IObit
2008-03-26 17:44 --------- d-----w C:\Program Files\eMule
2008-03-20 08:09 1,845,504 ----a-w C:\WINDOWS\system32\win32k.sys
2008-03-01 13:01 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-02-20 06:51 282,624 ----a-w C:\WINDOWS\system32\gdi32.dll
2008-02-20 05:38 45,568 ----a-w C:\WINDOWS\system32\dnsrslvr.dll
2007-02-12 12:42 18,304 ----a-w C:\Documents and Settings\Järjestelmänvalvoja\Application Data\GDIPFONTCACHEV1.DAT
2007-02-08 15:43 2,879,031 ----a-w C:\Program Files\LiveUpdate14_Eng_Install.exe
.

(((((((((((((((((((((((((((((( Rekisterin käynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
REGEDIT4
*Huom* Tyhjiä arvoja ja laillisia oletusarvoja ei näytetä

[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{25CEE8EC-5730-41bc-8B58-22DDC8AB8C20}]
2007-10-04 23:06 1135968 --a------ C:\Program Files\Winamp Toolbar\winamptb.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= "C:\Program Files\Winamp Toolbar\winamptb.dll" [2007-10-04 23:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}"= C:\Program Files\Winamp Toolbar\winamptb.dll [2007-10-04 23:06 1135968]

[HKEY_CLASSES_ROOT\clsid\{ebf2ba02-9094-4c5a-858b-bb198f3d8de2}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand.1]
[HKEY_CLASSES_ROOT\TypeLib\{538CD77C-BFDD-49b0-9562-77419CAB89D1}]
[HKEY_CLASSES_ROOT\WINAMPTB.AOLToolBand]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-14 16:12 15360]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-08-17 12:06 68856]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CnxTrApp"="C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll" [2003-07-30 11:48 247296]
"F-Secure Manager"="C:\Program Files\F-Secure\Common\FSM32.exe" [2005-06-03 01:37 122929]
"F-Secure TNB"="C:\Program Files\F-Secure\TNB\TNBUtil.exe" [2004-05-27 11:57 684032]
"!AVG Anti-Spyware"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" [2007-06-11 12:25 6731312]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\System32\CTFMON.EXE" [2004-09-14 16:12 15360]

C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
F-Secure Automatic Update.lnk - C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe [2008-03-28 16:15:32 32807]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveSearch"= 1 (0x1)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\F-Secure\\BackWeb\\7681197\\program\\F-Secure Automatic Update.exe"=

R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys [2005-06-21 18:32]
R1 msikbd2k;Multimedia Keyboard Filter Driver;C:\WINDOWS\system32\DRIVERS\msikbd2k.sys [2001-12-20 09:02]
R2 BackWeb Plug-in - 7681197;F-Secure Automatic Update;C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE [2008-03-28 16:15]
R2 F-Secure Filter;F-Secure File System Filter;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSfilter.sys [2004-09-10 18:14]
R2 F-Secure Gatekeeper;F-Secure Gatekeeper;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSgk.sys [2005-02-16 18:49]
R2 F-Secure Recognizer;F-Secure File System Recognizer;C:\Program Files\F-Secure\Anti-Virus\Win2K\FSrec.sys [2004-12-17 12:34]
R3 ati2mtaa;ati2mtaa;C:\WINDOWS\system32\DRIVERS\ati2mtaa.sys [2002-01-12 02:22]
S2 HWiNFO32;HWiNFO32 Kernel Driver;C:\Program Files\HWiNFO32\HWiNFO32.SYS []
S2 nhksrv;Netropa NHK Server;C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc

.
'Ajoitetut tehtävät'-kansion sisältö
"2008-05-07 04:36:13 C:\WINDOWS\Tasks\Scheduled scanning task.job"
- C:\PROGRA~1\F-Secure\ANTI-V~1\fsav.exeZ /HARD /ARCHIVE /DISINF /SCHED /NOBREAK /REPORT=C:\PROGRA~1\F-Secure\ANTI-V~1\report.txt
.
**************************************************************************

catchme 0.3.1353 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-07 21:05:30
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-05-07 21:10:38
ComboFix-quarantined-files.txt 2008-05-07 18:10:32

Pre-Run: 10,801,487,872 tavua vapaana
Post-Run: 10,945,556,480 tavua vapaana

158 --- E O F --- 2008-04-09 10:42:16




------------------------------------------------------------------



VundoFix V7.0.3

Scan started at 20:11:58 7.5.2008

Listing files found while scanning....

No infected files were found.


Beginning removal...


VundoFix V7.0.3

Scan started at 20:11:58 7.5.2008

Listing files found while scanning....

No infected files were found.


Beginning removal...
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:40:30, on 7.5.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\Skanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: HP Print Clips - {053F9267-DC04-4294-A72C-58F732D338C0} - C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
O4 - HKLM\..\Run: [CnxTrApp] rundll32.exe "C:\Program Files\TeleWell\TeleWell TW-EA100B_2 ADSL USB\CnxTrApp.dll",AppEntry -REG "Conexant\Conexant USB Network"
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: HP-leikekirja - {58ECB495-38F0-49cb-A538-10282ABF65E7} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: HP Smart -valitse - {700259D7-1666-479a-93B1-3250410481E8} - C:\Program Files\HP\Smart Web Printing\hpswp_extensions.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupd...b?1127129217427
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://81.8.149.252/activex/AxisCamControl.cab
O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C:\Program Files\Netropa\Multimedia Keyboard\nhksrv.exe (file missing)

--
End of file - 9242 bytes



Tällässii tampereelta... mitakohan viela?!
[ + lainaa]
Hujo
Suspended permanently
_ 		8. toukokuuta 2008 @ 20:03 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

[ + lainaa]
Voiko tietsikka koskaan toimia?
Mainos
_ 		__
 
_
pmaatta
Newbie
_ 		13. toukokuuta 2008 @ 13:18 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
eScan suoritettu eikä löytynyt tälläkään kertaa mitään.Mitäs seuraavaks?
[ + lainaa]
 
Sivu:12>
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > troijalainen poistettu,onkohan kone puhdas
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy