AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
maanantai 23.12.2024 / 20:19
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kazaan poiston jälkeinen logi
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Kazaan poiston jälkeinen logi
  Siirry:
 
Kirjoittaja Viesti
janne59
Senior Member
_ 		26. marraskuuta 2005 @ 16:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kone ajettu läpi Microsoft Antispywarella, Spypot, Ad-Awarella ja EasyCleanerilla. Mahtoiko jäädä vielä jotain? Tää on kaverin kone.

Logfile of HijackThis v1.99.1
Scan saved at 21:17:20, on 26.11.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\brsvc01a.exe
G:\WINDOWS\system32\brss01a.exe
G:\WINDOWS\system32\spoolsv.exe
G:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
G:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
G:\WINDOWS\system32\Brmfrmps.exe
G:\WINDOWS\system32\mgabg.exe
G:\Program Files\Spyware Doctor\sdhelp.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\wdfmgr.exe
G:\WINDOWS\system32\ZoneLabs\vsmon.exe
G:\WINDOWS\Explorer.EXE
G:\WINDOWS\System32\alg.exe
G:\Program Files\Google\Gmail Notifier\gnotify.exe
G:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
G:\Program Files\ForceShutdown\fsd.exe
G:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
G:\WINDOWS\system32\PDesk.exe
G:\Program Files\Microsoft AntiSpyware\gcasServ.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Messenger\msmsgs.exe
G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
G:\Program Files\Spyware Doctor\swdoctor.exe
G:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
G:\Program Files\Down2Home\Down2Home.exe
G:\Program Files\Logitech\SetPoint\SetPoint.exe
G:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
G:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
G:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dnainternet.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja dna Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - G:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar1.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - G:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - G:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] G:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "G:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] G:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] G:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] G:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Force Shutdown] G:\Program Files\ForceShutdown\fsd.exe
O4 - HKLM\..\Run: [AVG7_EMC] G:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Matrox Powerdesk] G:\WINDOWS\system32\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [gcasServ] "G:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [NBJ] "G:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Skype] "G:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Spyware Doctor] "G:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: Adobe Reader Speed Launch.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Down2Home.lnk = G:\Program Files\Down2Home\Down2Home.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Status Monitor.lnk = G:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Google Search - res://G:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW
O8 - Extra context menu item: &Translate English Word - res://G:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://G:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://G:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://G:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://G:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - G:\PROGRA~1\SPYWAR~3\tools\iesdpb.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Palvelut - {0BE8000B-D38D-488C-A1DB-6D0A6C966F00} - http://service.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {90E57A2B-2DBC-41A2-98A4-2BB14B1ED2AD} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Tuki - {D555FBAD-A0AA-40BC-B682-745817EA674A} - http://tuki.elisa.net/ (file missing) (HKCU)
O14 - IERESET.INF: START_PAGE_URL=http://www.dnainternet.fi
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSSc...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - G:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - G:\WINDOWS\system32\brsvc01a.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - G:\WINDOWS\system32\mgabg.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - G:\Program Files\Spyware Doctor\sdhelp.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - G:\WINDOWS\system32\ZoneLabs\vsmon.exe
[ + lainaa]
aaxxeell
Senior Member
_ 		26. marraskuuta 2005 @ 16:37 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Ohjauspaneeli
Lisää/poista Sovellus, Poista:
Need2Find... (jos löytyy)

Fixaa (Do a system scan only, merkkaa, sulje muut ohjelmat, paina fix cheked ):
O2 - BHO: Need2Find Bar BHO - {4D1C4E81-A32A-416b-BCDB-33B3EF3617D3} - G:\Program Files\Need2Find\bar\2.bin\ND2FNBAR.DLL
O8 - Extra context menu item: &Search - http://kw.bar.need2find.com/KW/menusearch.html?p=KW

Vikasietotila(F8 käynnistyksen yhteydessä):
G:\Program Files\-->Need2Find<--

Lataa ewido:
-> http://www.ewido.net/en/download/

Päivitä, Scannaa koko kone, poista löydöt ja lähetä sen raportti tänne.
[ + lainaa]
>>>>> Oppaat <<<<<
Ewido Anti-spyware 4.0 -> http://aaxxeell.googlepages.com/ewido4
Koneen puhdistaminen. HijackThis-ohje -> http://aaxxeell.googlepages.com/koneenpuhdistaminen.hijackthis-ohje%21
Surffaile turvallisesti netissä! HOSTS-tiedosto -> http://aaxxeell.googlepages.com/surffaileturvallisestinetiss%C3%A4%21hosts-tiedosto%21
Messenger Plus! Opas turvalliseen asentamiseen -> http://aaxxeell.googlepages.com/messengerplus%21opasturvalliseenasentamiseen.
EULAlyzer -> http://aaxxeell.googlepages.com/eulalyzer

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 26. marraskuuta 2005 @ 17:14
V-kos
Senior Member
_ 		26. marraskuuta 2005 @ 16:43 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Käytä sitten kans tuo KazaaBegone niin lähtee ne viimeisetkin rippeet. Yleensä aina löytyy jotain.

http://koti.mbnet.fi/pattaya1/kazaabegone.htm
[ + lainaa]
janne59
Senior Member
_ 		26. marraskuuta 2005 @ 16:47 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
KazaaBegone on suoritettu.
[ + lainaa]
juhani57
Newbie
_ 		27. marraskuuta 2005 @ 06:26 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
ewido logi

Scan result:

HKLM\SOFTWARE\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
HKLM\SOFTWARE\Need2Find\bar\Partner -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-725345543-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25D8BACF-3DE2-4B48-AE22-D659B8D835B0} -> Spyware.RXToolbar : Cleaned with backup
HKU\S-1-5-21-725345543-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D1C4E81-A32A-416B-BCDB-33B3EF3617D3} -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-725345543-1547161642-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4E7BD74F-2B8D-469E-90F0-F66AB581A933} -> Spyware.MyWebSearch : Cleaned with backup
HKU\S-1-5-21-725345543-1547161642-682003330-1004\Software\Need2Find -> Spyware.Need2Find : Cleaned with backup
HKU\S-1-5-21-725345543-1547161642-682003330-1004\Software\Need2Find\bar -> Spyware.Need2Find : Cleaned with backup
:mozilla.20:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.21:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Qksrv : Cleaned with backup
:mozilla.28:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.40:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Bfast : Cleaned with backup
:mozilla.48:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.52:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.53:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Com : Cleaned with backup
:mozilla.59:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.60:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.61:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.62:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.65:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.66:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.68:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.69:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.76:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.77:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.86:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Spylog : Cleaned with backup
:mozilla.92:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.160:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Mediaplex : Cleaned with backup
:mozilla.161:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.162:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Overture : Cleaned with backup
:mozilla.167:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.179:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.190:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.191:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Targetnet : Cleaned with backup
:mozilla.192:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.194:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.195:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.196:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.211:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Weborama : Cleaned with backup
:mozilla.217:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.221:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Hitbox : Cleaned with backup
:mozilla.224:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Bluestreak : Cleaned with backup
:mozilla.236:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.237:C:\WINDOWS\Profiles\jussi\Application Data\Mozilla\Firefox\Profiles\ari8f7q3.default\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
C:\WINDOWS\Profiles\jussi\Cookies\jussi@burstnet[2].txt -> Spyware.Cookie.Burstnet : Cleaned with backup
C:\WINDOWS\Profiles\jussi\Cookies\jussi@com[2].txt -> Spyware.Cookie.Com : Cleaned with backup
C:\WINDOWS\Profiles\jussi\Cookies\jussi@ilead.itrack[2].txt -> Spyware.Cookie.Itrack : Cleaned with backup
C:\System Volume Information\_restore{6D360745-769B-4EEF-98D9-8A549778DA3A}\RP95\A0012514.DLL -> Spyware.P2PNetworking : Cleaned with backup
C:\System Volume Information\_restore{6D360745-769B-4EEF-98D9-8A549778DA3A}\RP95\A0012516.exe -> Spyware.P2PNetworking : Cleaned with backup
C:\System Volume Information\_restore{6D360745-769B-4EEF-98D9-8A549778DA3A}\RP95\A0012519.exe -> Spyware.P2PNetworking : Cleaned with backup
:mozilla.17:G:\Documents and Settings\juhani louento\Application Data\Mozilla\Firefox\Profiles\8mblcgzr.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.19:G:\Documents and Settings\juhani louento\Application Data\Mozilla\Firefox\Profiles\8mblcgzr.default\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
G:\Program Files\Uninstall Need2Find Bar.dll -> Spyware.MySearch : Cleaned with backup
[ + lainaa]
juhani57
Newbie
_ 		27. marraskuuta 2005 @ 06:33 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Logfile of HijackThis v1.99.1
Scan saved at 11:01:06, on 27.11.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\brsvc01a.exe
G:\WINDOWS\system32\brss01a.exe
G:\WINDOWS\system32\spoolsv.exe
G:\WINDOWS\Explorer.EXE
G:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
G:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
G:\WINDOWS\system32\Brmfrmps.exe
G:\Program Files\ewido\security suite\ewidoctrl.exe
G:\Program Files\ewido\security suite\ewidoguard.exe
G:\Program Files\Google\Gmail Notifier\gnotify.exe
G:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
G:\Program Files\ForceShutdown\fsd.exe
G:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
G:\WINDOWS\system32\PDesk.exe
G:\Program Files\Microsoft AntiSpyware\gcasServ.exe
G:\WINDOWS\system32\ctfmon.exe
G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
G:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
G:\WINDOWS\system32\mgabg.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\ZoneLabs\vsmon.exe
G:\Program Files\Skype\Phone\Skype.exe
G:\Program Files\Down2Home\Down2Home.exe
G:\Program Files\Logitech\SetPoint\SetPoint.exe
G:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
G:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
G:\Program Files\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dnainternet.fi
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja dna Internet
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - G:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] G:\Program Files\Google\Gmail Notifier\gnotify.exe
O4 - HKLM\..\Run: [SSBkgdUpdate] "G:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] G:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] G:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [ControlCenter2.0] G:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [Force Shutdown] G:\Program Files\ForceShutdown\fsd.exe
O4 - HKLM\..\Run: [AVG7_EMC] G:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O4 - HKLM\..\Run: [Zone Labs Client] G:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [Matrox Powerdesk] G:\WINDOWS\system32\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [gcasServ] "G:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Ashampoo PopUpBlocker] G:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe
O4 - HKCU\..\Run: [NBJ] "G:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Skype] "G:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Adobe Reader Speed Launch.lnk = G:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Down2Home.lnk = G:\Program Files\Down2Home\Down2Home.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = G:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = G:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Status Monitor.lnk = G:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://www.dnainternet.fi
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/...
O16 - DPF: {7F8C8173-AD80-4807-AA75-5672F22B4582} (ICSScanner Class) - http://download.zonelabs.com/bin/promotions/spywaredetector/ICSSc...
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Unknown owner - G:\WINDOWS\system32\Brmfrmps.exe" -service (file missing)
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - G:\WINDOWS\system32\brsvc01a.exe
O23 - Service: ewido security suite control - ewido networks - G:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - G:\Program Files\ewido\security suite\ewidoguard.exe
O23 - Service: MGABGEXE - Matrox Graphics Inc. - G:\WINDOWS\system32\mgabg.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - G:\WINDOWS\system32\ZoneLabs\vsmon.exe
[ + lainaa]
-kemisti-
AfterDawn Addict
_ 		27. marraskuuta 2005 @ 06:37 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Loki on kunnossa :)
[ + lainaa]
Mainos
_ 		__
 
_
juhani57
Newbie
_ 		27. marraskuuta 2005 @ 06:42 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
kiitos paljon !
[ + lainaa]
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat > kazaan poiston jälkeinen logi
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2024 AfterDawn Oy