AfterDawn.com Mainosta sivuillamme
User Käyttäjä Salasana  
  Puuttuuko tunnus? Liity jäseneksi nyt!.
Salasana hukassa? Klikkaa tästä. 		 
  Etusivu   Uutiset   Oppaat   Ohjelmat   Sanasto   Laitevertailu   Profiilit   Keskustelu  
 Yksityisviestit     Luo uusi yksityisviesti     Kaikki uudet viestit     Ilman vastauksia olevat viestiketjut     Hae viestejä
sunnuntai 20.7.2025 / 15:59
Hae keskustelualueilta:        In English   Suomeksi   På svenska
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > ongelma iexplore.exe:n kanssa
Näytä aiheet
 
Keskustelualueet
Keskustelualueet
Ongelma iexplore.exe:n kanssa
  Siirry:
 
Kirjoittaja Viesti
Terodo
Junior Member
_ 		1. tammikuuta 2007 @ 13:06 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Elikkä ongelma on sama kun useilla ollut aiemminkin. Prosesseissa on käynnissä 2 kpl iexplore.exe:jä vaikka ei ikkunoita ole auki. Jos apua löytyisi niin olisin kiitollinen.

HJT:n loki tässä

Logfile of HijackThis v1.99.1
Scan saved at 17:57:53, on 1.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\taskmgr.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [flaw roam] C:\DOCUME~1\MIN~1\APPLIC~1\LOCKST~1\defaulttrans.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
[ + lainaa]
tapiiri
Senior Member
_ 		2. tammikuuta 2007 @ 16:39 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
No joo, lop.com tekee joskus noin. Poistetaanpa se :D

Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki 1
Linkki 2
Linkki 3[list]
[*]Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
[*]Tuplaklikkaa NoLop.exe ajaaksesi sen[list]

[/list]
[*]Klikkaa nappulaa "Search and Destroy"
[color=blue]<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>[/color]
[*] Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
[*] Klikkaa "REBOOT"-painiketta.
[*] NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
[/list][size=9] -- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.[/size] --
[ + lainaa]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php

Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 2. tammikuuta 2007 @ 16:40
Terodo
Junior Member
_ 		2. tammikuuta 2007 @ 18:10 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Kyllähän sieltä peto löytyi.
Vieläkun ymmärtäs että mitä nuo logit tahtoo kertoa.

NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\minä\Työpöytä
[2.1.2007]
[22:58:42]

---Infection Files Found/Removed---
C:\WINDOWS\tasks\8B08D896B0875416.job

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Autodata Limited
C:\Documents and Settings\All Users\Application Data\Bookproxyfourmp3
C:\Documents and Settings\All Users\Application Data\Corel
C:\Documents and Settings\All Users\Application Data\Downloaded Installations
C:\Documents and Settings\All Users\Application Data\Dvd Shrink
C:\Documents and Settings\All Users\Application Data\F-secure
C:\Documents and Settings\All Users\Application Data\Fssg
C:\Documents and Settings\All Users\Application Data\Installshield
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Pc Suite
C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
C:\Documents and Settings\All Users\Application Data\Symantec
C:\Documents and Settings\All Users\Application Data\Ubisoft
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Minä\Application Data\Adobe
C:\Documents and Settings\Minä\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Minä\Application Data\Ahead
C:\Documents and Settings\Minä\Application Data\Ati
C:\Documents and Settings\Minä\Application Data\Azureus
C:\Documents and Settings\Minä\Application Data\Corel
C:\Documents and Settings\Minä\Application Data\Datalayer
C:\Documents and Settings\Minä\Application Data\Elaborate Bytes
C:\Documents and Settings\Minä\Application Data\F-secure
C:\Documents and Settings\Minä\Application Data\Google
C:\Documents and Settings\Minä\Application Data\Help -- EMPTY Directory
C:\Documents and Settings\Minä\Application Data\Identities
C:\Documents and Settings\Minä\Application Data\Lavasoft
C:\Documents and Settings\Minä\Application Data\Leadertech
C:\Documents and Settings\Minä\Application Data\Locks This Media
C:\Documents and Settings\Minä\Application Data\Logitech
C:\Documents and Settings\Minä\Application Data\Macromedia
C:\Documents and Settings\Minä\Application Data\Media Player Classic
C:\Documents and Settings\Minä\Application Data\Microsoft
C:\Documents and Settings\Minä\Application Data\Mozilla
C:\Documents and Settings\Minä\Application Data\Nokia
C:\Documents and Settings\Minä\Application Data\Nokia Multimedia Player
C:\Documents and Settings\Minä\Application Data\Pc Suite
C:\Documents and Settings\Minä\Application Data\Real
C:\Documents and Settings\Minä\Application Data\Skype
C:\Documents and Settings\Minä\Application Data\Sun
C:\Documents and Settings\Minä\Application Data\Symantec
C:\Documents and Settings\Minä\Application Data\System Requirements Lab
C:\Documents and Settings\Minä\Application Data\Urusoft
C:\Documents and Settings\Minä\Application Data\Utorrent
C:\Documents and Settings\Minä\Application Data\Winmx Music
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Symantec


Logfile of HijackThis v1.99.1
Scan saved at 23:08:19, on 2.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [flaw roam] C:\DOCUME~1\MIN~1\APPLIC~1\LOCKST~1\defaulttrans.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


Siinä ois logit.
[ + lainaa]
tapiiri
Senior Member
_ 		2. tammikuuta 2007 @ 18:22 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Scannaa hijackilla ja ruksaa:

O4 - HKCU\..\Run: [flaw roam] C:\DOCUME~1\MIN~1\APPLIC~1\LOCKST~1\defaulttrans.exe

Sammuta muut ikkunat ja paina fix checked.

Poista noi kansiot:

C:\Documents and Settings\Minä\Application Data\>>Locks This Media
C:\Documents and Settings\All Users\Application Data\>>Bookproxyfourmp3

Mene tarvittaessa vikasietotilaan.

Boottaa kone.

Lataa Atribunen ATF Cleaner

Ohjeet;

Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman.[list]Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
[/list]Jos käytät FireFoxia selaimenasi[list]Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
[/list]Jos käytät Operaa selaimenasi[list]Klikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
[/list]Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)

[color=green]Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta[/color]

Lataa [url=http://www.ewido.net/en/download/][color=blue]AVG Anti-Spyware 7.5[/color][/url] ja tallenna ohjelma työpöydällesi.
[list][*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
[*]Käynnistä [color=blue]AVG Anti-Spyware[/color].
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.[list]
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
[/list]
[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:[list]
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found"
[/list]
[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila [color=green]active[/color]:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
[/list]Käynnistä koneesi vikasietotilaan, [URL=http://www.virustorjunta.net/modules.php?name=FAQ&myfaq=yes&id_cat=6&categories=Yleisohjeita+ongelmatilanteiden+ratkaisuun#37] Ohje![/URL]

[color=#FF0000]HUOM! [/color] Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[list][*]Kun vikasietotilassa, käynnistä [color=blue]AVG Anti-Spyware[/color].
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää [color=#FF6600]Quarantine[/color] [color=green](1)[/color], jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"


[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.
[/list]


[ + lainaa]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
Terodo
Junior Member
_ 		3. tammikuuta 2007 @ 01:04 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Siinä ois tämä logi.

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 5:52:22 3.1.2007

+ Scan result:



C:\System Volume Information\_restore{9ED20657-221E-480B-ADD7-E374771DBBD8}\RP441\A0146822.exe -> Backdoor.Zapchast : Cleaned with backup (quarantined).
C:\WINDOWS\system32\Nvidia\DLL\engine.exe -> Backdoor.Zapchast : Cleaned with backup (quarantined).
:mozilla.105:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.106:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.107:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.109:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.111:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.113:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.114:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.115:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.116:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.117:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.118:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.119:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.120:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.121:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.122:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.123:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.605:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.606:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.637:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.798:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.129:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.130:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.131:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.132:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.133:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.188:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.189:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.190:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.191:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.859:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Addcontrol : Cleaned.
:mozilla.915:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.916:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adengage : Cleaned.
:mozilla.90:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.91:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.63:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.68:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.103:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.99:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.170:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.326:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.327:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.313:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.104:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.340:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.341:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.342:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.343:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.344:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.345:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.346:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.347:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.348:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.376:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Estat : Cleaned.
:mozilla.195:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
:mozilla.233:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.246:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.855:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.856:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.857:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.858:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.414:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Gamershell : Cleaned.
:mozilla.171:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.136:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.137:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.138:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.142:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.456:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.522:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.634:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.642:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.198:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.199:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.200:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.201:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.654:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.655:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned.
:mozilla.656:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.657:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.686:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.367:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.368:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.369:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.370:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.289:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.700:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.701:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.702:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.703:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.704:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.323:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.324:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.931:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.932:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.933:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.732:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.100:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.102:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.765:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.766:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.681:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.682:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.683:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.684:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.685:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.836:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
:mozilla.839:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.840:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.841:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.847:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.848:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.849:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.850:C:\Documents and Settings\minä\Application Data\Mozilla\Firefox\Profiles\xsxxc1rc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


::Report end
[ + lainaa]
tapiiri
Senior Member
_ 		3. tammikuuta 2007 @ 02:19 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Jes, puhasta tuli, laita vielä uusi hijack loki.
[ + lainaa]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
Terodo
Junior Member
_ 		3. tammikuuta 2007 @ 10:56 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Tässä on hjk logi uudestaan..

Logfile of HijackThis v1.99.1
Scan saved at 15:53:32, on 3.1.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\Common Files\Logitech\KHAL\KHALMNPR.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Documents and Settings\minä\Työpöytä\utorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\svchost.exe
C:\HJT\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodata Limited License Service - Autodata Limited - C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe


Firefox meni vähän sekavaks näitten temppujen aikana mutta katsotaa palautuuko normaaliks jos asentelen sen uudestaan..
[ + lainaa]
Terodo
Junior Member
_ 		3. tammikuuta 2007 @ 11:30 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
Niin ja kannattaako tuo AVG antivirus jättää käyttöön tuonne tehtävä palkkiin?

Kiitos ohjeista oikein paljon.. Firefox palas peliin kun asensin uudestaan..
[ + lainaa]
tapiiri
Senior Member
_ 		3. tammikuuta 2007 @ 13:46 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
juu kannattaa pitää AVG koneella :)

Ole hyvä :)

[ + lainaa]
Jaa- ei tuollaasia spämmäreitä ookkaa -> tapiiri

http://www.virustorjunta.net/index.php
Mainos
_ 		__
 
_
Terodo
Junior Member
_ 		3. tammikuuta 2007 @ 14:11 _ Linkki tähän viestiin    Lähetä käyttäjälle yksityisviesti   
OK..
Kiittää ja kumartaa syvään :)
[ + lainaa]
afterdawn.com > keskustelu > yleistä keskustelua tietokoneista > virukset ja haittaohjelmat - hijackthis -logit > ongelma iexplore.exe:n kanssa
 

Apua ongelmiin: AfterDawnin keskustelualueet | AfterDawnin Vastaukset
Uutiset: IT-alan uutiset | Uutisia puhelimista
Musiikkia: MP3Lizard.com
Tuotearviot: Laitevertailu | Vertaa puhelimia | Vertaa kännykkäliittymiä
Pelit: Pelitiedostot, pelidemot ja trailerit
Ohjelmat: download.fi | AfterDawnin ohjelma-alueet
International: AfterDawn in English | Software downloads | Free, legal MP3s | AfterDawn på svenska
RSS -syötteet: AfterDawnin uutiset | Uusimmat ohjelmapäivitykset | Keskustelualueiden viestit
Tietoja: Tietoa AfterDawn Oy:stä | Mainosta sivuillamme | Sivuston käyttöehdot ja tietoja yksityisyydensuojasta
Ota yhteyttä: Lähetä palautetta | Ota yhteyttä mainosmyyntiimme
 
  © 1999-2025 AfterDawn Oy