|
Hijackthis-logi, voisko joku tarkistaa?
|
|
|
h31kk1
Newbie
|
11. maaliskuuta 2007 @ 06:07 |
Linkki tähän viestiin
|
Voisiko joku tarkistaa tästä HjT-logista, että onko kaikki kunnossa?
Logfile of HijackThis v1.99.1
Scan saved at 11:05:33, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\documents and settings\heikki\steam\steam.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Heikki\Desktop\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sonera Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Steam] "c:\documents and settings\heikki\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
|
|
Auttaja
Suspended permanently
|
11. maaliskuuta 2007 @ 08:00 |
Linkki tähän viestiin
|
Moi heikki.
Poista tää ohjelma SweetIm on aika kyseenalainen, avaamalla ohjaupaneelin lisää/poista sovellus
Avaa HijackThis merkkaa ja fix checked nää rivit:
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
Poista tää kansio: C:\Program Files\Macrogaming\SweetIM\
Laita uusi logi.
|
|
h31kk1
Newbie
|
11. maaliskuuta 2007 @ 08:22 |
Linkki tähän viestiin
|
Kiitos auttaja!
Tässä uusi HjT-logini:
Logfile of HijackThis v1.99.1
Scan saved at 13:16:04, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\documents and settings\heikki\steam\steam.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\Heikki\Desktop\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sonera Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [Steam] "c:\documents and settings\heikki\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
|
|
Hujo
Suspended permanently
|
11. maaliskuuta 2007 @ 08:23 |
Linkki tähän viestiin
|
|
Poista tää kansio: C:\Program Files\Macrogaming\SweetIM\
siis tuo C:\Program Files\Macrogaming ;)
Voiko tietsikka koskaan toimia?
|
|
Auttaja
Suspended permanently
|
11. maaliskuuta 2007 @ 08:25 |
Linkki tähän viestiin
|
Hmm eipä toi ohjelma minnekkää poistunut, avaa siis HijackThis ohjelma, merkkaa nää rivit, sitten sen jälkeen paina "fix checked"
R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O2 - BHO: SWEETIE - {1A0AADCD-3A72-4b5f-900F-E3BB5A838E2A} - C:\PROGRA~1\MACROG~1\SWEETI~1\toolbar.dll (file missing)
O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing)
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
O4 - HKCU\..\Run: [SweetIM] C:\Program Files\Macrogaming\SweetIM\SweetIM.exe
Poista tämä kansio C:\Program Files\Macrogaming\ ja tyhjennä roskakori, laita uus logi.. hmm.
|
|
Hujo
Suspended permanently
|
11. maaliskuuta 2007 @ 09:02 |
Linkki tähän viestiin
|
Käynnistä AVG Anti-spyware ja pääikkunassa klikkaa "Realtime protection" (on vihreällä ja lukee "Active") muuttaksesi sen inactiveksi.
Tuo vois pikkusen auttaa poistoon ;)
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. maaliskuuta 2007 @ 09:03
|
|
h31kk1
Newbie
|
11. maaliskuuta 2007 @ 10:03 |
Linkki tähän viestiin
|
Auttaja, en löytäny tollasia rivejä. Tässä viimisin HjT-logi:
Logfile of HijackThis v1.99.1
Scan saved at 15:00:52, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\F-Secure\FSGUI\fsguiexe.exe
C:\documents and settings\heikki\steam\steam.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\ALCFDRTM.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Heikki\Desktop\HijackThis_v1.99.1.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Sonera Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "c:\documents and settings\heikki\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O14 - IERESET.INF: START_PAGE_URL=http://www.soneraplaza.fi
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
|
|
Auttaja
Suspended permanently
|
11. maaliskuuta 2007 @ 11:11 |
Linkki tähän viestiin
|
Loki hyvä, ongelmia?
***************
[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.
[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found"
[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä tietokone vikasietotilaan:
1. Käynnistä tietokone uudelleen.
2. Kun tietokone käynnistyy, paina F8-näppäintä.
3. Näyttöön tulee erilaisia käynnistysvaihtoehtoja.
4. Valitse näppäimistön nuolinäppäinten avulla Vikasietotila.
5. Paina ENTER-näppäintä.
HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.
Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestiketjuusi.
************
|
|
h31kk1
Newbie
|
11. maaliskuuta 2007 @ 15:13 |
Linkki tähän viestiin
|
F-Secure Antivirus vähän väliä popsauttaa, että on löytänyt jonkinsorttisen troijalaisen, jota ei pystytty poistaa (???)
Kaikki käskemäsi tehty. Tässä tämä AVG Antispyware-raportti:
---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------
+ Created at: 20:07:03 11.3.2007
+ Scan result:
C:\System Volume Information\_restore{8BC3D762-DDDE-4B30-8CA0-ECA3C2F1C813}\RP108\A0018020.dll -> Adware.BHO : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8BC3D762-DDDE-4B30-8CA0-ECA3C2F1C813}\RP104\A0014435.0XE -> Downloader.Zlob.bov : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8BC3D762-DDDE-4B30-8CA0-ECA3C2F1C813}\RP104\A0014436.exe -> Downloader.Zlob.bpn : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{8BC3D762-DDDE-4B30-8CA0-ECA3C2F1C813}\RP104\A0014432.0XE -> Downloader.Zlob.bpq : Cleaned with backup (quarantined).
:mozilla.296:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.315:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.532:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.108:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.111:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.112:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.612:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.422:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned.
:mozilla.141:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.142:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.100:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.101:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.102:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.103:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.104:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.73:C:\Documents and Settings\Saara\Application Data\Mozilla\Firefox\Profiles\p54trf36.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.74:C:\Documents and Settings\Saara\Application Data\Mozilla\Firefox\Profiles\p54trf36.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.75:C:\Documents and Settings\Saara\Application Data\Mozilla\Firefox\Profiles\p54trf36.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.76:C:\Documents and Settings\Saara\Application Data\Mozilla\Firefox\Profiles\p54trf36.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.220:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Heikki\Cookies\heikki@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.189:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Clickbank : Cleaned.
:mozilla.109:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.110:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Clickhype : Cleaned.
:mozilla.391:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.170:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.139:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.85:C:\Documents and Settings\Saara\Application Data\Mozilla\Firefox\Profiles\p54trf36.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\Heikki\Cookies\heikki@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.305:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Esomniture : Cleaned.
:mozilla.171:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.172:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.173:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.215:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.227:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.273:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.284:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.502:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned.
:mozilla.418:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.572:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.365:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.423:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.619:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Real : Cleaned.
:mozilla.621:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Heikki\Cookies\heikki@real[1].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\Saara\Cookies\saara@real[2].txt -> TrackingCookie.Real : Cleaned.
:mozilla.293:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.364:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Revenue : Cleaned.
:mozilla.482:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.595:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned.
:mozilla.235:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.229:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.513:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Smartadserver : Cleaned.
:mozilla.226:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Spylog : Cleaned.
:mozilla.188:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
C:\Documents and Settings\Heikki\Cookies\heikki@statcounter[1].txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.130:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.131:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.132:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.133:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.583:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Valuead : Cleaned.
:mozilla.209:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.113:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.114:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.115:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.116:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.117:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.118:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.121:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.122:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.123:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.124:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.125:C:\Documents and Settings\Heikki\Application Data\Mozilla\Firefox\Profiles\dd61bthc.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{8BC3D762-DDDE-4B30-8CA0-ECA3C2F1C813}\RP108\A0018040.dll -> Trojan.Dialer.cs : Cleaned with backup (quarantined).
::Report end
|
|
Auttaja
Suspended permanently
|
11. maaliskuuta 2007 @ 15:34 |
Linkki tähän viestiin
|
lataa ATF Cleaner
http://www.atribune.org/ccount/click.php?id=1
Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman. Main:n alla valitse: Select All
Klikkaa Empty Selected valintaa.
Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Jos käytät Operaa selaimenasi Klikkaa Opera yläpuolelta ja valitse: Select All
Klikkaa Empty Selected valintaa taas.
HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.
Klikkaa Exit päävalikosta sulkeaksesi ohjelman.
Teknistä tukea tulee jos tupla-klikkaat sähköpostiosoitetta joka sijaitsee jokaisen menun alapuolella kyseisessä työkalussa. (Huomatkaa että se tuki on sitten englanniksi)
**********************
1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK
|
|
h31kk1
Newbie
|
11. maaliskuuta 2007 @ 16:30 |
Linkki tähän viestiin
|
|
Ok. Tehty. Kiitos avusta! Miten tuo viimeisimmät ohjeet vaikuttivat mihinkään?
|
|
Auttaja
Suspended permanently
|
11. maaliskuuta 2007 @ 16:40 |
Linkki tähän viestiin
|
|
Sen verran vaan että jos palautat tietokonetta et joudu sellaseen kohtaan jossa koneessasi on viruksia..
|
|
Mainos
|
|
|
|
h31kk1
Newbie
|
12. maaliskuuta 2007 @ 03:00 |
Linkki tähän viestiin
|
|
Ok. Kone vaikuttaa jo huomattavasti paremmalta! Iso kiitos sulle auttaja :)
|
