|
|
|
Keskustelualueet
Keskustelualueet
|
|
|
F-Secure ei poista. + logi
|
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
10. elokuuta 2007 @ 21:49 |
Linkki tähän viestiin
|
Mulla on jotai haittaohjelmia jota ei pysty poistamaan ja joka lagittaa konetta ihan s*******ti. Aina kun mä yritän poistaa sitä niin tulee teksti: "Tätä kohdetta ei voitu käsitellä. Toinen sevellus on saattanut
poistaa tartunan saaneen tiedoston.
Haitta ohjelmien nimet: AdTool.Win32.MyWebSearch ja NewDoNet.
Logfile of HijackThis v1.99.1
Scan saved at 1:42:06, on 11.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\JetAudio\JetAudio.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1I...EjN4OgVn/EanAXn
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (file missing)
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8} - C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O3 - Toolbar: Protection Bar - {F0993251-2512-4710-AF6E-0A13EA199D02} - C:\Program Files\Video AX Object\splug.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hsf] C:\WINDOWS\hsf.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKLM\..\Run: [flagrdrfivewma] C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
O4 - HKLM\..\Run: [IMprocess] C:\Program Files\Instant Messenger Names\IM-svr.EXE
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\5.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [citydash] C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/...Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} (MLauncher Class) - http://csweb.netgame.com/hero/MLauncher.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: pushow3.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. elokuuta 2007 @ 08:40
|
|
Auttaja
Suspended permanently
|
11. elokuuta 2007 @ 05:48 |
Linkki tähän viestiin
|
Joo.. elikkä tässä on puhdistamista ihan reilusti.. aloitetaan näin :)
=======
Ensin lataa LSPfix.exe http://www.cexx.org/lspfix.htm sopivaan sijaintiin (kuten C:\Program Files\LSPFix tai vaikkapa työpöydälle). ÄLÄ aja tätä ohjelmaa vielä. Tätä tulee käyttää VAIN jos internetyhteys häviää NewDotNetin poiston jäljiltä.
NewDotNetin poisto; Mene;
Käynnistä > Ohjauspaneeli > Lisää/Poista sovellus ja hävitä seuraava jos näkyy;
New.Net Applications tai New.Net Domains (Mitä vain mikä sanoo New.Net)
Jos Lisää/Poista sovelluksessa ei ole New.Net listattu, toimi näin.
Varmista että anti-virus ja anti-spyware ohjelmat ovat suljettuna poiston ajan.
Ne saattavat estää New.Netin poiston.
Lataa NNuninstall.exe http://www.new.net/support/NNuninstall.exe
* Tallenna se työpöydällesi.
* Tupla-klikkaa NNuninstall.exe filua.n
* Ohjelma kysyy haluatko poistaa kaikki New.Netin nimet ja osat.
* Klikkaa Yes.
* Klikkaa poiston jälkeen OK.
* Valitse("No - I will restart later).
Jos poisto ei onnistu ja virustorjuntaohjelma(t) estävät poisto-ohjelman ajon kokonaan tai
osittain, tee näin: Irrota koneen verkko- tai modeemijohto koneesta siten, ettei sillä
ole yhteyttä internettiin. Sulje tämän jälkeen virustorjuntaohjelma(t) ja aja
NNuninstall.exe. Laita tämän jälkeen virustorjuntaohjelma(t) takaisin päälle ja
vasta sitten kytke verkko- tai modeemijohto takaisin koneeseen.
Tyhjennä roskakori.
JOS menetät nettiyhteytesi kun olet New.Netin poistanut, tupla-klikkaa LSPFix.exe jonka latasit aiemmin. Rastita "I know what I'm doing" valinta. Näet kaksi paneelia; Jos on jotain listattu "Remove" paneeliin oikealla puolella, anna sen olla ja klikkaa "Finish>>". Seuraavaksi käynnistä uudelleen ja netin pitäisi toimia hyvin. Jos mitään ei ole listattu "Remove" paneeliin, ÄLÄ tee MITÄÄN - sulje LSPFix. Tule joltain toiselta koneelta hakemaan lisää neuvoa. (Tämä on vain varotoimenpide, useimmiten netti pysyy ihan kunnossa]
========
Lataa RemAdvertisemen työpöydällesi.
[*]Tuplaklikkaa tiedostoa remadvertisemen.exe
[*]Kun ohjelma on käynnistynyt, klikkaa Start Removal nappia
[*]Odota että ohjelma ilmoittaa: "Done Removal! Please reboot your computer now"
[*]Klikkaa OK ja käynnistä koneesi uudelleen
[*]Lähetä uusi HijackThis loki viestiketjuusi
==========
Luo poistolista:
* Avaa HiJackThis
* Klikkaa "Configure" valintaa oikealla alhaalla
* Klikkaa "Misc Tools"
* Klikkaa boxia joka sanoo "Uninstall Manager"
* Klikkaa valintaa "Save list"
* Kopioi ja liitä kyseinen lista muistiosta postiisi
=======
Eli poistolista ja uusi hijackthislogi nii jatketaa :)
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
11. elokuuta 2007 @ 08:38 |
Linkki tähän viestiin
|
Logfile of HijackThis v1.99.1
Scan saved at 12:32:17, on 11.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\DitExp.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=55245&clcid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://as.starware.com/dp/search?x=wKX1I...EjN4OgVn/EanAXn
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (file missing)
O2 - BHO: (no name) - {74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8} - C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
O3 - Toolbar: Protection Bar - {F0993251-2512-4710-AF6E-0A13EA199D02} - C:\Program Files\Video AX Object\splug.dll (file missing)
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hsf] C:\WINDOWS\hsf.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKLM\..\Run: [flagrdrfivewma] C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
O4 - HKLM\..\Run: [IMprocess] C:\Program Files\Instant Messenger Names\IM-svr.EXE
O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\5.bin\MWSBAR.DLL,S
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [citydash] C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsoemon.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/...Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} (MLauncher Class) - http://csweb.netgame.com/hero/MLauncher.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Adobe Acrobat - Reader 6.0.2 Update
Adobe Flash Player 9 ActiveX
Adobe Reader 6.0.1 - Suomi
Adobe Shockwave Player
Agere Systems PCI Soft Modem
Battlefield 2(TM)
Battlefield 2: Special Forces
Creative MediaSource
DC++ 0.694
DivX Web Player
dna Nettiturva
Google Toolbar for Internet Explorer
Hamachi 1.0.2.2
Help and Support Additions
Hero_Online
HijackThis 1.99.1
Hotfix for Windows Media Format 11 SDK (KB929399)
Hotfix for Windows XP (KB926239)
Hotfix-päivitys Windows XP:lle (KB915865)
HP Deskjet Preloaded Printer Drivers
HP Image Zone 4.5.3
HP Image Zone Plus 4.5.3
HP Photosmart -kamerat 4.0
HP PSC & OfficeJet 4.0
HP Software Update
HPIZplus450
InCD
InterActual Player
Internet Explorer Secure Plug-in
InterVideo DiscLabel
InterVideo WinDVD Creator
InterVideo WinDVD Player
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) 6 Update 2
Java(TM) SE Runtime Environment 6 Update 1
jetAudio Basic
KBD
Logitech Gaming Software
Logitech G-series Keyboard Software
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Finnish Language Pack
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft User-Mode Driver Framework Feature Pack 1.0
Mozilla Firefox (2.0.0.6)
MSXML 4.0 SP2 (KB927978)
Multi-Card Reader & Flash Disk
My Web Search (Smiley Central)
Nero 6 Ultra Edition
Nero Digital
Nero Media Player
NVIDIA Drivers
Photosmart 320,370,7400,8100,8400 Series (fin)
PS2
Python 2.2 pywin32 extensions (build 203)
Python 2.2.3
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB898461)
Päivitys Windows XP:lle (KB900485)
Päivitys Windows XP:lle (KB904942)
Päivitys Windows XP:lle (KB910437)
Päivitys Windows XP:lle (KB911280)
Päivitys Windows XP:lle (KB916595)
Päivitys Windows XP:lle (KB920872)
Päivitys Windows XP:lle (KB922582)
Päivitys Windows XP:lle (KB927891)
Päivitys Windows XP:lle (KB929338)
Päivitys Windows XP:lle (KB930916)
Päivitys Windows XP:lle (KB931836)
QuickTime
Rappelz_USA
SafeCast Shared Components
Security Messenger
Shareaza versio 2.2.5.0
Skype 3.0
Skype Plugin Manager
Sonic Express Labeler
Sound Blaster Live! 24-bit
Starcraft Brood War (RAZOR 1911)
Suojauspäivitys ohjelmistolle Windows XP (KB923689)
Suojauspäivitys Windows Media Player 6.4:lle (KB925398)
Suojauspäivitys Windows Media Player 9:lle (KB911565)
Suojauspäivitys Windows Media Player 9:lle (KB917734)
Suojauspäivitys Windows Media Playerille (KB911564)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893066)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896422)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896424)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB896688)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901190)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suojauspäivitys Windows XP:lle (KB905915)
Suojauspäivitys Windows XP:lle (KB908519)
Suojauspäivitys Windows XP:lle (KB908531)
Suojauspäivitys Windows XP:lle (KB911562)
Suojauspäivitys Windows XP:lle (KB911567)
Suojauspäivitys Windows XP:lle (KB911927)
Suojauspäivitys Windows XP:lle (KB912812)
Suojauspäivitys Windows XP:lle (KB912919)
Suojauspäivitys Windows XP:lle (KB913446)
Suojauspäivitys Windows XP:lle (KB913580)
Suojauspäivitys Windows XP:lle (KB914388)
Suojauspäivitys Windows XP:lle (KB914389)
Suojauspäivitys Windows XP:lle (KB917159)
Suojauspäivitys Windows XP:lle (KB917344)
Suojauspäivitys Windows XP:lle (KB917422)
Suojauspäivitys Windows XP:lle (KB917953)
Suojauspäivitys Windows XP:lle (KB918118)
Suojauspäivitys Windows XP:lle (KB918439)
Suojauspäivitys Windows XP:lle (KB918899)
Suojauspäivitys Windows XP:lle (KB919007)
Suojauspäivitys Windows XP:lle (KB920213)
Suojauspäivitys Windows XP:lle (KB920214)
Suojauspäivitys Windows XP:lle (KB920670)
Suojauspäivitys Windows XP:lle (KB920683)
Suojauspäivitys Windows XP:lle (KB920685)
Suojauspäivitys Windows XP:lle (KB921398)
Suojauspäivitys Windows XP:lle (KB921883)
Suojauspäivitys Windows XP:lle (KB922616)
Suojauspäivitys Windows XP:lle (KB922760)
Suojauspäivitys Windows XP:lle (KB922819)
Suojauspäivitys Windows XP:lle (KB923191)
Suojauspäivitys Windows XP:lle (KB923414)
Suojauspäivitys Windows XP:lle (KB923694)
Suojauspäivitys Windows XP:lle (KB923980)
Suojauspäivitys Windows XP:lle (KB924191)
Suojauspäivitys Windows XP:lle (KB924270)
Suojauspäivitys Windows XP:lle (KB924496)
Suojauspäivitys Windows XP:lle (KB924667)
Suojauspäivitys Windows XP:lle (KB925454)
Suojauspäivitys Windows XP:lle (KB925486)
Suojauspäivitys Windows XP:lle (KB925902)
Suojauspäivitys Windows XP:lle (KB926255)
Suojauspäivitys Windows XP:lle (KB926436)
Suojauspäivitys Windows XP:lle (KB927779)
Suojauspäivitys Windows XP:lle (KB927802)
Suojauspäivitys Windows XP:lle (KB928090)
Suojauspäivitys Windows XP:lle (KB928255)
Suojauspäivitys Windows XP:lle (KB928843)
Suojauspäivitys Windows XP:lle (KB929123)
Suojauspäivitys Windows XP:lle (KB929969)
Suojauspäivitys Windows XP:lle (KB930178)
Suojauspäivitys Windows XP:lle (KB931261)
Suojauspäivitys Windows XP:lle (KB931768)
Suojauspäivitys Windows XP:lle (KB931784)
Suojauspäivitys Windows XP:lle (KB932168)
Suojauspäivitys Windows XP:lle (KB933566)
Suojauspäivitys Windows XP:lle (KB935839)
Suojauspäivitys Windows XP:lle (KB935840)
TeamSpeak 2 RC2
Ventrilo Client
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows Safety Alert
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB883667
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Onko vielä paljon örkkimörkkejä? :D
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
11. elokuuta 2007 @ 08:50 |
Linkki tähän viestiin
|
|
Tuntuu niin puhtaalta! =D
|
|
Auttaja
Suspended permanently
|
11. elokuuta 2007 @ 09:01 |
Linkki tähän viestiin
|
Avaa ohjauspaneelin lisää/poista sovellus ja poista seuraavat ohjelmat :) (jos pystyt)
J2SE Runtime Environment 5.0 Update 10
J2SE Runtime Environment 5.0 Update 11
J2SE Runtime Environment 5.0 Update 8
J2SE Runtime Environment 5.0 Update 9
Java 2 Runtime Environment, SE v1.4.2_03
Java(TM) SE Runtime Environment 6 Update 1
My Web Search (Smiley Central)
SafeCast Shared Components
Windows Safety Alert
Security Messenger
==========
Lataa SmitfraudFix (by S!Ri) työpöydällesi.
Tuplaklikkaa tiedostoa SmitfraudFix.exe
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.
**Jos työkalu ei käynnisty työpöydältä niin siirrä SmitfraudFix.exe suoraan järjestelmäaseman juureen (yleensä C:). Kokeile sitten käynnistää ohjelma uudestaan sieltä.
Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
http://www.beyondlogic.org/consulting/processutil/processutil.htm
=========
1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä:
http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
======
Eli combo&smitf&hijackthis raportit
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. elokuuta 2007 @ 09:03
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
11. elokuuta 2007 @ 10:59 |
Linkki tähän viestiin
|
En pystynyt poistamaan näitä kahta tiedostoa.
Smiley Central
Virhe ladattessa: C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsbar.dll
Windows Safety Alert
Virhe ladattessa: C:\WINDOWS\SYSTEM32\czxtyy.dll
Pitikö tuo Java? 6 update 2 poistaa myös?
Logfile of HijackThis v1.99.1
Scan saved at 14:45:19, on 11.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\WINDOWS\system32\notepad.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\scanner.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.youtube.com/index
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://ie.redirect.hp.com/svs/rdr?TYPE=3...lion&pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (file missing)
O2 - BHO: (no name) - {74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8} - C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O2 - BHO: (no name) - {D34F5D71-99E4-4D96-91CA-F4104F69B8AE} - C:\Program Files\Video AX Object\bpvol.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Protection Bar - {F0993251-2512-4710-AF6E-0A13EA199D02} - C:\Program Files\Video AX Object\splug.dll (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hsf] C:\WINDOWS\hsf.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [flagrdrfivewma] C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
O4 - HKLM\..\Run: [IMprocess] C:\Program Files\Instant Messenger Names\IM-svr.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [citydash] C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/...Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} (MLauncher Class) - http://csweb.netgame.com/hero/MLauncher.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
________________________________________________________________
SmitFraudFix v2.210
Scan done at 14:19:46,46, la 11.08.2007
Run from C:\Documents and Settings\HP_Omistaja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode
»»»»»»»»»»»»»»»»»»»»»»»» Process
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\Dit.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\WINDOWS\system32\cmd.exe
»»»»»»»»»»»»»»»»»»»»»»»» hosts
»»»»»»»»»»»»»»»»»»»»»»»» C:\
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32
»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Omistaja
»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\HP_Omistaja\Application Data
»»»»»»»»»»»»»»»»»»»»»»»» Start Menu
»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\HP_OMI~1\Suosikit
»»»»»»»»»»»»»»»»»»»»»»»» Desktop
»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files
C:\Program Files\Video AX Object\ FOUND !
»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys
»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"
»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}"="calocarpum"
[HKEY_CLASSES_ROOT\CLSID\{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}\InProcServer32]
@="C:\WINDOWS\system32\czxtyx.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}\InProcServer32]
@="C:\WINDOWS\system32\czxtyx.dll"
»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Rustock
»»»»»»»»»»»»»»»»»»»»»»»» DNS
Description: Realtek RTL8139/810x Family Fast Ethernet NIC - Paketinajoituksen miniportti
DNS Server Search Order: 213.141.96.251
DNS Server Search Order: 213.141.96.253
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS1\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS3\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=213.141.96.251 213.141.96.253
»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection
»»»»»»»»»»»»»»»»»»»»»»»» End
__________________________________________________________________
ComboFix 07-08-09.3 - "HP_Omistaja" 2007-08-11 14:35:50.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.358.1035.18.571 [GMT 3:00]
* Created a new restore point
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\cursorcafe.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\cursorcafeA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\games.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\gamesA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\screensaver.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\buttons\screensaverA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\contexts\error.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\contexts\related.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\contexts\travel.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\contexts\Travel.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\ProductMessagingConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\SimpleUpdateConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\TimerManagerConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1.\Starware\SimpleUpdate\TimerManagerConfig.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\cursorcafe.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\cursorcafeA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\games.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\gamesA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\screensaver.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\buttons\screensaverA.bmp
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\contexts\error.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\contexts\related.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\contexts\travel.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\contexts\Travel.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\ProductMessagingConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\ProductMessagingConfig.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\SimpleUpdateConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\SimpleUpdateConfig.xml.backup
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\TimerManagerConfig.xml
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Starware\SimpleUpdate\TimerManagerConfig.xml.backup
C:\DOCUME~1\HP_OMI~1\APPLIC~1.\macromedia\Flash Player\#SharedObjects\YEKNKB3V\iforex.com
C:\DOCUME~1\HP_OMI~1\APPLIC~1.\macromedia\Flash Player\#SharedObjects\YEKNKB3V\iforex.com\Emerp\Events\flash_object.swf\user_data.sol
C:\DOCUME~1\HP_OMI~1\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com
C:\DOCUME~1\HP_OMI~1\APPLIC~1.\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#iforex.com\settings.sol
C:\Program Files\Common Files\WinSoftware
C:\Program Files\Common Files\WinSoftware\FCrXML.dll
C:\Program Files\Common Files\WinSoftware\Prcheck.dll
C:\Program Files\FunWebProducts
C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\FunBuddyIconBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\MyFunCardsIMBtn.html
C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html
C:\Program Files\MyWebSearch
C:\Program Files\MyWebSearch\bar\4.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\4.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\4.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\4.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\4.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3BKGERR.JPG
C:\Program Files\MyWebSearch\bar\5.bin\F3CJPEG.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3DTACTL.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3HISTSW.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3HTMLMU.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3HTTPCT.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3IMSTUB.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3POPSWT.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3PSSAVR.SCR
C:\Program Files\MyWebSearch\bar\5.bin\F3REPROX.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3RESTUB.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3SCHMON.EXE
C:\Program Files\MyWebSearch\bar\5.bin\F3SCRCTR.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3SHLLVW.DLL
C:\Program Files\MyWebSearch\bar\5.bin\F3SPACER.WMV
C:\Program Files\MyWebSearch\bar\5.bin\F3WALLPP.DAT
C:\Program Files\MyWebSearch\bar\5.bin\F3WPHOOK.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3FFXTBR.JAR
C:\Program Files\MyWebSearch\bar\5.bin\M3FFXTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\5.bin\M3HTML.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3IDLE.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3NTSTBR.JAR
C:\Program Files\MyWebSearch\bar\5.bin\M3NTSTBR.MANIFEST
C:\Program Files\MyWebSearch\bar\5.bin\M3OUTLCN.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3PLUGIN.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3SKIN.DLL
C:\Program Files\MyWebSearch\bar\5.bin\M3SKPLAY.EXE
C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL
C:\Program Files\MyWebSearch\bar\5.bin\MWSOEMON.EXE
C:\Program Files\MyWebSearch\bar\5.bin\MWSOEPLG.DLL
C:\Program Files\MyWebSearch\bar\5.bin\MWSOESTB.DLL
C:\Program Files\MyWebSearch\bar\5.bin\NPMYWEBS.DLL
C:\Program Files\MyWebSearch\bar\Cache\0003978E
C:\Program Files\MyWebSearch\bar\Cache\000F1B20
C:\Program Files\MyWebSearch\bar\Cache\002ADC88
C:\Program Files\MyWebSearch\bar\Cache\0038A0A4
C:\Program Files\MyWebSearch\bar\Cache\00939280.bin
C:\Program Files\MyWebSearch\bar\Cache\00DBADBB.bin
C:\Program Files\MyWebSearch\bar\Cache\00DBB83A.bin
C:\Program Files\MyWebSearch\bar\Cache\00DBBF6E.bin
C:\Program Files\MyWebSearch\bar\Cache\00DBE9AB.bin
C:\Program Files\MyWebSearch\bar\Cache\00E90811.bin
C:\Program Files\MyWebSearch\bar\Cache\00E91ACE.bin
C:\Program Files\MyWebSearch\bar\Cache\00E92155.bin
C:\Program Files\MyWebSearch\bar\Cache\00E931E0.bin
C:\Program Files\MyWebSearch\bar\Cache\00EF5CFA
C:\Program Files\MyWebSearch\bar\Cache\03A47903
C:\Program Files\MyWebSearch\bar\Cache\055355BB
C:\Program Files\MyWebSearch\bar\Cache\202CCFB7.bin
C:\Program Files\MyWebSearch\bar\Cache\202CD68D.bin
C:\Program Files\MyWebSearch\bar\Cache\202CDCB8.bin
C:\Program Files\MyWebSearch\bar\Cache\files.ini
C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S
C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S
C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S
C:\Program Files\MyWebSearch\bar\History\search2
C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm
C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat
C:\Program Files\MyWebSearch\SrchAstt\4.bin\MWSSRCAS.DLL
C:\Program Files\MyWebSearch\SrchAstt\5.bin\MWSSRCAS.DLL
C:\Program Files\video ax object
C:\Program Files\video ax object\ot.ico
C:\Program Files\video ax object\SMMON.0XE
C:\Program Files\video ax object\smunst.0xe
C:\Program Files\video ax object\spunst.0xe
C:\Program Files\video ax object\ts.ico
C:\WINDOWS\DOWNLO~1\UWFX5_0001_N56M0311NetInstaller.exe
C:\WINDOWS\hosts
C:\WINDOWS\NDNuninstall6_38.exe
C:\WINDOWS\system32\f3PSSavr.scr
D:\Autorun.inf
((((((((((((((((((((((((( Files Created from 2007-07-11 to 2007-08-11 )))))))))))))))))))))))))))))))
2007-08-11 14:35 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 14:21 3,884 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-11 14:19 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-08-11 14:18 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-08-11 14:18 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-08-06 18:31 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
2007-08-06 12:14 d-------- C:\DOCUME~1\HP_OMI~1\APPLIC~1\WinRAR
2007-08-06 10:59 d-------- C:\WINDOWS\.jagex_cache_32
2007-08-01 00:42 d-------- C:\Program Files\GALA-NET
2007-07-19 13:48 d-------- C:\Program Files\Logitech
2007-07-19 13:48 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-06 18:37 --------- d-------- C:\Program Files\dna Nettiturva
2007-08-06 18:33 68882 --a------ C:\WINDOWS\system32\perfc00B.dat
2007-08-06 18:33 363052 --a------ C:\WINDOWS\system32\perfh00B.dat
2007-08-01 00:42 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-31 21:27 --------- d-------- C:\Program Files\Hero_Online
2007-06-12 14:21 --------- d-------- C:\Program Files\paketti1
2007-06-11 19:28 --------- d-------- C:\DOCUME~1\HP_OMI~1\APPLIC~1\Hamachi
2007-05-17 11:22 5187 --a------ C:\WINDOWS\mozver.dat
2007-05-16 18:14 86528 --a------ C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 18:14 85504 --a------ C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 18:14 510976 --a------ C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 18:14 1314816 --a------ C:\WINDOWS\system32\dllcache\msoe.dll
2006-06-29 21:04 155648 --------- C:\Program Files\Common Files\Y1220OA.0xe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8}]
C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D34F5D71-99E4-4D96-91CA-F4104F69B8AE}]
C:\Program Files\Video AX Object\bpvol.dll
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{F0993251-2512-4710-AF6E-0A13EA199D02}"= C:\Program Files\Video AX Object\splug.dll [ ]
[HKEY_CLASSES_ROOT\CLSID\{F0993251-2512-4710-AF6E-0A13EA199D02}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-12 01:34]
"nwiz"="nwiz.exe" [2005-05-12 01:34 C:\WINDOWS\system32\nwiz.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 20:06 C:\WINDOWS\AGRSMMSG.exe]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 22:34]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 22:29]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 22:02]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 23:43]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-26 00:17]
"AlcxMonitor"="ALCXMNTR.EXE" [2004-09-07 23:47 C:\WINDOWS\ALCXMNTR.EXE]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 00:54]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"F-Secure Manager"="C:\Program Files\dna Nettiturva\Common\FSM32.exe" [2007-04-26 20:12]
"F-Secure TNB"="C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" [2007-04-26 20:10]
"News Service"="C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe" [2005-05-31 15:45]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 12:01]
"hsf"="C:\WINDOWS\hsf.exe" []
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-12 01:34]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"Dit"="Dit.exe" [2003-04-22 18:20 C:\WINDOWS\Dit.exe]
"flagrdrfivewma"="C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe" [2006-04-30 03:56]
"IMprocess"="C:\Program Files\Instant Messenger Names\IM-svr.EXE" []
"Launch LGDCore"="C:\Program Files\Logitech\G-series Software\LGDCore.exe" [2006-03-06 18:31]
"Launch LCDMon"="C:\Program Files\Logitech\G-series Software\LCDMon.exe" [2006-03-06 18:14]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="C:\Program Files\Ares\Ares.exe" []
"citydash"="C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe" []
"WinFixer2005"="C:\Program Files\WinFixer_2005\uwfx5.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 19:24]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" []
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2007-02-05 05:05]
C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 03:28:24]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}"= C:\WINDOWS\system32\czxtyx.dll [ ]
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x);C:\WINDOWS\system32\drivers\sfsync02.sys
R1 AmdK8;AMD Athlon64 Processor Driver;C:\WINDOWS\system32\DRIVERS\AmdK8.sys
R1 F-Secure HIPS;F-Secure HIPS;\??\C:\Program Files\dna Nettiturva\HIPS\fshs.sys
R3 admjoy;Aureal Game Port Enumerator;C:\WINDOWS\system32\DRIVERS\admjoy.sys
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\dna Nettiturva\Anti-Virus\minifilter\fsgk.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 P17;Sound Blaster Live! 24-bit;C:\WINDOWS\system32\drivers\P17.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"
S3 EagleNT;EagleNT;\??\C:\WINDOWS\system32\drivers\EagleNT.sys
S3 Fadpu16E;Fadpu16E;\??\C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\Fadpu16E.sys
S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
S3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
S3 QCMerced;Logitech QuickCam Messenger;C:\WINDOWS\system32\DRIVERS\LVCM.sys
S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
S3 XDva004;XDva004;\??\C:\WINDOWS\system32\XDva004.sys
S3 XDva005;XDva005;\??\C:\WINDOWS\system32\XDva005.sys
S3 XDva007;XDva007;\??\C:\WINDOWS\system32\XDva007.sys
S3 XTrapD12;XTrapD12;\??\C:\WINDOWS\system32\XTrapD12.sys
S4 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\dna Nettiturva\Anti-Virus\Win2K\FSfilter.sys
S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\dna Nettiturva\Anti-Virus\Win2K\FSrec.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
AutoRun\command- L:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8616b78-8c6c-11db-95a9-00110912621f}]
AutoRun\command- L:\LaunchU3.exe -a
Contents of the 'Scheduled Tasks' folder
2007-08-11 11:00:00 C:\WINDOWS\Tasks\BAEA3A0B9CC5B8BB.job - c:\docume~1\hp_omi~1\applic~1\waveex~1\real bait hole.exe
2006-08-21 21:38:28 C:\WINDOWS\Tasks\jetAudio.job - C:\PROGRA~1\JetAudio\JetAudio.exe
2007-08-11 09:10:58 C:\WINDOWS\Tasks\Scheduled scanning task.job
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-11 14:42:13
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-11 14:44:13 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-11 14:43
--- E O F ---
|
|
Auttaja
Suspended permanently
|
11. elokuuta 2007 @ 11:26 |
Linkki tähän viestiin
|
Printtaa ohjeet ulos tai tallenna nämä tekstitiedostoon.
Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.
Kun vikasietotilassa, tuplaklikkaa tiedostoa SmitfraudFix.exe
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.
Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.
Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".
Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.
==========
myös uusi HJTlogi
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
11. elokuuta 2007 @ 19:17 |
Linkki tähän viestiin
|
SmitFraudFix v2.210
Scan done at 23:06:43,35, la 11.08.2007
Run from C:\Documents and Settings\HP_Omistaja\Ty?p?yt?\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
"{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}"="calocarpum"
[HKEY_CLASSES_ROOT\CLSID\{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}\InProcServer32]
@="C:\WINDOWS\system32\czxtyx.dll"
[HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{0e4e5110-a772-4c4a-a7dc-137fe10abd6e}\InProcServer32]
@="C:\WINDOWS\system32\czxtyx.dll"
»»»»»»»»»»»»»»»»»»»»»»»» Killing process
»»»»»»»»»»»»»»»»»»»»»»»» hosts
127.0.0.1 localhost
»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix
GenericRenosFix by S!Ri
»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files
»»»»»»»»»»»»»»»»»»»»»»»» DNS
HKLM\SYSTEM\CCS\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS1\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS3\Services\Tcpip\..\{EC032431-256B-443C-9290-414DFFFC8DC3}: DhcpNameServer=213.141.96.251 213.141.96.253
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=213.141.96.251 213.141.96.253
»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files
»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""
»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning
Registry Cleaning done.
»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!
SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll
»»»»»»»»»»»»»»»»»»»»»»»» End
___________________________________________________________________
Logfile of HijackThis v1.99.1
Scan saved at 23:14:22, on 11.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Shareaza\Shareaza.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\DitExp.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\scanner.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (file missing)
O2 - BHO: (no name) - {74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8} - C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL (file missing)
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [hsf] C:\WINDOWS\hsf.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Dit] Dit.exe
O4 - HKLM\..\Run: [flagrdrfivewma] C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
O4 - HKLM\..\Run: [IMprocess] C:\Program Files\Instant Messenger Names\IM-svr.EXE
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [citydash] C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/...Bridge-c139.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} (MLauncher Class) - http://csweb.netgame.com/hero/MLauncher.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
|
|
Auttaja
Suspended permanently
|
11. elokuuta 2007 @ 20:31 |
Linkki tähän viestiin
|
Avaa hijackthis merkkaa seuraavat rivi(t) ja paina fix checked, sulje muut ohjelmat siksi aikaa.
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO.dll (file missing)
O2 - BHO: (no name) - {74F59E40-8312-8BFA-33E6-6FAEEDC8DAA8} - C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1\64 coal.exe (file missing)
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: (no name) - {D49E9D35-254C-4c6a-9D17-95018D228FF5} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\5.bin\MWSBAR.DLL (file missing)
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [hsf] C:\WINDOWS\hsf.exe
O4 - HKLM\..\Run: [Dit] Dit.exe
Unknown
O4 - HKLM\..\Run: [flagrdrfivewma] C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
O4 - HKLM\..\Run: [IMprocess] C:\Program Files\Instant Messenger Names\IM-svr.EXE
O4 - HKCU\..\Run: [citydash] C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf
O4 - HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZN
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab_adult/...Bridge-c139.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fun...tup1.0.0.15.cab
Unknown
O16 - DPF: {7417F730-7BAB-409E-8BB7-6936D361B869} (MLauncher Class) - http://csweb.netgame.com/hero/MLauncher.cab'
Tässä ohje miten merkataan:
=======
Avaa Notepad ja kopioi/liitä allaolevassa lainausboxissa oleva teksti sinne:
Lainaus:
File::
C:\WINDOWS\Tasks\BAEA3A0B9CC5B8BB.job
C:\WINDOWS\hsf.exe
C:\WINDOWS\Dit.exe
Folder::
C:\Program Files\Instant Messenger Names
C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1
c:\docume~1\hp_omi~1\applic~1\waveex~1
C:\Program Files\WinFixer_2005
C:\Documents and Settings\All Users\Application Data\thatdentflagrdr
Tallenna se nimellä CFScript (Tarkista että on juuri noin kirjoitettu)
Sitten raahaa CFScript ComboFix.exeen kuten alla.
Käynnistä tietokone uudelleen pyydettäessä ja lähetä combofix.txt-tiedoston sisältö tänne.
=========
myös uusi Hijackthislogi
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
11. elokuuta 2007 @ 20:47 |
Linkki tähän viestiin
|
ComboFix 07-08-09.3 - "HP_Omistaja" 2007-08-12 1:04:52.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.494 [GMT 3:00]
Command switches used :: C:\CFScript.txt
* Created a new restore point
FILE::
C:\WINDOWS\Tasks\BAEA3A0B9CC5B8BB.job
C:\WINDOWS\hsf.exe
C:\WINDOWS\Dit.exe
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\DOCUME~1\HP_OMI~1\APPLIC~1\01LITE~1
c:\docume~1\hp_omi~1\applic~1\waveex~1
c:\docume~1\hp_omi~1\applic~1\waveex~1\65F67D88
c:\docume~1\hp_omi~1\applic~1\waveex~1\qtcwzyxw.exe
c:\docume~1\hp_omi~1\applic~1\waveex~1\SURF ONE.0XE
c:\docume~1\hp_omi~1\applic~1\waveex~1\SURF ONE.1XE
c:\docume~1\hp_omi~1\applic~1\waveex~1\tizrvkvg.exe
C:\Documents and Settings\All Users\Application Data\thatdentflagrdr
C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\ante surf.exe
C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\loadtrayabout
C:\Documents and Settings\All Users\Application Data\thatdentflagrdr\Manager Readme.exe
C:\WINDOWS\Dit.exe
C:\WINDOWS\Tasks\BAEA3A0B9CC5B8BB.job
((((((((((((((((((((((((( Files Created from 2007-07-11 to 2007-08-11 )))))))))))))))))))))))))))))))
2007-08-11 14:35 51,200 --a------ C:\WINDOWS\nircmd.exe
2007-08-11 14:21 3,552 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-11 14:19 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-08-11 14:18 53,248 --a------ C:\WINDOWS\system32\Process.exe
2007-08-11 14:18 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-08-06 18:31 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\fssg
2007-08-06 12:14 d-------- C:\DOCUME~1\HP_OMI~1\APPLIC~1\WinRAR
2007-08-06 10:59 d-------- C:\WINDOWS\.jagex_cache_32
2007-08-01 00:42 d-------- C:\Program Files\GALA-NET
2007-07-19 13:48 d-------- C:\Program Files\Logitech
2007-07-19 13:48 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Logitech
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-08-06 18:37 --------- d-------- C:\Program Files\dna Nettiturva
2007-08-06 18:33 68882 --a------ C:\WINDOWS\system32\perfc00B.dat
2007-08-06 18:33 363052 --a------ C:\WINDOWS\system32\perfh00B.dat
2007-08-01 00:42 --------- d--h----- C:\Program Files\InstallShield Installation Information
2007-07-31 21:27 --------- d-------- C:\Program Files\Hero_Online
2007-06-12 14:21 --------- d-------- C:\Program Files\paketti1
2007-06-11 19:28 --------- d-------- C:\DOCUME~1\HP_OMI~1\APPLIC~1\Hamachi
2007-05-17 11:22 5187 --a------ C:\WINDOWS\mozver.dat
2007-05-16 18:14 86528 --a------ C:\WINDOWS\system32\dllcache\directdb.dll
2007-05-16 18:14 85504 --a------ C:\WINDOWS\system32\dllcache\wabimp.dll
2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-05-16 18:14 683520 --a------ C:\WINDOWS\system32\dllcache\inetcomm.dll
2007-05-16 18:14 510976 --a------ C:\WINDOWS\system32\dllcache\wab32.dll
2007-05-16 18:14 1314816 --a------ C:\WINDOWS\system32\dllcache\msoe.dll
2006-06-29 21:04 155648 --------- C:\Program Files\Common Files\Y1220OA.0xe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [1998-05-07 19:04]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [2005-05-12 01:34]
"nwiz"="nwiz.exe" [2005-05-12 01:34 C:\WINDOWS\system32\nwiz.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2004-06-29 20:06 C:\WINDOWS\AGRSMMSG.exe]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [2004-06-07 22:34]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [2004-06-07 22:29]
"KBD"="C:\HP\KBD\KBD.EXE" [2003-02-11 22:02]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [2004-04-14 23:43]
"PS2"="C:\WINDOWS\system32\ps2.exe" [2004-10-26 00:17]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [2004-10-15 00:54]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [2003-09-17 10:43]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [2000-05-11 01:00]
"F-Secure Manager"="C:\Program Files\dna Nettiturva\Common\FSM32.exe" [2007-04-26 20:12]
"F-Secure TNB"="C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" [2007-04-26 20:10]
"News Service"="C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe" [2005-05-31 15:45]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 11:50]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [2005-07-25 12:01]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [2005-05-12 01:34]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"Launch LGDCore"="C:\Program Files\Logitech\G-series Software\LGDCore.exe" [2006-03-06 18:31]
"Launch LCDMon"="C:\Program Files\Logitech\G-series Software\LCDMon.exe" [2006-03-06 18:14]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [2007-07-12 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="C:\Program Files\Ares\Ares.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [2007-01-19 13:55]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 19:24]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" []
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [2007-02-05 05:05]
C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-05 03:28:24]
R0 FSFW;F-Secure Firewall Driver;C:\WINDOWS\system32\drivers\fsdfw.sys
R0 sfsync02;StarForce Protection Synchronization Driver (version 2.x);C:\WINDOWS\system32\drivers\sfsync02.sys
R1 AmdK8;AMD Athlon64 Processor Driver;C:\WINDOWS\system32\DRIVERS\AmdK8.sys
R1 F-Secure HIPS;F-Secure HIPS;\??\C:\Program Files\dna Nettiturva\HIPS\fshs.sys
R3 admjoy;Aureal Game Port Enumerator;C:\WINDOWS\system32\DRIVERS\admjoy.sys
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;\??\C:\Program Files\dna Nettiturva\Anti-Virus\minifilter\fsgk.sys
R3 Iviaspi;IVI ASPI Shell;C:\WINDOWS\system32\drivers\iviaspi.sys
R3 P17;Sound Blaster Live! 24-bit;C:\WINDOWS\system32\drivers\P17.sys
R3 WmBEnum;Logitech Virtual Bus Enumerator Driver;C:\WINDOWS\system32\drivers\WmBEnum.sys
R3 WmXlCore;Logitech WingMan Translation Layer Driver;C:\WINDOWS\system32\drivers\WmXlCore.sys
S3 Boonty Games;Boonty Games;"C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe"
S3 EagleNT;EagleNT;\??\C:\WINDOWS\system32\drivers\EagleNT.sys
S3 Fadpu16E;Fadpu16E;\??\C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp\Fadpu16E.sys
S3 PRISM_A00;Wireless PCI 802.11b/g adapter WN4201B Driver;C:\WINDOWS\system32\DRIVERS\PCTELSAP.SYS
S3 Ps2;PS2;C:\WINDOWS\system32\DRIVERS\PS2.sys
S3 QCMerced;Logitech QuickCam Messenger;C:\WINDOWS\system32\DRIVERS\LVCM.sys
S3 WmFilter;Logitech WingMan HID Filter Driver;C:\WINDOWS\system32\drivers\WmFilter.sys
S3 WmVirHid;Logitech Virtual Hid Device Driver;C:\WINDOWS\system32\drivers\WmVirHid.sys
S3 XDva004;XDva004;\??\C:\WINDOWS\system32\XDva004.sys
S3 XDva005;XDva005;\??\C:\WINDOWS\system32\XDva005.sys
S3 XDva007;XDva007;\??\C:\WINDOWS\system32\XDva007.sys
S3 XTrapD12;XTrapD12;\??\C:\WINDOWS\system32\XTrapD12.sys
S4 F-Secure Filter;F-Secure File System Filter;\??\C:\Program Files\dna Nettiturva\Anti-Virus\Win2K\FSfilter.sys
S4 F-Secure Recognizer;F-Secure File System Recognizer;\??\C:\Program Files\dna Nettiturva\Anti-Virus\Win2K\FSrec.sys
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
AutoRun\command- L:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8616b78-8c6c-11db-95a9-00110912621f}]
AutoRun\command- L:\LaunchU3.exe -a
Contents of the 'Scheduled Tasks' folder
2006-08-21 21:38:28 C:\WINDOWS\Tasks\jetAudio.job - C:\PROGRA~1\JetAudio\JetAudio.exe
2007-08-11 09:10:58 C:\WINDOWS\Tasks\Scheduled scanning task.job
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2007-08-12 01:09:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden registry entries ...
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\\x90\x2022\x20ac|\xff\xff\xff\xff"\x2022\x20ac|\xfe\xbb\xd3w\2]
"b049C053C7D38EE4AB9A00CB3B5D2472"="C?\Program Files\Common Files\Microsoft Shared\Web Folders\PUBPLACE.HTT"
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
Completion time: 2007-08-12 1:11:15 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 2007-08-12 01:11
C:\ComboFix2.txt ... 2007-08-11 14:44
--- E O F ---
__________________________________________________________________
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\wuauclt.exe
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\scanner.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 11. elokuuta 2007 @ 21:14
|
|
Auttaja
Suspended permanently
|
12. elokuuta 2007 @ 06:40 |
Linkki tähän viestiin
|
Nonii :) nyt alkaa pikkuhiljaa näyttää puhtaalta :)
Moron! :)
=========
Avaa hijackthis merkkaa seuraavat rivi(t) ja paina fix checked, sulje muut ohjelmat siksi aikaa.
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
Tässä ohje miten merkataan:
==========
Skannaa koneesi Ewido Online Scannerilla
* Lataa Ewido_micro.exe tästä.
* Tallenna tiedosto esimerkiksi työpöydälle.
* Tuplaklikkaa Ewido_micro.exeä työpöydälläsi.
* Ewido alkaa samantien päivittämään tunnisteitaan. Tässä voi mennä hetki.
* Kun päivitykset on ladattu, varmista että kaikki kohdat ovat rastitettuja ikkunan vasemmassa laidassa.
* Klikkaa vasemmalla alhaalla olevaa Start Scan -nappia.
* Scannaus alkaa. Tässä voi kestää jonkun aikaa, riippuen tiedostojen määrästä.
* Kun skannaus on valmis ja löytyneitä kohteita on, niin varmista, että kaikkien kohteiden vasemmalla puolella olevissa kohdissa on rastit.
* Klikkaa Save report -nappia ja tallenna raportti vaikka työpöydälle.
* Klikkaa Remove Infections -nappia.
* Kun vastaat aukeavaan ilmoitukseen ok, niin kaikki saastuneet tiedostot poistetaan.
* Poiston jälkeen voit sammuttaa Ewido Online Scannerin painamalla yläkulmassa olevaa punaista rastia.
* Käynnistä kone nyt uudelleen ja postita tallentamasi raportti viestiketjuusi
==========
Loistava ohje tietokoneeen nopeuttamiseksi
http://neko.1g.fi/ohje/hidastelua.html
==========
Lataa Deckard's System Scanner Työpöydällesi.
Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.
[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä Extra.txt & Main.txt sisältö seuraavaan vastaukseesi.
ja ewido online skannerin raportti
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
12. elokuuta 2007 @ 09:37 |
Linkki tähän viestiin
|
__________________________________________________
ewido anti-spyware online scanner
http://www.ewido.net
__________________________________________________
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@3.adbrite[1].txt
Risk: Medium
Name: TrackingCookie.Texttbnru
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@ad.text.tbn[2].txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@ads.adbrite[2].txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@burstnet[2].txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@CA593FVZ.txt
Risk: Medium
Name: TrackingCookie.Statistik-gallup
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@CA6345SP.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@CAEFG3EJ.txt
Risk: Medium
Name: TrackingCookie.Wegcash
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@clickthrough.wegcash[2].txt
Risk: Medium
Name: TrackingCookie.Overture
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@data4.perf.overture[2].txt
Risk: Medium
Name: TrackingCookie.Msn
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@feedback.search.msn[1].txt
Risk: Medium
Name: TrackingCookie.Iinfo
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@k.iinfo[2].txt
Risk: Medium
Name: TrackingCookie.Komtrack
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@komtrack[2].txt
Risk: Medium
Name: TrackingCookie.Webtrends
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@m.webtrends[2].txt
Risk: Medium
Name: TrackingCookie.Msn
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@search.msn[2].txt
Risk: Medium
Name: TrackingCookie.Skype
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@site.skype[1].txt
Risk: Medium
Name: TrackingCookie.Skype
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@skype[1].txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@www.adbrite[1].txt
Risk: Medium
Name: TrackingCookie.Paypal
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@www.paypal[1].txt
Risk: Medium
Name: TrackingCookie.Saxobank
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@www.saxobank[1].txt
Risk: Medium
Name: TrackingCookie.Yadro
Path: C:\Documents and Settings\HP_Omistaja\Cookies\hp_omistaja@yadro[1].txt
Risk: Medium
Name: Adware.Starware
Path: HKU\S-1-5-21-1105696572-157032948-980731481-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA356D79-679B-4B4C-8E49-5AF97014F4C1}
Risk: Medium
Name: Adware.Starware
Path: HKU\S-1-5-21-1105696572-157032948-980731481-1007\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D49E9D35-254C-4C6A-9D17-95018D228FF5}
Risk: Medium
Name: TrackingCookie.Tribalfusion
Path: :mozilla.6:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statistik-gallup
Path: :mozilla.17:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statistik-gallup
Path: :mozilla.21:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Doubleclick
Path: :mozilla.38:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: :mozilla.86:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: :mozilla.87:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: :mozilla.88:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: :mozilla.89:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Advertising
Path: :mozilla.90:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.96:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.97:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.98:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.99:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.100:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.101:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.102:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.103:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.104:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.105:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.106:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.107:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.108:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.109:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.110:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.111:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Yieldmanager
Path: :mozilla.112:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: :mozilla.113:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: :mozilla.119:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: :mozilla.120:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Zedo
Path: :mozilla.121:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.122:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.123:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.124:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.125:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.126:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.127:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.128:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.129:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.130:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.131:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.132:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.133:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.134:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.135:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.136:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.137:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.138:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.139:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.140:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.141:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.142:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.143:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.144:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.145:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.146:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.147:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.148:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.149:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.150:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.151:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.152:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.153:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.154:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.155:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.156:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.157:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.167:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adtech
Path: :mozilla.168:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.169:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.170:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.172:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.173:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tradedoubler
Path: :mozilla.174:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.205:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.206:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Imrworldwide
Path: :mozilla.207:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Imrworldwide
Path: :mozilla.208:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Atdmt
Path: :mozilla.211:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.212:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.213:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.214:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.215:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.216:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.217:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Pointroll
Path: :mozilla.218:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.233:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.234:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.235:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.236:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.237:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.238:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.239:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.240:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.241:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.242:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.243:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.244:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.245:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.246:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.247:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.248:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.249:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.250:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.251:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.252:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.254:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.255:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.256:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.257:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.258:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.260:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.263:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.264:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.265:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.266:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.267:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.268:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.269:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.270:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.271:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.272:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.273:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.274:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.275:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.276:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.277:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.278:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Statcounter
Path: :mozilla.279:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: :mozilla.280:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: :mozilla.281:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: :mozilla.282:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Fastclick
Path: :mozilla.283:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.288:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Liveperson
Path: :mozilla.309:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Liveperson
Path: :mozilla.310:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: :mozilla.328:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: :mozilla.329:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: :mozilla.330:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tacoda
Path: :mozilla.344:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tacoda
Path: :mozilla.345:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Tacoda
Path: :mozilla.346:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.350:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: :mozilla.363:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adbrite
Path: :mozilla.364:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.421:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.422:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Com
Path: :mozilla.423:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.463:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.478:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.487:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.488:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.489:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.490:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.491:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.492:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.493:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.494:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.499:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Paypal
Path: :mozilla.504:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.510:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.511:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.512:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.513:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.514:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adrevolver
Path: :mozilla.515:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adjuggler
Path: :mozilla.533:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adjuggler
Path: :mozilla.534:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Adjuggler
Path: :mozilla.535:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.569:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitslink
Path: :mozilla.588:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Revsci
Path: :mozilla.658:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Sitestat
Path: :mozilla.682:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Sitestat
Path: :mozilla.683:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.688:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.689:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.690:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.691:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.692:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Serving-sys
Path: :mozilla.693:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Valuead
Path: :mozilla.696:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: :mozilla.697:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: :mozilla.698:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: :mozilla.699:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Realmedia
Path: :mozilla.700:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Valuead
Path: :mozilla.701:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Valuead
Path: :mozilla.702:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Webtrendslive
Path: :mozilla.721:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.739:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.759:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: :mozilla.776:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Questionmarket
Path: :mozilla.777:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.778:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Dealtime
Path: :mozilla.779:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.791:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.792:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.795:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Hitbox
Path: :mozilla.796:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.2o7
Path: :mozilla.798:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.812:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.813:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Casalemedia
Path: :mozilla.814:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Overture
Path: :mozilla.854:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Overture
Path: :mozilla.855:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Overture
Path: :mozilla.856:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Bluestreak
Path: :mozilla.872:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: :mozilla.877:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Burstnet
Path: :mozilla.878:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.881:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.882:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.883:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.884:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.885:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: TrackingCookie.Specificclick
Path: :mozilla.886:C:\Documents and Settings\HP_Omistaja\Application Data\Mozilla\Firefox\Profiles\r1b12zie.default\cookies.txt
Risk: Medium
Name: Downloader.PurityScan.dc
Path: C:\Program Files\Common Files\Y1220OA.0xe
Risk: High
Name: Adware.Winfixer
Path: C:\QooBox\Quarantine\C\Program Files\Common Files\WinSoftware\FCrXML.dll.vir
Risk: Medium
Name: Adware.ErrorSafe
Path: C:\QooBox\Quarantine\C\Program Files\Common Files\WinSoftware\Prcheck.dll.vir
Risk: Medium
Name: Downloader.Zlob.ava
Path: C:\QooBox\Quarantine\C\Program Files\Video AX Object\SMMON.0XE.vir
Risk: High
Name: Downloader.Zlob.avb
Path: C:\QooBox\Quarantine\C\Program Files\Video AX Object\smunst.0xe.vir
Risk: High
Name: Downloader.Zlob.bsi
Path: C:\QooBox\Quarantine\C\Program Files\Video AX Object\spunst.0xe.vir
Risk: High
Name: Not-A-Virus.Downloader.Win32.WinFixer.c
Path: C:\QooBox\Quarantine\C\WINDOWS\DOWNLO~1\UWFX5_0001_N56M0311NetInstaller.exe.vir
Risk: Low
Name: Adware.NewDotNet
Path: C:\QooBox\Quarantine\C\WINDOWS\NDNuninstall6_38.exe.vir
Risk: Medium
Name: Adware.ErrorSafe
Path: C:\System Volume Information\_restore{7BD41464-2CC7-4899-A278-DFE2F6B620D8}\RP512\A0074280.dll
Risk: Medium
Name: Trojan.Renos.naw
Path: C:\WINDOWS\system32\czxtyx.0ll
Risk: High
____________________________________________________________________
Deckard's System Scanner v20070809.63
Run by HP_Omistaja on 2007-08-12 at 13:17:38
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
52: 2007-08-12 10:17:42 UTC - RP514 - Deckard's System Scanner Restore Point
51: 2007-08-11 22:04:44 UTC - RP513 - ComboFix created restore point
50: 2007-08-11 11:35:43 UTC - RP512 - ComboFix created restore point
49: 2007-08-11 11:09:19 UTC - RP511 - Removed Java(TM) SE Runtime Environment 6 Update 1
48: 2007-08-11 11:08:18 UTC - RP510 - Removed Java 2 Runtime Environment, SE v1.4.2_03
-- First Restore Point --
1: 2007-05-08 19:13:20 UTC - RP463 - Järjestelmän tarkistuspiste
Backed up registry hives.
Performed disk cleanup.
-- HijackThis (run as HP_Omistaja.exe) -----------------------------------------
Logfile of HijackThis v1.99.1
Scan saved at 13:18:37, on 12.8.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\windows\system\hpsysdrv.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\system32\hphmon06.exe
C:\HP\KBD\KBD.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\dna Nettiturva\Common\FSM32.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Program Files\Logitech\G-series Software\LGDCore.exe
C:\Program Files\Logitech\G-series Software\LCDMon.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDPop3\LCDPOP3.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDCountdown\LCDCountdown.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\G-series Software\Applets\LCDClock.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\FSGK32.EXE
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\dna Nettiturva\Common\FSMB32.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\dna Nettiturva\Common\FCH32.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\dna Nettiturva\Common\FAMEH32.EXE
C:\Program Files\dna Nettiturva\Anti-Virus\fsqh.exe
C:\Program Files\dna Nettiturva\FSGUI\fsguidll.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fssm32.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
C:\Program Files\dna Nettiturva\FSAUA\program\fsus.exe
C:\Program Files\dna Nettiturva\Anti-Virus\fsav32.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Documents and Settings\HP_Omistaja\Työpöytä\Deckard's System Scanner.exe
C:\DOCUME~1\HP_OMI~1\TYPYT~1\HP_Omistaja.exe
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll (file missing)
O3 - Toolbar: HP-näkymä - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll
O4 - HKLM\..\Run: [hpsysdrv] c:\windows\system\hpsysdrv.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [HPHUPD06] c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe
O4 - HKLM\..\Run: [HPHmon06] C:\WINDOWS\system32\hphmon06.exe
O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KBD.EXE
O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [PS2] C:\WINDOWS\system32\ps2.exe
O4 - HKLM\..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\dna Nettiturva\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [News Service] "C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\G-series Software\LCDMon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "C:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: &Google-haku - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Käännä englanninkielinen sana - res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: Linkit taaksepäin - res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Samankaltaisia sivuja - res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Välimuistissa oleva kuvakaappaus sivusta - res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\dna nettiturva\fsps\program\fslsp.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1754A1BA-A1DF-4F10-B199-AA55AA1A120F} (InstallerBehaviorFactory Class) - https://signup.msn.com/pages/MsnInstC.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {7B41B7AC-3496-4C13-A70F-DE6B60A6A8A8} (MGAME manager Class) - http://www.legendofares.com/download/mgusamanagerv1001.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab57213.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Mes...nt.cab56907.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\dna Nettiturva\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\dna Nettiturva\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\dna Nettiturva\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Unknown owner - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
-- File Associations -----------------------------------------------------------
All associations okay.
-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R0 sfdrv01 (StarForce Protection Environment Driver (version 1.x)) - c:\windows\system32\drivers\sfdrv01.sys
R0 sfhlp02 (StarForce Protection Helper Driver (version 2.x)) - c:\windows\system32\drivers\sfhlp02.sys
R0 sfsync02 (StarForce Protection Synchronization Driver (version 2.x)) - c:\windows\system32\drivers\sfsync02.sys
R0 sfvfs02 (StarForce Protection VFS Driver (version 2.x)) - c:\windows\system32\drivers\sfvfs02.sys
R1 NPPTNT2 - c:\windows\system32\npptnt2.sys
R3 Iviaspi (IVI ASPI Shell) - c:\windows\system32\drivers\iviaspi.sys
R3 Pfc (Padus ASPI Shell) - c:\windows\system32\drivers\pfc.sys
S1 intelppm (Intel-suoritinohjain) - c:\windows\system32\drivers\intelppm.sys (file missing)
S3 catchme - c:\docume~1\hp_omi~1\locals~1\temp\catchme.sys (file missing)
S3 EagleNT - c:\windows\system32\drivers\eaglent.sys (file missing)
S3 Fadpu16E - c:\docume~1\hp_omi~1\locals~1\temp\fadpu16e.sys (file missing)
S3 XDva004 - c:\windows\system32\xdva004.sys (file missing)
S3 XDva005 - c:\windows\system32\xdva005.sys (file missing)
S3 XDva007 - c:\windows\system32\xdva007.sys (file missing)
S3 XTrapD12 - c:\windows\system32\xtrapd12.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
S3 Boonty Games - "c:\program files\common files\boonty shared\service\boonty.exe"
-- Device Manager: Disabled ----------------------------------------------------
Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: Wireless PCI 802.11b/g adapter WN4201B
Device ID: PCI\VEN_1260&DEV_3890&SUBSYS_42031113&REV_01\4&1C88B56&0&00A4
Manufacturer: Accton
Name: Wireless PCI 802.11b/g adapter WN4201B
PNP Device ID: PCI\VEN_1260&DEV_3890&SUBSYS_42031113&REV_01\4&1C88B56&0&00A4
Service: PRISM_A00
-- Scheduled Tasks -------------------------------------------------------------
2007-08-12 12:09:24 550 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
2006-08-22 00:38:28 292 --a------ C:\WINDOWS\Tasks\jetAudio.job
-- Files created between 2007-07-12 and 2007-08-12 -----------------------------
2007-08-12 12:18:50 0 d-------- C:\Program Files\CCleaner
2007-08-11 14:21:45 3552 --a------ C:\WINDOWS\system32\tmp.reg
2007-08-11 14:19:00 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2007-08-11 14:18:59 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2007-08-11 14:18:52 53248 --a------ C:\WINDOWS\system32\Process.exe http://www.beyondlogic.org; Command Line Process Utility>
2007-08-06 18:31:36 0 d-------- C:\Documents and Settings\All Users\Application Data\fssg
2007-08-06 12:14:38 0 d-------- C:\Documents and Settings\HP_Omistaja\Application Data\WinRAR
2007-08-06 10:59:00 0 d-------- C:\WINDOWS\.jagex_cache_32
2007-08-01 00:42:45 0 d-------- C:\Program Files\GALA-NET
2007-07-19 13:48:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2007-07-19 13:48:09 0 d-------- C:\Program Files\Logitech
-- Find3M Report ---------------------------------------------------------------
2007-08-11 14:38:16 0 d-------- C:\Program Files\Common Files
2007-08-11 14:09:28 0 d-------- C:\Program Files\Java
2007-08-06 18:37:27 0 d-------- C:\Program Files\dna Nettiturva
2007-08-06 18:33:29 363052 --a------ C:\WINDOWS\system32\perfh00B.dat
2007-08-06 18:33:29 68882 --a------ C:\WINDOWS\system32\perfc00B.dat
2007-08-01 00:42:40 0 d--h----- C:\Program Files\InstallShield Installation Information
2007-07-31 21:27:37 0 d-------- C:\Program Files\Hero_Online
2007-06-12 14:21:06 0 d-------- C:\Program Files\paketti1
2007-05-17 11:22:15 5187 --a------ C:\WINDOWS\mozver.dat
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\windows\system\hpsysdrv.exe" [07.05.1998 19:04]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [12.05.2005 01:34]
"nwiz"="nwiz.exe" [12.05.2005 01:34 C:\WINDOWS\system32\nwiz.exe]
"AGRSMMSG"="AGRSMMSG.exe" [29.06.2004 20:06 C:\WINDOWS\AGRSMMSG.exe]
"HPHUPD06"="c:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\hphupd06.exe" [07.06.2004 22:34]
"HPHmon06"="C:\WINDOWS\system32\hphmon06.exe" [07.06.2004 22:29]
"KBD"="C:\HP\KBD\KBD.EXE" [11.02.2003 22:02]
"Recguard"="C:\WINDOWS\SMINST\RECGUARD.EXE" [14.04.2004 23:43]
"PS2"="C:\WINDOWS\system32\ps2.exe" [26.10.2004 00:17]
"LSBWatcher"="c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe" [15.10.2004 00:54]
"CTSysVol"="C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" [17.09.2003 10:43]
"UpdReg"="C:\WINDOWS\UpdReg.EXE" [11.05.2000 01:00]
"F-Secure Manager"="C:\Program Files\dna Nettiturva\Common\FSM32.exe" [26.04.2007 20:12]
"F-Secure TNB"="C:\Program Files\dna Nettiturva\FSGUI\TNBUtil.exe" [26.04.2007 20:10]
"News Service"="C:\Program Files\dna Nettiturva\FSGUI\ispnews.exe" [31.05.2005 15:45]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [09.07.2001 11:50]
"InCD"="C:\Program Files\Ahead\InCD\InCD.exe" [25.07.2005 12:01]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [12.05.2005 01:34]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" []
"Launch LGDCore"="C:\Program Files\Logitech\G-series Software\LGDCore.exe" [06.03.2006 18:31]
"Launch LCDMon"="C:\Program Files\Logitech\G-series Software\LCDMon.exe" [06.03.2006 18:14]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" [12.07.2007 04:00]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ares"="C:\Program Files\Ares\Ares.exe" []
"msnmsgr"="C:\Program Files\MSN Messenger\msnmsgr.exe" [19.01.2007 13:55]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [13.10.2004 19:24]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" []
"Shareaza"="C:\Program Files\Shareaza\Shareaza.exe" [05.02.2007 05:05]
C:\Documents and Settings\All Users\K?ynnist?-valikko\Ohjelmat\K?ynnistys\
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [5.11.2004 3:28:24]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
AutoRun\command- F:\Autorun.exe
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\L]
AutoRun\command- L:\LaunchU3.exe -a
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a8616b78-8c6c-11db-95a9-00110912621f}]
AutoRun\command- L:\LaunchU3.exe -a
-- End of Deckard's System Scanner: finished at 2007-08-12 at 13:22:27 ---------
____________________________________________________________________
Deckard's System Scanner v20070809.63
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Home Edition (build 2600) SP 2.0
Architecture: X86; Language: Other (040B) - see http://preview.tinyurl.com/mhhp6
CPU 0: AMD Athlon(tm) 64 Processor 3200+
Percentage of Memory in Use: 40%
Physical Memory (total/avail): 1022.48 MiB / 608.75 MiB
Pagefile Memory (total/avail): 2459.59 MiB / 2097.07 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1959.14 MiB
C: is Fixed (NTFS) - 179.33 GiB total, 88.41 GiB free.
D: is Fixed (FAT32) - 6.96 GiB total, 3.7 GiB free.
E: is CDROM (UDF)
F: is CDROM (UDF)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
J: is Removable (No Media)
K: is Fixed (NTFS) - 149.04 GiB total, 148.89 GiB free.
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
Windows Internal Firewall is disabled.
FirstRunDisabled is set.
FW: dna Nettiturva 7.00 v7.00 (F-Secure Corporation)
AV: dna Nettiturva 7.00 v7.00 (F-Secure Corporation)
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\HP_Omistaja\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-B62381BA23
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\HP_Omistaja
LOGONSERVER=\\YOUR-B62381BA23
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\system32\wbem;c:\Python22
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 47 Stepping 0, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=2f00
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\HP_OMI~1\LOCALS~1\Temp
USERDOMAIN=YOUR-B62381BA23
USERNAME=HP_Omistaja
USERPROFILE=C:\Documents and Settings\HP_Omistaja
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
HP_Omistaja (admin)
-- Add/Remove Programs ---------------------------------------------------------
--> "C:\Program Files\Creative\SB Live! 24-bit\Program\Ctzapxx.EXE" /U /S
--> "C:\Program Files\dna Nettiturva\fsuninst.exe" /UninstRegKey:"News Service"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
--> "C:\Program Files\dna Nettiturva\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1888DAFD-C634-4BC4-865C-3455E24F6177}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{44DC86A0-248D-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDC05F7-83E4-4611-AD3C-A6EB2100332A}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{67AEFC4C-69E4-11D7-85F4-00E018013273}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7A900EAB-DA37-4554-AF19-9C337476D05D}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{869D88A5-BD6C-4E39-8536-D95259EAD7E8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{881A74B3-3D17-4842-B9AF-0761C6E6C4B5}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B5BAAFAE-3561-463D-8E3F-91761A57ADB8}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C6866B7D-ACFD-4C49-B77B-3B2F8CF54B96}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE6699B3-E5AD-4E59-8F2B-207DF630670C}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F865C2FE-25E7-11D6-9BAF-0090271AF8A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FC0DD8AE-3DC0-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FD549B7B-3532-4160-80D4-3E3DD39A9AE5}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Acrobat - Reader 6.0.2 Update --> MsiExec.exe /I{AC76BA86-0000-0000-0000-6028747ADE01}
Adobe Flash Player 9 ActiveX --> C:\WINDOWS\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Reader 6.0.1 - Suomi --> MsiExec.exe /I{AC76BA86-7AD7-1035-7B44-A00000000001}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Agere Systems PCI Soft Modem --> agrsmdel
Battlefield 2(TM) --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Battlefield 2: Special Forces --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{50D4CB89-AF34-4978-96DC-C3034062E901}\setup.exe" -l0x9 -removeonly
CCleaner (remove only) --> "C:\Program Files\CCleaner\uninst.exe"
Creative MediaSource --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{56F3E1FF-54FE-4384-A153-6CCABA097814}\SETUP.EXE" -l0x9 /remove
DC++ 0.694 --> "C:\Program Files\DC++\uninstall.exe"
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
dna Nettiturva --> "C:\Program Files\dna Nettiturva\FSGUI\PostInstall.exe" /tUnInstall
Google Toolbar for Internet Explorer --> regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
Hamachi 1.0.2.2 --> C:\Program Files\Hamachi\uninstall.exe
Help and Support Additions --> C:\PROGRA~1\HELPAN~1\UNWISE.EXE C:\PROGRA~1\HELPAN~1\INSTALL.LOG
Hero_Online --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7595CCFC-953D-4EF3-896F-6993A4013C60}\setup.exe"
HijackThis 1.99.1 --> C:\Documents and Settings\HP_Omistaja\Työpöytä\HijackThis.exe /uninstall
Hotfix-päivitys Windows XP:lle (KB915865) --> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
HP Deskjet Preloaded Printer Drivers --> MsiExec.exe /X{F419D20A-7719-4639-8E30-C073A040D878}
HP Image Zone 4.5.3 --> C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat
HP Image Zone Plus 4.5.3 --> C:\Program Files\HP\Digital Imaging\{D0420D64-8D33-4374-A2B2-9225C7925CA6}\setup\hpzscr01.exe -datfile hpdscr01.dat
HP Photosmart -kamerat 4.0 --> C:\Program Files\HP\Digital Imaging\{4C04DF1B-6A39-4299-9DD1-1FA60000266E}\setup\hpzscr01.exe -datfile hpiscr01.dat
HP PSC & OfficeJet 4.0 --> "C:\Program Files\HP\Digital Imaging\{A1062847-0846-427A-92A1-BB8251A91E91}\setup\hpzscr01.exe" -datfile hposcr04.dat
HP Software Update --> MsiExec.exe /X{64FC0C98-B035-4530-B15D-3D30610B6DF1}
HPIZplus450 --> MsiExec.exe /X{7B98685A-4E21-4A4F-A2D6-DC557042BADA}
InCD --> C:\WINDOWS\NuNInst.exe /UNINSTALL
InterActual Player --> C:\Program Files\InterActual\InterActual Player\inuninst.exe
Internet Explorer Secure Plug-in --> "C:\Program Files\Video AX Object\spunst.exe"
InterVideo DiscLabel --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C3F058C0-A21C-452D-8D99-95B1A45F417D}\setup.exe" REMOVEALL
InterVideo WinDVD Creator --> "C:\Program Files\InstallShield Installation Information\{2FCE4FC5-6930-40E7-A4F1-F862207424EF}\setup.exe" REMOVEALL
InterVideo WinDVD Player --> "C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
Java(TM) 6 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160020}
jetAudio Basic --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}\setup.exe" -l0x9 -removeonly
KBD --> C:\HP\KBD\KBD.EXE uninstalled
Logitech G-series Keyboard Software --> MsiExec.exe /X{5A080213-5AEC-4BF2-BB32-796EB0E421EC}
Logitech Gaming Software --> MsiExec.exe /X{FAAA508A-05C0-488B-BFC2-F9217E545A81}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0.0.6) --> C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Multi-Card Reader & Flash Disk --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EA1CB7AC-E221-4822-A789-0ADB051DC498}\Setup.exe" -l0x9
My Web Search (Smiley Central) --> rundll32 C:\PROGRA~1\MYWEBS~1\bar\5.bin\mwsbar.dll,O
Nero 6 Ultra Edition --> C:\Program Files\Ahead\nero\uninstall\UNNERO.exe /UNINSTALL
Nero Digital --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
Nero Media Player --> C:\WINDOWS\UNNMP.exe /UNINSTALL
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Photosmart 320,370,7400,8100,8400 Series (fin) --> C:\Program Files\HP\{AAC4FC36-8F89-4587-8DD3-EBC57C83374D}\setup\hpzscr01.exe -datfile hphscr01.dat
Päivitys Windows XP:lle (KB894391) --> "C:\WINDOWS\$NtUninstallKB894391$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB898461) --> "C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB900485) --> "C:\WINDOWS\$NtUninstallKB900485$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB904942) --> "C:\WINDOWS\$NtUninstallKB904942$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB910437) --> "C:\WINDOWS\$NtUninstallKB910437$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB911280) --> "C:\WINDOWS\$NtUninstallKB911280$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB916595) --> "C:\WINDOWS\$NtUninstallKB916595$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB920872) --> "C:\WINDOWS\$NtUninstallKB920872$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB922582) --> "C:\WINDOWS\$NtUninstallKB922582$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB927891) --> "C:\WINDOWS\$NtUninstallKB927891$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB929338) --> "C:\WINDOWS\$NtUninstallKB929338$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB930916) --> "C:\WINDOWS\$NtUninstallKB930916$\spuninst\spuninst.exe"
Päivitys Windows XP:lle (KB931836) --> "C:\WINDOWS\$NtUninstallKB931836$\spuninst\spuninst.exe"
PS2 --> C:\WINDOWS\system32\ps2.exe uninstall
Python 2.2 pywin32 extensions (build 203) --> "C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log"
Python 2.2.3 --> C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG
QuickTime --> C:\WINDOWS\unvise32qt.exe C:\WINDOWS\system32\QuickTime\Uninstall.log
Rappelz_USA --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E144A786-D2DD-428B-9C1A-0EE3FA3515EA}\setup.exe" -l0x9 -removeonly
Search Plugin --> C:\DOCUME~1\HP_OMI~1\APPLIC~1\WAVEEX~1\Surf one.exe -uninstall
Shareaza versio 2.2.5.0 --> "C:\Program Files\Shareaza\Uninstall\unins000.exe"
Skype 3.0 --> "C:\Program Files\Skype\Phone\unins000.exe"
Skype Plugin Manager --> MsiExec.exe /I{3D5E5C0A-5B36-4F98-99A7-287F7DBDCE03}
Sonic Express Labeler --> MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Sound Blaster Live! 24-bit --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{734BB64A-5A3D-4624-867D-6358B7068496}\SETUP.EXE" -l0x9
Starcraft Brood War (RAZOR 1911) --> C:\WINDOWS\rzrunins.exe C:\BROOD\rzrunins.lo1
Suojauspäivitys ohjelmistolle Windows XP (KB923689) --> "C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB890046) --> "C:\WINDOWS\$NtUninstallKB890046$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB893066) --> "C:\WINDOWS\$NtUninstallKB893066$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB893756) --> "C:\WINDOWS\$NtUninstallKB893756$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896358) --> "C:\WINDOWS\$NtUninstallKB896358$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896422) --> "C:\WINDOWS\$NtUninstallKB896422$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896423) --> "C:\WINDOWS\$NtUninstallKB896423$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896424) --> "C:\WINDOWS\$NtUninstallKB896424$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896428) --> "C:\WINDOWS\$NtUninstallKB896428$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB896688) --> "C:\WINDOWS\$NtUninstallKB896688$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899587) --> "C:\WINDOWS\$NtUninstallKB899587$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB899591) --> "C:\WINDOWS\$NtUninstallKB899591$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB900725) --> "C:\WINDOWS\$NtUninstallKB900725$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901017) --> "C:\WINDOWS\$NtUninstallKB901017$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901190) --> "C:\WINDOWS\$NtUninstallKB901190$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB901214) --> "C:\WINDOWS\$NtUninstallKB901214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB902400) --> "C:\WINDOWS\$NtUninstallKB902400$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB904706) --> "C:\WINDOWS\$NtUninstallKB904706$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905414) --> "C:\WINDOWS\$NtUninstallKB905414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905749) --> "C:\WINDOWS\$NtUninstallKB905749$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB905915) --> "C:\WINDOWS\$NtUninstallKB905915$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908519) --> "C:\WINDOWS\$NtUninstallKB908519$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB908531) --> "C:\WINDOWS\$NtUninstallKB908531$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911562) --> "C:\WINDOWS\$NtUninstallKB911562$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911567) --> "C:\WINDOWS\$NtUninstallKB911567$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB911927) --> "C:\WINDOWS\$NtUninstallKB911927$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB912812) --> "C:\WINDOWS\$NtUninstallKB912812$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB912919) --> "C:\WINDOWS\$NtUninstallKB912919$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913446) --> "C:\WINDOWS\$NtUninstallKB913446$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB913580) --> "C:\WINDOWS\$NtUninstallKB913580$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914388) --> "C:\WINDOWS\$NtUninstallKB914388$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB914389) --> "C:\WINDOWS\$NtUninstallKB914389$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917159) --> "C:\WINDOWS\$NtUninstallKB917159$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917344) --> "C:\WINDOWS\$NtUninstallKB917344$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917422) --> "C:\WINDOWS\$NtUninstallKB917422$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB917953) --> "C:\WINDOWS\$NtUninstallKB917953$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918118) --> "C:\WINDOWS\$NtUninstallKB918118$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918439) --> "C:\WINDOWS\$NtUninstallKB918439$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB918899) --> "C:\WINDOWS\$NtUninstallKB918899$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB919007) --> "C:\WINDOWS\$NtUninstallKB919007$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920213) --> "C:\WINDOWS\$NtUninstallKB920213$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920214) --> "C:\WINDOWS\$NtUninstallKB920214$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920670) --> "C:\WINDOWS\$NtUninstallKB920670$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920683) --> "C:\WINDOWS\$NtUninstallKB920683$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB920685) --> "C:\WINDOWS\$NtUninstallKB920685$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB921398) --> "C:\WINDOWS\$NtUninstallKB921398$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB921883) --> "C:\WINDOWS\$NtUninstallKB921883$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922616) --> "C:\WINDOWS\$NtUninstallKB922616$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922760) --> "C:\WINDOWS\$NtUninstallKB922760$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB922819) --> "C:\WINDOWS\$NtUninstallKB922819$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923191) --> "C:\WINDOWS\$NtUninstallKB923191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923414) --> "C:\WINDOWS\$NtUninstallKB923414$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923694) --> "C:\WINDOWS\$NtUninstallKB923694$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB923980) --> "C:\WINDOWS\$NtUninstallKB923980$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924191) --> "C:\WINDOWS\$NtUninstallKB924191$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924270) --> "C:\WINDOWS\$NtUninstallKB924270$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924496) --> "C:\WINDOWS\$NtUninstallKB924496$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB924667) --> "C:\WINDOWS\$NtUninstallKB924667$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925454) --> "C:\WINDOWS\$NtUninstallKB925454$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925486) --> "C:\WINDOWS\$NtUninstallKB925486$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB925902) --> "C:\WINDOWS\$NtUninstallKB925902$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926255) --> "C:\WINDOWS\$NtUninstallKB926255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB926436) --> "C:\WINDOWS\$NtUninstallKB926436$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927779) --> "C:\WINDOWS\$NtUninstallKB927779$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB927802) --> "C:\WINDOWS\$NtUninstallKB927802$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928090) --> "C:\WINDOWS\$NtUninstallKB928090$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928255) --> "C:\WINDOWS\$NtUninstallKB928255$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB928843) --> "C:\WINDOWS\$NtUninstallKB928843$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929123) --> "C:\WINDOWS\$NtUninstallKB929123$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB929969) --> "C:\WINDOWS\$NtUninstallKB929969$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB930178) --> "C:\WINDOWS\$NtUninstallKB930178$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931261) --> "C:\WINDOWS\$NtUninstallKB931261$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931768) --> "C:\WINDOWS\$NtUninstallKB931768$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB931784) --> "C:\WINDOWS\$NtUninstallKB931784$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB932168) --> "C:\WINDOWS\$NtUninstallKB932168$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB933566) --> "C:\WINDOWS\$NtUninstallKB933566$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935839) --> "C:\WINDOWS\$NtUninstallKB935839$\spuninst\spuninst.exe"
Suojauspäivitys Windows XP:lle (KB935840) --> "C:\WINDOWS\$NtUninstallKB935840$\spuninst\spuninst.exe"
TeamSpeak 2 RC2 --> "C:\Program Files\Teamspeak2_RC2\unins000.exe"
Ventrilo Client --> MsiExec.exe /I{789289CA-F73A-4A16-A331-54D498CE069F}
Windows Live Messenger --> MsiExec.exe /I{DF6FEB75-A0D1-44E5-A754-0072D4967734}
Windows Live Sign-in Assistant --> MsiExec.exe /I{22B3CC30-77B8-419C-AA4B-F571FDF5D66D}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
-- Application Event Log -------------------------------------------------------
Event ID #15919: Error
Event Submitted/Written: 08/12/2007 01:18:29 PM
Event Source: F-Secure Anti-Virus
Event Description:
1 2007-08-12 13:18:29+03:00 your-b62381ba23 YOUR-B62381BA23\HP_Omistaja F-Secure Anti-Virus
Spyware detected:
Type: adware
Family:
Name: AdWare.Win32.NewDotNet
Object: C:\Documents and Settings\HP_Omistaja\Työpöytä\NNuninstall.exe
Event ID #15912: Success
Event Submitted/Written: 08/12/2007 01:13:27 PM
Event Source: usnjsvc
Event Description:
The Messenger Sharing USN Journal Reader service started successfully.
Event ID #15907: Warning
Event Submitted/Written: 08/12/2007 01:10:55 PM
Event Source: Userenv
Event Description:
Windows tallensi käyttäjän YOUR-B62381BA23\HP_Omistaja rekisterin, kun jokin sovellus tai palvelu käytti yhä rekisteriä uloskirjautumisen aikana. Käyttäjän rekisterin varaamaa muistia ei ole vapautettu. Rekisterin lataus poistetaan, kun rekisteri ei ole enää käytössä.
Tähän on usein syynä käyttäjän tilin avulla suoritettavat palvelut. Määritä palvelut LocalService- tai NetworkService-tilin avulla suoritettaviksi.
Event ID #15906: Error
Event Submitted/Written: 08/12/2007 00:59:09 PM
Event Source: F-Secure Anti-Virus
Event Description:
49 2007-08-12 12:59:09+03:00 your-b62381ba23 YOUR-B62381BA23\HP_Omistaja F-Secure Anti-Virus
Manual scanning was finished - spyware was found in the system.
Event ID #15905: Error
Event Submitted/Written: 08/12/2007 00:50:36 PM
Event Source: F-Secure Anti-Virus
Event Description:
48 2007-08-12 12:50:36+03:00 your-b62381ba23 YOUR-B62381BA23\HP_Omistaja F-Secure Anti-Virus
Spyware detected:
Type: riskware
Family:
Name: RiskTool.Win32.PsKill
Object: C:\System Volume Information\_restore{7BD41464-2CC7-4899-A278-DFE2F6B620D8}\RP513\A0074516.exe
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event ID #29025: Error
Event Submitted/Written: 08/12/2007 01:06:46 AM
Event Source: Service Control Manager
Event Description:
Palvelua combofix ei voi käynnistää. Virhekoodi on
%%1053
Event ID #29024: Error
Event Submitted/Written: 08/12/2007 01:06:46 AM
Event Source: Service Control Manager
Event Description:
Aikakatkaisu (30000 ms) odottaa palvelun combofix yhdistymistä.
Event ID #28995: Error
Event Submitted/Written: 08/11/2007 11:10:13 PM
Event Source: DCOM
Event Description:
DCOM vastaanotti virheen "%%1084" yrittäessään käynnistää palvelun EventSystem argumenteilla ""
suorittaakseen palvelinosan:
{1BE1F766-5536-11D1-B726-00C04FB926AF}
Event ID #28994: Error
Event Submitted/Written: 08/11/2007 11:10:04 PM
Event Source: DCOM
Event Description:
DCOM vastaanotti virheen "%%1084" yrittäessään käynnistää palvelun StiSvc argumenteilla ""
suorittaakseen palvelinosan:
{A1F4E726-8CF1-11D1-BF92-0060081ED811}
Event ID #28993: Error
Event Submitted/Written: 08/11/2007 11:09:51 PM
Event Source: DCOM
Event Description:
DCOM vastaanotti virheen "%%1084" yrittäessään käynnistää palvelun netman argumenteilla ""
suorittaakseen palvelinosan:
{BA126AE5-2166-11D1-B1D0-00805FC1270E}
-- End of Deckard's System Scanner: finished at 2007-08-12 at 13:22:27 ---------
|
|
Auttaja
Suspended permanently
|
12. elokuuta 2007 @ 15:00 |
Linkki tähän viestiin
|
hyvä
täll voit viel tarkistaa jos jaksat
Kaspersky online-skanneri
Skannaa koneesi Kaspersky Online Skannerilla
Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
[*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
[*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
[*] Klikkaa nyt asetuksia, Scan Settings
[*] Tarkista asetuksista, että seuraavat ovat valittuina:
o Scan using the following Anti-Virus database:
+ Extended (Jos valittavissa, muuten valitse Standard)
o Scan Options:
+ Scan Archives
+ Scan Mail Bases
[*] Klikkaa OK
[*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
[*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
[*] Klikkaa nyt Save as Text-painiketta.
[*] Tallenna tiedosto työpöydällesi.
[*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.
jos et..
Pysy puhtaana
-> Tyhjennä järjestelmänpalautus Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.
-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.
-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas
-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas
-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.
-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.
-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.
ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm
->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector
Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja.
->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI
Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
12. elokuuta 2007 @ 15:05 |
Linkki tähän viestiin
|
|
kthxbye
E: mistä löytyy toi 2. Valitse Properties/ominaisuudet?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 12. elokuuta 2007 @ 19:18
|
|
BoNeLeZz
Junior Member
5 tuotearviota
|
12. elokuuta 2007 @ 20:05 |
Linkki tähän viestiin
|
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
|
Mainos
|
|
|
|
Hujo
Suspended permanently
|
14. elokuuta 2007 @ 15:28 |
Linkki tähän viestiin
|
Poista tuo lisää poista sovelutuksesta
My Web Search
==================
Lataa Dr.Web CureIt työpöydälle:
Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan
Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan.
Kun scan on valmis, merkkaa asemat, jotka haluat scannata.
Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu.
Klikaa vihreää nuolta oikealla ja scan alkaa.
Klikkaa 'Yes to all', jos kysytään haluatko poistaa/siirtää tiedoston.
Kun scan on valmis, katso voitko klikata next-kuvaketta löytyneiden tiedostojen vieressä: 
Jos asia on niin, klikkaa sitä ja sitten klikkaa next-kuvaketta oikealla alhaalla ja valitse Move incurable kuten alla olevalla kuvassa:
Tämä siirtää sen %userprofile%\DoctorWeb\quarantine-hakemistoon.
Tämän jälkeen klikkaa Dr.Web CureIt-valikossa file ja valitse save report list
Tallenna raportti työpöydälle. Raportin nimi on DrWeb.csv
Sulje Dr.Web Cureit.
Käynnistä kone uudelleen !! Tämä siksi, että käytössä olevat tiedostot poistetaan/siirretään käynnistyksen yhteydessä.
Käynnistyksen jälkeen liitä Dr.Web-lokin, jonka tallensit aiemmin, sisältö seuraavaan vastaukseesi.
Voiko tietsikka koskaan toimia?
Viestiä on muokattu lähettämisen jälkeen. Viimeisin muokkaus 14. elokuuta 2007 @ 15:29
|
|
