Näin sitten on minullakin käynyt. Norman ilmoittaa jatkuvasti joistakin troijalaisista ja selain ohjaa jatkuvasti väärille sivuille, ym,ym.... Olen aivan kauhuissaan ja kypsä tähän riesaan. Olen pyörittänyt Normanin läpi monta kertaa päivässä, myös Ad-Aware ja Spyware Doctorilla. Myös VundoFixilla, ja juuri kun olen luullut että nyt on rauha maassa, niin eiku seuraavana päivänä pomppii taas virusvaroitus esille, vaikken ole edes selainta avannut. Löytyisikö teiltä apua? Kiitos muuten aaxxeell:lle. On harvinaisen selvät ohjeet laatinut. Jopa minä aloin ymmärtää jotain, vaikka en hirveä hyvä tässä tekniikassa olekaan. Alempana sitten tämä lokitiedosto. Logfile of HijackThis v1.99.1 Scan saved at 7:14, on 13.2.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\Norman\Npf\BIN\NPFSVICE.EXE C:\Norman\bin\ZANDA.EXE C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Spyware Doctor\sdhelp.exe C:\WINDOWS\system32\slserv.exe C:\WINDOWS\System32\snmp.exe C:\WINDOWS\System32\PAStiSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\Norman\bin\NJEEVES.EXE C:\Norman\Nvc\bin\nvcoas.exe C:\Norman\Nvc\BIN\NVCSCHED.EXE C:\Norman\Nvc\BIN\nipsvc.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\Norman\bin\ZLH.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\Picasa2\PicasaMediaDetector.exe C:\Norman\Nvc\BIN\NIP.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\v6.exe C:\Norman\Nvc\bin\cclaw.exe C:\WINDOWS\system32\ctfmon.exe C:\Norman\Npf\BIN\npfmsg2.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\WINDOWS\FSScrCtl.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchIndexer.exe C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearchFilter.exe C:\WINDOWS\system32\cidaemon.exe C:\Norman\Nvc\BIN\Nvcut.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE C:\Documents and Settings\MERIKE\Työpöytä\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: (no name) - {1F33094A-7500-4A9D-AE55-1EBD4330181F} - C:\WINDOWS\system32\jkhhh.dll (file missing) O2 - BHO: (no name) - {592EB028-AD8C-4862-97E5-B6A93392FD89} - C:\WINDOWS\system32\vturq.dll (file missing) O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\ltkeqxbw.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: (no name) - {99E059AD-E41F-4B04-82FB-6D90379465C8} - C:\WINDOWS\system32\pmkjk.dll (file missing) O2 - BHO: (no name) - {A46AC0F4-8D72-4740-A3C9-0802649C8A2D} - C:\WINDOWS\system32\jkkhgeb.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar4.dll O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll O2 - BHO: MSN Search -työkalurivi Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: MSN Search -työkalurivi - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar4.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Startup: Screen Saver Control.lnk = C:\WINDOWS\FSScrCtl.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: auditinfo.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Windows-työpöytähaku.lnk = C:\Program Files\MSN Toolbar Suite\DS\02.05.0001.1119\fi-fi\bin\WindowsSearch.exe O8 - Extra context menu item: &MSN Search - res://C:\Program Files\MSN Toolbar Suite\TB\02.05.0000.1105\fi-fi\msntb.dll/search.htm O8 - Extra context menu item: Avaa uuteen etuvälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/230?fb4e4500d1974fc5bd604a17ffdedf56 O8 - Extra context menu item: Avaa uuteen taustavälilehteen - res://C:\Program Files\MSN Toolbar Suite\TAB\02.05.0000.1105\fi-fi\msntabres.dll/229?fb4e4500d1974fc5bd604a17ffdedf56 O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Oheistiedot - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Palvelut - {00ADB502-2CB8-4756-9128-A0C9E2E0B996} - http://service.kolumbus.fi/ (file missing) (HKCU) O9 - Extra button: Tuki - {07A65803-1BCE-4D74-98E1-0D6142E0DEDC} - http://tuki.elisa.net/ (file missing) (HKCU) O9 - Extra button: SMS-viesti - {D06250A9-80F0-436B-A450-BCB2FA73EFB4} - http://sms.kolumbus.fi/ (file missing) (HKCU) O11 - Options group: [INTERNATIONAL] International* O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/ O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab O16 - DPF: {2EB1E425-74DC-4DC0-A9E1-03A4C852E1F2} (CPlayFirstTriJinxControl Object) - http://www.bigfishgames.com/online/trijinx/TriJinx.1.0.0.55.cab O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A} (MJLauncherCtrl Class) - http://www.bigfishgames.com/online/chainz2/mjolauncher.cab O16 - DPF: {87056D28-9730-4A47-B9F9-7E890B62C58A} (WildfireActiveXHost Class) - http://www.bigfishgames.com/online/tumblebugs/axhost.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {916CCBE5-C8C5-4F34-AEF8-064504454C75} (AtlAsianataCtlAttrib Class) - http://kraisoft.com/files/online/asianata.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {DC75FEF6-165D-4D25-A518-C8C4BDA7BAA6} (CPlayFirstDinerDashControl Object) - http://www.bigfishgames.com/online/dinerdash/DinerDash.1.0.0.58.cab O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} - http://www.shockwave.com/content/heavyweapon/popcaploader_v6.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: jkkhgeb - jkkhgeb.dll (file missing) O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE O23 - Service: Norman Type-R - Unknown owner - C:\Norman\Npf\BIN\NPFSVICE.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Norman\Nvc\bin\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\Norman\Nvc\BIN\NVCSCHED.EXE O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe O23 - Service: SmartLinkService (SLService) - - C:\WINDOWS\SYSTEM32\slserv.exe O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
Kannattaa vaihtaa tuo Norman johonkin toiseen virustorjuntaan, sillä Norman on surkein virustorjunta mitä olen ikinä nähnyt. Korjaa: C:\WINDOWS\ALCMTR.EXE C:\WINDOWS\system32\v6.exe O2 - BHO: (no name) - {1F33094A-7500-4A9D-AE55-1EBD4330181F} - C:\WINDOWS\system32\jkhhh.dll (file missing) O2 - BHO: (no name) - {592EB028-AD8C-4862-97E5-B6A93392FD89} - C:\WINDOWS\system32\vturq.dll (file missing) O2 - BHO: (no name) - {68D5CF1D-EC5C-4bdd-A9EF-F0E517565D50} - C:\WINDOWS\system32\ltkeqxbw.dll (file missing) O2 - BHO: (no name) - {99E059AD-E41F-4B04-82FB-6D90379465C8} - C:\WINDOWS\system32\pmkjk.dll (file missing) O2 - BHO: (no name) - {A46AC0F4-8D72-4740-A3C9-0802649C8A2D} - C:\WINDOWS\system32\jkkhgeb.dll (file missing) O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [syswin] C:\WINDOWS\system32\v6.exe O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O20 - Winlogon Notify: jkkhgeb - jkkhgeb.dll (file missing)
Kun olet poistanut nuo niin: Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi. Lataa se tästä * Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa. * Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää. * Käynnistä AVG Anti-Spyware. * Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta. o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa. * Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti. * Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine". * Sitten "Reports" valikon alta: o Laita täppi kohtaan "Automatically generate report after every scan" o Ota täppi pois kohdasta"Only if threats were found" * Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa * "Resident shield is", muuta tila active:sta inactive:ksi * Sulje ohjelma, ÄLÄ skannaa vielä. Käynnistä koneesi vikasietotilaan, ohje alhaalla! HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta. * Kun vikasietotilassa, käynnistä AVG Anti-Spyware. * Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan". * AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa. Kun skannaus on valmis: TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions" * Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta. * Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions" * Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta. * Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle. * Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti tänne. · Kuinka käynnistän tietokoneeni vikasietotilaan? Windows käyttöjärjestelmissä virus- ja vakoiluohjelmien onnistunut poisto vaatii usein koneen käynnistämisen vikasietotilassa. Käynnistäminen vikasietotilaan onnistuu useimmissa tapauksissa klikkaamalla (joskus rämpyttämällä) F8-näppäintä käynnistyksen yhteydessä. Katso tarkemmat ohjeet omaan käyttöjärjestelmääsi. Sivusto on englanninkielinen.
Nyt taisi mennä kyllä överiksi. Kaikki meni hyvin ohjeittesi mukaan riville Kun skannaus on valmis..... Sain klikattu "Apply all Actionis" ja kun rupesin varmistamaan tota Quarantinetta, niin eihän siellä sitten ollutkaan sitä, vaan Delete. Vaikka yritin klikata linkkiä, niin ei tapahtunut mitään. Menin tarkistamaan takaisin siihen kohtaan, missä kävin vaihtamassa Quarantineksi ja siellähän oli se, mutta skannaussivulla ei. Eli näin sitten on käynyt että olin näköjään onnistunut poistamaan lopullisesti jotain. Se antoi skannauksen jossain välissä, en muista ennen tai jälkeen yhden varoitusikkunan, missä alussa oli pari Temporary Internet Files tiedostoa ja lopussa luki "Do you want to remove the whole archive?" Taisin vastata siihen YES! Se varmaankin sekoitti kuviot. Skannasin sitten uudestaan ja se löysi taas pari tiedostoa ja nyt kyllä alhaalla luki quarantine. Sitten Apply all Actions. kun menin lokitiedostoa katsomaan, niin siellä ei ollut kun ensimmäsien skannauksen tiedostoa. Tallensin kyllä varoitusikkunan Wordi:iin, mutta en saa sitä liitetty tähän viestiin. Mutta alempana sitten ensimmäisen skannauksen tulos, missä olen komeasti onnistunut poistamaan kaikki. Kyllä mielestäni savein myös toisten skannauksen filen, mutta ei sitä sitten löydykää mistään. Sorry sekoilut! --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 17:59 13.2.2007 + Scan result: C:\Documents and Settings\IVO\Application Data\ShopperReports -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\Config.xml -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\db -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\db\Aliases.dbs -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\db\Sites.dbs -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\dwld -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\dwld\WhiteList.xip -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\persist.dbs -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\report -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\report\ag_ShopperReports.xml.db -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\report\send_ShopperReports.xml -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\report\send_ShopperReports.xml.db -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\res1 -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\cs\res1\WhiteList.dbs -> Adware.HotBar : Cleaned. C:\Documents and Settings\IVO\Application Data\ShopperReports\shprrprt.log -> Adware.HotBar : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temp\em2848\HbTools.mlpX -> Adware.HotBar : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temp\em3004\HbTools.mlpX -> Adware.HotBar : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temp\em3480\HbTools.mlpX -> Adware.HotBar : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temp\em3684\HbTools.mlpX -> Adware.HotBar : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temporary Internet Files\Content.IE5\3YH709SV\Super_Nickelodeon_Jigsaw_Dora_the_Explorer_1.1.8_[1].rar/keygen.exe -> Downloader.Small.ebj : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temporary Internet Files\Content.IE5\DGCIIE5X\Spyware_Doctor_4.0.0.2618[1].rar/keygen.exe -> Downloader.Small.edb : Cleaned. C:\System Volume Information\_restore{219BF5EC-1DB0-4295-940C-04ED062D25C9}\RP9\A0002294.exe -> Downloader.Tiny.fk : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temporary Internet Files\Content.IE5\DGCIIE5X\Spyware_Doctor_4.0.0.2618[1].rar/crack.exe -> Dropper.Agent.azk : Cleaned. :mozilla.11:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.145:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.15:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.68:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.69:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.10:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.11:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.183:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.185:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. C:\Documents and Settings\IVO\Cookies\ivo@ad.adocean[2].txt -> TrackingCookie.Adocean : Cleaned. :mozilla.136:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.137:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.7:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.8:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.9:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.151:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.123:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.124:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.125:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.126:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.127:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.128:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.134:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Com : Cleaned. C:\Documents and Settings\IVO\Cookies\ivo@com[1].txt -> TrackingCookie.Com : Cleaned. :mozilla.10:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.143:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.153:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Estat : Cleaned. :mozilla.115:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.150:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned. :mozilla.96:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Information : Cleaned. :mozilla.136:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.12:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.13:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Profiles\default\s8e2rbe2.slt\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.70:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.114:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Quarterserver : Cleaned. :mozilla.306:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.75:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Spylog : Cleaned. :mozilla.189:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.190:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.68:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.69:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.112:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.32:C:\Documents and Settings\MERIKE\Application Data\Mozilla\Firefox\Profiles\84syihlm.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.32:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.116:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.117:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.129:C:\Documents and Settings\IVO\Application Data\Mozilla\Firefox\Profiles\s9nhxjiz.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\IVO\Cookies\ivo@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\MERIKE\Local Settings\Temporary Internet Files\Content.IE5\3YH709SV\Super_Nickelodeon_Jigsaw_Dora_the_Explorer_1.1.8_[1].rar/crack.exe -> Trojan.Agent.vg : Cleaned. ::Report end
