Apuva: MediaGateway, Classloader, Byteverify, WhenU ja Altnet virusten/mainosten poisto?

Norton ilmoittaa koko ajan löytäneensä em. mainokset mutta ei pysty niitä poistamaan. Olen kokeillut myös SpyBotilla mutta sekään ei saa kaikkea pois.

HiJack This loki näyttää tältä:

Logfile of HijackThis v1.99.1
Scan saved at 19:10:59, on 7.11.2005
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\DMTS\BIN\e3DMTSMediaServer.exe
C:\Program Files\DMTS\BIN\e3DMTSServer.exe
C:\Norman\bin\ZANDA.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
C:\NORMAN\Nvc\BIN\nvcoas.exe
C:\NORMAN\Nvc\BIN\nipsvc.exe
C:\Norman\bin\NJEEVES.EXE
C:\WINDOWS\System32\alg.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Ahead\InCD\InCD.exe
C:\Norman\bin\ZLH.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Norman\Nvc\BIN\NIP.EXE
C:\Norman\Nvc\bin\cclaw.exe
C:\Program Files\LinkTheater\app\LinkTheater-server.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Spyware Doctor\swdoctor.exe
C:\Program Files\Netscape\Netscape\Netscp.exe
C:\Documents and Settings\Teemu Inha\Työpöytä\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.co.uk/0SEENGB/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.nordea.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Toolbar\01.01.1629.0\en-gb\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [Norman ZANDA] C:\Norman\bin\ZLH.EXE /LOAD /SPLASH
O4 - HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0\bin\jusched.exe
O4 - HKLM\..\RunOnce: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /C /FS /X
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 - Global Startup: LinkTheater.lnk = C:\Program Files\LinkTheater\app\LinkTheater-server.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2\bin\npjpi142.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1123706342581
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O23 - Service: e-3 DMTS Media Server (e3DMTSMediaServer) - Unknown owner - C:\Program Files\DMTS\BIN\e3DMTSMediaServer.exe
O23 - Service: e-3 DMTS Server (e3DMTSServer) - Unknown owner - C:\Program Files\DMTS\BIN\e3DMTSServer.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod-palvelu (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe
O23 - Service: Norman NJeeves - Unknown owner - C:\Norman\bin\NJEEVES.EXE
O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\bin\ZANDA.EXE
O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe
O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools - C:\Program Files\Spyware Doctor\sdhelp.exe

Kuka osaa auttaa miten pääsen noista eroon?

t. Teemu

 

Ei näy mitään,missä Norton kertoo niitten olevan.

 

Laitapa varoiksi uninstall-lista. HjT:ssä open misc tools -> open uninstall manager -> save list... -> tallenna ja lähetä se lista tänne.

 

Tässä:

3ivx D4 4.0.4 (remove only)
AC3Filter (remove only)
Adobe Photoshop v4.0
Adobe Reader 6.0
Ahead InCD
Ahead NeroVision Express
BitLord 1.1
BitTorrent complete dir 1.0.1
Canon Camera Support Core Library
Canon Camera Window for ZoomBrowser EX
Canon Image Gateway Upload Task for ZoomBrowser EX
Canon Internet Library for ZoomBrowser EX
Canon IXY 320, PowerShot S230, IXUS v3 WIA Driver
Canon MovieEdit Task for ZoomBrowser EX
Canon PhotoRecord
Canon RAW Image Task for ZoomBrowser EX
Canon RemoteCapture Task for ZoomBrowser EX
Canon Utilities File Viewer Utility 1.2
Canon Utilities PhotoStitch 3.1
Canon Utilities RemoteCapture 2.7
Canon Utilities ZoomBrowser EX
CDex extraction audio
DivX Codec
DivX Player
EasyMP3 (remove only)
ffdshow (remove only)
Google Toolbar for Internet Explorer
GSpot Codec Information Appliance
HijackThis 1.99.1
Intel(R) Extreme Graphics Driver
InterVideo WinDVD 4
iTunes
J2SE Runtime Environment 5.0
Java 2 Runtime Environment, SE v1.4.2
LimeWire
LinkTheater version 1.0
Microsoft Data Access Components KB870669
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft PhotoDraw 2000
MSN Messenger 6.2
MSN Toolbar
MSP3885-E 56K PCI Modem
Nero - Burning Rom
Netscape (7.1)
NOD32 antivirus system
NOD32 FiX v2.0
Norman Internet Control
NVC 5.20
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB896727)
Päivitys Windows XP:lle (KB898461)
QuickTime
RealPlayer
Spybot - Search & Destroy 1.4
Spyware Doctor 3.2
Suojauspäivitys Windows XP:lle (KB883939)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896422)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB896688)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899588)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Viewpoint Media Player (Remove Only)
Windows Genuine Advantage v1.3.0254.0
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Media Format Runtime
Windows Media Player 10
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinMX
WinRAR archiver

 

Joo, ei tossa näy mitään. Haepas täältä -> http://www.ewido.net/en/download ewido, asenna, päivitä ja skannaa. Anna poistaa mitä löytää, tallenna raportti ja lähetä se tänne.

 

No sehän löysi 91 tartuntaa ja poisti kaikki:

---------------------------------------------------------
ewido security suite - Scan report
---------------------------------------------------------

+ Created on: 20:10:21, 8.11.2005
+ Report-Checksum: DE9FF7A5

+ Scan result:

HKLM\SOFTWARE\Classes\CLSID\{2B96D5CC-C5B5-49A5-A69D-CC0A30F9028C} -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKLM\SOFTWARE\Classes\MiniBugTransporter.MiniBugTransporterX.1\CLSID\\ -> Spyware.MiniBug : Cleaned with backup
HKU\S-1-5-21-1368176116-2572891793-2645871077-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D1-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
HKU\S-1-5-21-1368176116-2572891793-2645871077-1006\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0494D0D9-F8E0-41AD-92A3-14154ECE70AC} -> Spyware.MyWay : Cleaned with backup
:mozilla.13:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.14:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.16:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.17:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.18:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.2o7 : Cleaned with backup
:mozilla.20:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Atdmt : Cleaned with backup
:mozilla.21:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
:mozilla.23:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Falkag : Cleaned with backup
:mozilla.35:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.36:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Adtech : Cleaned with backup
:mozilla.37:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.38:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.39:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.42:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.45:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.46:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.47:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.48:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.49:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.50:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.51:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.52:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.53:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.54:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.55:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.56:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.57:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Advertising : Cleaned with backup
:mozilla.62:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.63:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.64:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.65:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.66:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.69:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.70:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.71:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.72:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.74:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.75:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.76:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.77:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.78:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Yieldmanager : Cleaned with backup
:mozilla.86:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.87:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Fastclick : Cleaned with backup
:mozilla.91:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.96:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Burstnet : Cleaned with backup
:mozilla.101:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.102:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Tradedoubler : Cleaned with backup
:mozilla.103:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.104:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.105:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.106:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Ru4 : Cleaned with backup
:mozilla.109:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Adbrite : Cleaned with backup
:mozilla.114:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.115:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.116:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.117:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Pointroll : Cleaned with backup
:mozilla.128:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.129:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.130:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Casalemedia : Cleaned with backup
:mozilla.131:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.132:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Centrport : Cleaned with backup
:mozilla.133:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.134:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Sexcounter : Cleaned with backup
:mozilla.147:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.148:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.149:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.150:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.151:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Internetfuel : Cleaned with backup
:mozilla.152:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Ivwbox : Cleaned with backup
:mozilla.164:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Paycounter : Cleaned with backup
:mozilla.169:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Questionmarket : Cleaned with backup
:mozilla.177:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.178:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.179:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.180:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.181:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Serving-sys : Cleaned with backup
:mozilla.184:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.185:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.186:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Statcounter : Cleaned with backup
:mozilla.189:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Tribalfusion : Cleaned with backup
:mozilla.205:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.206:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Sitestat : Cleaned with backup
:mozilla.220:C:\Documents and Settings\Teemu Inha\Application Data\Mozilla\Profiles\default\dr9vqmoj.slt\cookies.txt -> Spyware.Cookie.Mainentrypoint : Cleaned with backup
C:\Documents and Settings\Teemu Inha\Cookies\teemu inha@doubleclick[1].txt -> Spyware.Cookie.Doubleclick : Cleaned with backup
C:\Documents and Settings\Teemu Inha\Cookies\teemu inha@statcounter[1].txt -> Spyware.Cookie.Statcounter : Cleaned with backup
C:\WINDOWS\Temp\Altnet -> Spyware.Altnet : Cleaned with backup


::Report End

 

Suurin osa noista oli vaan evästeitä, mutta löysi se sen altnetin. Oletko katsonut, mitä on Nortonin karanteenihakemistossa(Quarantine)?

 

Siellä on yksi tiedosto jonka nimi on 9d343938.qtn

Kun katson karanteenia Nortonin käyttöliittymällä niin näen että siellä on vaikka kuinka monta ötökkää. mm nuo kaikki otsikossa mainitut ja sitten mysö se _unin_exe. Muut pystyn poistamaan Nortonilla mutta se unin exe aiheuttaa ongelmia: Kun valitsen Nortonissa "poista" saan herjan:

An unexpected error occured in Norman Virus Control
Module...
Location...
Time Stamp...
error code...
error text: Sharing violation.

Toisinsanoen sitä tiedostoa ei voi poistaa Nortonilla eikä suoraan vaikka resurssienhallinnalla koska se on jotenkin käytössä.

Nortonin viesteissäkin näkyy näitä noin tunnin välein:

Virus W32/Altnet.B
muisti käyttäjä Teemu Inha, isäntä INHA .
Tartunta tiedosto C:\Documents and Settings\Teemu Inha\Local Settings\Temp\__unin__.exe
Tiedoston W32/Altnet.B poisto ei onnistunut.

 

Oletko kokeillut poistaa tuota vikasietotilassa? Vikasietotilaan pääset, kun painat toistuvasti käynnistyksen yhteydessä F8, ja kun siihen näytölle aukeaa valikko valitset vikasietotila, tai englanniksi se on kai safe mode.

 

No sehän toimi. Sain poistettua kaikki ötökät ja ajoin myös vikatilassa Normanin eikä se löytänyt enää muuta.

Suuri kiitos avusta!

 

No hyvä. Vikaseitotilassa nuo vaikeimmatkin pöpöt yleensä lähtee.