HijackThis. Tarkistakaa

Discussion in 'Virukset ja haittaohjelmat' started by vebo, Feb 16, 2006.

  1. vebo

    vebo Guest

    Logfile of HijackThis v1.99.1
    Scan saved at 18:36:50, on 16.2.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\windows\winsysban8.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wpabaln.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\mIRC\mirc.exe
    C:\Documents and Settings\Vesa\Työpöytä\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [ihost.exe] C:\syitem32.exe
    O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd8.exe
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban8.exe
    O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139929177186
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139929275811
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
    vebo, Feb 16, 2006
    #1
  2. -WK-

    -WK- Active member

    Joined:
    Oct 11, 2004
    Messages:
    1,654
    Likes Received:
    0
    Trophy Points:
    66
    C:\windows\winsysban8.exe
    O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd8.exe
    O4 - HKLM\..\Run: [ihost.exe] C:\syitem32.exe
    O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban8.exe
    O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe

    Nuo kaikki taitaa olla haittaohelmia, noista winsysupd8 ja sysban8 hommista en ole varma, mutta ei ainakaan mulla tommosia ole vaikka sama käyttis. Google ei tunnistanut noita. Tuo Gimmygames.exe on varma örkki, odota että expertit auttaa poistamaan/varmistamaan nuo

    http://searchbar.findthewebsiteyouneed.com

    Tuo epäilyttää myös, oma IE sulkee itsensä heti kun vain yritänkin googlata tuolla hakusanalla saati avata, joten epäilyttävä sivusto.

    Odota experttejä!
     
    -WK-, Feb 16, 2006
    #2
  3. spertti

    spertti Active member

    Joined:
    Jun 1, 2005
    Messages:
    1,222
    Likes Received:
    0
    Trophy Points:
    66
    Poista ohjauspaneelin kautta ( lisää/poista sovelluksia )

    [bold]The Search Accelerator[/bold] voi olla myös pelkkä [bold]Search Accelerator[/bold]

    Fixaa HjT:lla ( Do a system scan only )

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    O3 - Toolbar: UCmore XP - The Search Accelerator - {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:\Program Files\TheSearchAccelerator\UCMTSAIE.dll (file missing)
    O4 - HKLM\..\Run: [ihost.exe] C:\syitem32.exe
    O4 - HKLM\..\Run: [winsysupd] C:\windows\winsysupd8.exe
    O4 - HKLM\..\Run: [winsysban] C:\windows\winsysban8.exe
    O4 - HKLM\..\Run: [gimmygames] C:\\gimmygames.exe

    Hae Ewido
    http://keskustelu.afterdawn.com/thread_view.cfm/269186
    Asenna ja päivitä, mutta älä tee muuta vielä

    Laita piilotiedostot näkyviin, ohje ->
    http://keskustelu.afterdawn.com/thread_view.cfm/248944

    Käynnistä vikasietotilaan ( F8 käynnistyksen yhteydessä )

    Poista nämä vikasietotilassa:

    C:\Program Files\[bold]TheSearchAccelerator[/bold]
    C:\[bold]syitem32.exe[/bold]
    C:\windows\[bold]winsysupd8.exe[/bold]
    C:\windows\[bold]winsysban8.exe[/bold]
    C:\\[bold]gimmygames.exe[/bold]

    Skannaa Ewidolla vikasietotilassa, ja tallenna raportti

    Käynnistä normaalisti, ja laita Ewidon raportti + uusi HjT-loki

     
    Last edited: Feb 16, 2006
    spertti, Feb 16, 2006
    #3
  4. vebo

    vebo Guest

    On se ihme kun asensin windowsin uudelleen eilen ja olin ehkä 30seccaa tai 1min ilman kunnon palomuuria ja on taas kone täynnä örkkejä
     
    vebo, Feb 16, 2006
    #4
  5. spertti

    spertti Active member

    Joined:
    Jun 1, 2005
    Messages:
    1,222
    Likes Received:
    0
    Trophy Points:
    66
    Tuo on ihan normaalia. Ei todellakaan kannata olla sekuntiakaan ilman muuria netissä.
     
    spertti, Feb 16, 2006
    #5
  6. mawdrgn

    mawdrgn Regular member

    Joined:
    Jan 2, 2006
    Messages:
    469
    Likes Received:
    0
    Trophy Points:
    26
    Voisiko silloin laittaa vaikka Winukan palomuurin päälle siksi aikaa että kerkeää hakea esim. ZoneAlarmin?

    Muistan muuten, että kaverini käytti konetta(nettiä, pelaili netissä, lataili kaikkea yms.) parikin kuukautta ILMAN PALOMUURIA!

    Silti koneelle ei tullut örkkejä :eek:

    Oliko kaverillani vain pirunmoinen tuuri, vai?

    Koska eikös sinne pakostikin tule örrimörrejä jos liikkuu ilman muuria netissä?
     
    mawdrgn, Feb 16, 2006
    #6
  7. -WK-

    -WK- Active member

    Joined:
    Oct 11, 2004
    Messages:
    1,654
    Likes Received:
    0
    Trophy Points:
    66
    Tämän huomasin kans, en jaksanut irroitaa nettikaapelia / sammuttaa modeemia kun asensin Win 98:n uudestaan, aattelin että menee se sen aikaa ku Zone Alarmin haen ja asennan. Ja p*skat :)
     
    -WK-, Feb 16, 2006
    #7
  8. vebo

    vebo Guest

    Nonin poistin.
    Tuo gimmygames.exe läyty c:\windows\gimmygames.exe ja siitä vierestä joku gimmygames dos juttu. poistin senkin.
    Tuota syitem32.exe en löytäny

    Täs on Hjk-logi:

    Logfile of HijackThis v1.99.1
    Scan saved at 20:39:17, on 16.2.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Steam\Steam.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\ewido anti-malware\ewidoguard.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\wpabaln.exe
    C:\Documents and Settings\Vesa\Työpöytä\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam.exe -silent
    O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\npjpi150_06.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1139929177186
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1139929275811
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
    O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    Ewido-logi:

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 20:33:35, 16.2.2006
    + Report-Checksum: 76DFA2F5

    + Scan result:

    HKLM\SOFTWARE\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKLM\SOFTWARE\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKLM\SOFTWARE\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\.DEFAULT\Software\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\.DEFAULT\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\.DEFAULT\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\S-1-5-18\Software\Effective-i -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\S-1-5-18\Software\Effective-i\TheSearchAccelerator -> Adware.EffectiveBrandToolbar : Cleaned with backup
    HKU\S-1-5-18\Software\Effective-i\TheSearchAccelerator\IE5 -> Adware.EffectiveBrandToolbar : Cleaned with backup
    :mozilla.19:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.20:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.21:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.22:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.23:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
    :mozilla.27:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.28:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.45:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.46:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.47:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.48:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.49:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.50:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.51:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.52:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.53:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.54:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.55:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.56:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup
    :mozilla.60:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.62:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.63:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.64:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.65:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.90:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.91:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.92:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.93:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.94:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.96:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.97:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.98:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.99:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.100:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.101:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.102:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.103:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.106:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.107:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.108:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.152:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.169:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.170:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.188:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.189:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.216:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.217:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.218:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.235:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafic : Cleaned with backup
    :mozilla.240:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
    :mozilla.242:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
    :mozilla.243:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
    :mozilla.244:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
    :mozilla.249:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.250:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.251:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.252:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.285:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.286:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.306:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.307:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.308:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.309:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Realcastmedia : Cleaned with backup
    :mozilla.311:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.312:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.313:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.314:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.315:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.316:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.317:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned with backup
    :mozilla.328:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.342:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned with backup
    :mozilla.363:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.382:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.383:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.384:C:\Documents and Settings\Vesa\Application Data\Mozilla\Firefox\Profiles\cs85thot.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@ehg-ati.hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@hitbox[2].txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned with backup
    C:\Documents and Settings\Vesa\Cookies\vesa@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\8CKJAFUB\winsysban8[1].exe -> Hijacker.VB.lg : Cleaned with backup
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G0Q0WNZT\ucmoreiex[1].exe/UCMTSAIE.DLL -> Adware.Ucmore : Error during cleaning
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G0Q0WNZT\ucmoreiex[1].exe/IUCMORE.DLL -> Adware.Ucmore : Error during cleaning
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\G0Q0WNZT\winsysupd8[1].exe -> Hijacker.StartPage.ahg : Cleaned with backup
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\X8K2OED4\drsmartload[1].exe -> Downloader.VB.wr : Cleaned with backup
    C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\X8K2OED4\gimmygames[1].exe -> Downloader.VB.wd : Cleaned with backup


    ::Report End
     
    vebo, Feb 16, 2006
    #8
  9. blade81

    blade81 Active member

    Joined:
    Jul 28, 2003
    Messages:
    1,287
    Likes Received:
    0
    Trophy Points:
    66
    Skannasitko varmasti Ewidolla vikasietotilassa? Tuolla lokin lopussa on parissa kohdassa "error during cleaning". Tuosta voisit fixata käynnistystä nopeuttamaan:
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

    Kannattaa myös asennella hosts filu tuolta: http://www.mvps.org/winhelp2002/hosts.htm. Haet sieltä hosts.zip -paketin (tällä hetkellä päivitetty 16.2.2006), purat paketin esim. c:\hostitemp -hakemistoon ja ajat mvps.bat -tiedoston. Tämä siirtää paketissa mukana olleen hosts -tiedoston automaattisesti c:\windows\system32\drivers\etc -hakemistoon. Kun olet saanut mvps.batin ajettua, voit poistaa tuon hostitemp -hakemiston.
     
    blade81, Feb 17, 2006
    #9

Share This Page