HJT-Log :E, :D Kone jotenkin hidastunut :F

MikroNoob · Apr 9, 2007

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 7:07:46, on 10.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\.svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\HJT\HiJackThis_v2.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [value] .svchost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GameXL] "C:\Program Files\Game Accelerator\gamexl.exe"
O4 - HKLM\..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe -min
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\RunServices: [value] .svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [value] .svchost.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 7390 bytes

yamaneko · Apr 9, 2007

1.
Jos sinulla ei ole mitään palomuuria tällä hetkellä, koita laittaa Windowsin oma palomuuri päälle, eli:

Käynnistä -> Ohjauspaneeli -> Windowsin palomuuri -> Käytössä -> OK.

2.
Lataa Deckard's System Scanner Työpöydällesi.

Huomioi: Sinulla tulee olla Järjestelmänvalvojan oikeudet ajaaksesi ohjelman.

[*]Sulje kaikki avoimet ikkunat ja ohjelmat.
[*]Tupla Klikkaa Dss.exe tiedostoa ajaaksesi ohjelman, seuraa ohjeita.
[*]Kun Scannaus on valmis 2 textitiedostoa pitäisi avautua, Main.txt ja extra.txt
[*]Näppäile Kopioi ( CTRL+A -> CTRL + C ) ja liitä ( CTRL + V )
[*]kopioi ja liitä main.txt ja extra.txt sisältö seuraavaan vastaukseesi.

yamaneko · Apr 9, 2007

3.
Lähetä tämä tiedosto Virustotaliin

C:\WINDOWS\system32\.svchost.exe (huomaa piste nimen edessä)

1. Eli mene osoitteeseen http://www.virustotal.com/
2. Valitse Choose... (tai Selaa... mikä se selaimessasi onkin) ja etsi tiedosto C:\WINDOWS\system32\.svchost.exe
3. Lopuksi klikkaa Send -linkkiä
4. Kerro mahdolliset löydökset tänne

MikroNoob · Apr 10, 2007

En löytänyt .Svchost.exe tiedostoa System32 kansiosta

Main.txt:
Deckard's System Scanner v20070328.36
Run by 1EE7H4X on 2007-04-10 at 15:54:18
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.

-- Last 5 Restore Point(s) --
33: 2007-04-10 12:54:21 UTC - RP33 - Deckard's System Scanner Restore Point
32: 2007-04-10 07:10:34 UTC - RP32 - System Checkpoint
31: 2007-04-09 06:49:33 UTC - RP31 - Removed Sony Media Manager 2.2
30: 2007-04-09 06:47:10 UTC - RP30 - Removed Medal of Honor Allied Assault
29: 2007-04-09 06:46:04 UTC - RP29 - Removed MANSION

-- First Restore Point --
1: 2007-03-19 16:12:29 UTC - RP1 - System Checkpoint

Backed up registry hives.

Performed disk cleanup.

-- HijackThis (run as 1EE7H4X.exe) ---------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 15:55:41, on 10.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\.svchost.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Valve\Steam\Steam.exe
C:\Documents and Settings\1EE7H4X\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\1EE7H4X.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [value] .svchost.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GameXL] "C:\Program Files\Game Accelerator\gamexl.exe"
O4 - HKLM\..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe -min
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\RunServices: [value] .svchost.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - HKCU\..\Run: [value] .svchost.exe
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

-- File Associations -----------------------------------------------------------

All associations okay.

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 oreans32 - c:\windows\system32\drivers\oreans32.sys
R2 AMON - c:\windows\system32\drivers\amon.sys
R2 windrvNT - c:\windows\system32\windrvnt.sys
R3 emupia (E-mu Plug-in Architecture Driver) - c:\windows\system32\drivers\emupia2k.sys
R3 ha20x2k (Creative 20X HAL Driver) - c:\windows\system32\drivers\ha20x2k.sys

S3 cpuz126 - c:\docume~1\1ee7h4x\locals~1\temp\cpuz.sys (file missing)
S3 ezplay (VSO Software ezplay) - c:\windows\system32\drivers\ezplay.sys
S3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys
S3 SE27bus (Sony Ericsson Device 039 Driver driver (WDM)) - c:\windows\system32\drivers\se27bus.sys
S3 SE27mdfl (Sony Ericsson Device 039 USB WMC Modem Filter) - c:\windows\system32\drivers\se27mdfl.sys
S3 SE27mdm (Sony Ericsson Device 039 USB WMC Modem Driver) - c:\windows\system32\drivers\se27mdm.sys
S3 vaxscsi - c:\windows\system32\drivers\vaxscsi.sys (file missing)

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 MSSQL$SONY_MEDIAMGR - c:\program files\sony\shared plug-ins\media manager\mssql$sony_mediamgr\binn\sqlservr.exe -ssony_mediamgr
R2 StarWindService (StarWind iSCSI Service) - c:\program files\alcohol soft\alcohol 120\starwind\starwindservice.exe

S3 SQLAgent$SONY_MEDIAMGR - c:\program files\sony\shared plug-ins\media manager\mssql$sony_mediamgr\binn\sqlagent.exe -i sony_mediamgr
S3 usprserv (User Privilege Service) - c:\windows\system32\svchost.exe -k netsvcs

-- Scheduled Tasks -------------------------------------------------------------

2007-04-08 06:29:02 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>

-- Files created between 2007-03-10 and 2007-04-10 -----------------------------

2007-04-09 18:01:51 0 d-------- C:\Program Files\ICQLite
2007-04-09 18:01:51 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\ICQLite
2007-04-09 09:52:25 66048 --a------ C:\WINDOWS\ieResetIcons.exe<IERESE~1.EXE>
2007-04-08 01:22:19 0 d-------- C:\Program Files\Audio Phonics, Inc<AUDIOP~1>
2007-04-08 01:22:13 299520 --a------ C:\WINDOWS\uninst.exe
2007-04-07 02:23:47 0 d-------- C:\Documents and Settings\1EE7H4X\WINDOWS
2007-04-06 10:13:34 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\foobar2000<FOOBAR~1>
2007-04-06 10:12:37 0 d-------- C:\Program Files\foobar2000<FOOBAR~1>
2007-04-06 01:03:32 0 d-------- C:\Program Files\eMule
2007-04-01 16:57:18 0 d-------- C:\Documents and Settings\1EE7H4XPELI\Application Data\Adobe
2007-04-01 16:57:16 0 d-------- C:\Documents and Settings\1EE7H4XPELI\Application Data\Real
2007-04-01 16:57:11 221184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-04-01 16:57:02 1048576 --ah----- C:\Documents and Settings\1EE7H4XPELI\NTUSER.DAT
2007-03-26 15:58:49 108144 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-03-26 15:39:53 0 d-------- C:\Program Files\THQ
2007-03-25 02:25:22 0 d-------- C:\Program Files\Windows Journal Viewer<WI96D0~1>
2007-03-24 18:15:58 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Media Player Classic<MEDIAP~1>
2007-03-24 18:12:18 1565480 --a------ C:\WINDOWS\system32\wmv9vcm.dll
2007-03-24 18:12:18 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-03-24 18:04:05 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Real
2007-03-24 03:28:39 348160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-03-24 03:28:39 499712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-03-24 03:28:38 0 d-------- C:\Program Files\Fake Webcam<FAKEWE~1>
2007-03-23 23:38:27 2134832 --a------ C:\WINDOWS\system32\Psi
2007-03-22 18:30:13 0 d-------- C:\Documents and Settings\All Users\Application Data\NVIDIA
2007-03-20 15:37:08 0 d-------- C:\Program Files\Illusion
2007-03-19 19:27:30 0 d-------- C:\!KillBox
2007-03-19 01:36:50 0 d-------- C:\Program Files\Red Chair Software<REDCHA~1>
2007-03-19 01:36:50 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Red Chair Software<REDCHA~1>
2007-03-18 20:44:32 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-03-18 20:00:40 0 d-------- C:\HJT
2007-03-18 19:47:52 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-03-18 17:07:18 0 d--hs---- C:\WINDOWS\CSC
2007-03-18 13:05:00 0 d-------- C:\hymn
2007-03-18 11:40:47 0 d-------- C:\Program Files\Red Kawa<REDKAW~1>
2007-03-18 00:27:52 0 d-------- C:\Program Files\Common Files\xing shared<XINGSH~1>
2007-03-18 00:27:30 0 d-------- C:\Program Files\Common Files\Real
2007-03-18 00:27:29 0 d-------- C:\Program Files\Real
2007-03-17 21:47:56 0 d-------- C:\Documents and Settings\All Users\Application Data\MANSION
2007-03-17 19:05:45 0 d-------- C:\Program Files\Autobahn
2007-03-15 23:17:43 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Talkback
2007-03-15 23:17:25 0 d-------- C:\Program Files\Mozilla Sunbird<MOZILL~2>
2007-03-14 01:20:05 0 d-------- C:\Steam
2007-03-13 23:28:01 1033216 --a------ C:\WINDOWS\Copy of explorer.exe<COPYOF~1.EXE>
2007-03-13 00:26:04 0 d-------- C:\Program Files\thriXXX
2007-03-12 08:13:59 0 d-------- C:\Program Files\EA GAMES<EAGAME~1>
2007-03-12 01:31:29 0 d-------- C:\Program Files\iPod
2007-03-12 01:31:26 0 d-------- C:\Program Files\iTunes
2007-03-12 01:30:40 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-03-11 23:56:45 360576 --a------ C:\WINDOWS\system32\drivers\tcpip
2007-03-11 12:36:41 0 d-------- C:\Program Files\Common Files\NSV
2007-03-11 12:26:06 261632 --a------ C:\WINDOWS\system32\mcdvd_32.dll
2007-03-11 12:25:36 249856 --a------ C:\WINDOWS\system32\NCTQuickTimeFile.dll<NCTQUI~1.DLL>
2007-03-11 12:24:32 2846720 --a------ C:\WINDOWS\system32\NCTAudioCompress3.dll<NCTAUD~4.DLL>
2007-03-11 12:24:12 0 d-------- C:\Program Files\AliveMedia<ALIVEM~1>
2007-03-11 12:24:03 33920 --a------ C:\WINDOWS\system32\drivers\oreans32.sys
2007-03-11 02:11:14 0 d-------- C:\WINDOWS\Speech
2007-03-11 02:10:03 0 d-------- C:\Program Files\Microsoft Speech SDK<MI9714~1>
2007-03-11 00:52:42 187392 --a------ C:\WINDOWS\system32\JPGUtils.dll
2007-03-11 00:52:41 0 d-------- C:\Program Files\WinCustomize<WINCUS~1>
2007-03-11 00:52:41 0 d-------- C:\Program Files\Common Files\Stardock
2007-03-10 21:38:34 115880 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-03-10 21:38:34 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-03-10 21:38:34 36528 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-03-10 21:38:34 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-03-10 21:38:34 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-03-10 15:18:39 0 d-------- C:\Program Files\Panicware<PANICW~1>

-- Find3M Report ---------------------------------------------------------------

2007-04-10 15:53:00 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\uTorrent
2007-04-10 07:06:48 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\OpenOffice.org2<OPENOF~1.ORG>
2007-04-09 19:30:21 0 d-------- C:\Program Files\LimeWire
2007-04-09 09:47:50 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-09 09:47:46 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-04-09 09:46:56 0 d-------- C:\Program Files\MagicISO
2007-04-09 09:43:38 0 d-------- C:\Program Files\Phoenxsoftware<PHOENX~1>
2007-04-09 09:43:18 0 d-------- C:\Program Files\Evil Msn<EVILMS~1>
2007-04-09 09:42:45 0 d-------- C:\Program Files\CursorXP
2007-04-06 21:01:52 0 d-------- C:\Program Files\Winamp
2007-04-06 15:26:25 0 d-------- C:\Program Files\mIRC
2007-04-06 00:54:23 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\LimeWire
2007-03-29 21:11:30 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Adobe
2007-03-24 21:08:27 0 d-------- C:\Program Files\Common Files\Adobe
2007-03-24 18:12:22 0 d-------- C:\Program Files\K-Lite Codec Pack<K-LITE~1>
2007-03-24 18:01:44 0 d-------- C:\Program Files\Gabest
2007-03-21 19:05:31 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-03-21 19:04:50 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-03-16 18:42:04 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Macromedia<MACROM~1>
2007-03-15 23:17:38 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Mozilla
2007-03-12 01:31:37 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Apple Computer<APPLEC~1>
2007-03-12 00:10:55 0 d-------- C:\Program Files\Sony
2007-03-12 00:07:42 0 d-------- C:\Program Files\Common Files\Teleca Shared<TELECA~1>
2007-03-12 00:07:14 0 d-------- C:\Program Files\SpeedConnect<SPEEDC~1>
2007-03-12 00:06:39 0 d-------- C:\Program Files\VirtualDJ<VIRTUA~1>
2007-03-12 00:05:56 0 d-------- C:\Program Files\Yahoo!
2007-03-11 01:50:48 0 d---s---- C:\Documents and Settings\1EE7H4X\Application Data\Microsoft<MICROS~1>
2007-03-11 01:13:20 1015296 --a------ C:\WINDOWS\system32\logonuiX.exe
2007-03-08 18:48:36 578048 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 18:48:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 18:48:36 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 16:49:49 1843968 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-07 23:36:55 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\BSplayer Pro<BSPLAY~1>
2007-03-07 09:03:53 0 d-------- C:\Program Files\BBLACK
2007-03-07 08:29:25 0 d-------- C:\Program Files\DAEMON Tools<DAEMON~1>
2007-03-06 23:14:52 0 d-------- C:\Program Files\Speed Startup<SPEEDS~1>
2007-03-06 15:23:35 602 --a------ C:\Documents and Settings\1EE7H4X\Application Data\AutoGK.ini
2007-03-05 20:56:14 0 d-------- C:\Program Files\SprayR
2007-03-04 22:14:04 0 d-------- C:\Program Files\MAIET
2007-03-03 01:44:49 0 d-------- C:\Program Files\AviSynth 2.5<AVISYN~1.5>
2007-03-02 21:04:15 0 d-------- C:\Program Files\TopDesk Trial<TOPDES~1>
2007-03-02 17:55:16 0 d-------- C:\Program Files\WhatPulse<WHATPU~1>
2007-03-02 17:07:48 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-03-02 00:45:08 128512 --a------ C:\WINDOWS\system32\msiexec.exe
2007-03-01 21:09:04 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Google
2007-03-01 19:09:24 0 d-------- C:\Program Files\Valve Hammer Editor<VALVEH~1>
2007-03-01 08:32:31 0 d-------- C:\Program Files\Web Publish<WEBPUB~1>
2007-03-01 02:09:28 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\teamspeak2<TEAMSP~1>
2007-02-28 13:06:46 32 --a------ C:\WINDOWS\go
2007-02-28 08:21:41 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Publish Providers<PUBLIS~1>
2007-02-28 08:21:41 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\NetMedia Providers<NETMED~1>
2007-02-27 22:33:51 0 d-------- C:\Program Files\Microsoft SQL Server<MICROS~3>
2007-02-27 22:33:41 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Sony
2007-02-27 22:20:02 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Sony Setup<SONYSE~1>
2007-02-27 22:19:47 0 d-------- C:\Program Files\Sony Setup<SONYSE~1>
2007-02-27 22:12:10 0 d-------- C:\Program Files\Stardock
2007-02-27 01:09:07 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Vso
2007-02-27 01:09:07 94080 --a------ C:\Documents and Settings\1EE7H4X\Application Data\ezplay.sys
2007-02-27 01:09:07 7812 --a------ C:\Documents and Settings\1EE7H4X\Application Data\ezplay.cat
2007-02-27 01:09:07 87608 --a------ C:\Documents and Settings\1EE7H4X\Application Data\ezpinst.exe
2007-02-27 01:09:07 33 --a------ C:\Documents and Settings\1EE7H4X\Application Data\DXVQZWIM.log
2007-02-27 01:09:07 1104 --a------ C:\Documents and Settings\1EE7H4X\Application Data\DXVQZWIM.inf
2007-02-27 01:09:06 33 --a------ C:\Documents and Settings\1EE7H4X\Application Data\pcouffin.log
2007-02-27 01:09:05 47360 --a------ C:\Documents and Settings\1EE7H4X\Application Data\pcouffin.sys
2007-02-27 01:09:05 1144 --a------ C:\Documents and Settings\1EE7H4X\Application Data\pcouffin.inf
2007-02-27 01:09:05 7824 --a------ C:\Documents and Settings\1EE7H4X\Application Data\pcouffin.cat
2007-02-27 01:08:58 0 d-------- C:\Program Files\SubViewer3<SUBVIE~1>
2007-02-27 01:08:44 0 d-------- C:\Program Files\Samurize
2007-02-26 19:59:10 421 --a------ C:\apex-video-converter-super.exe<APEX-V~1.EXE>
2007-02-26 19:55:37 0 d-------- C:\Program Files\Common Files\SWF Studio<SWFSTU~1>
2007-02-26 19:50:37 125 --a------ C:\Documents and Settings\1EE7H4X\Application Data\DXVQZWIM.ini
2007-02-26 16:56:38 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-25 22:59:17 35363 --a------ C:\WINDOWS\system32\windrvNT.sys
2007-02-25 22:59:17 53248 --a------ C:\WINDOWS\system32\suppdll.dll
2007-02-25 22:59:16 0 d-------- C:\Program Files\Folder Lock<FOLDER~1>
2007-02-25 21:43:18 0 d-------- C:\Program Files\Smart Projects<SMARTP~1>
2007-02-25 17:33:35 0 d-------- C:\Program Files\Game Accelerator<GAMEAC~1>
2007-02-25 14:40:03 0 d-------- C:\Program Files\OpenOffice.org 2.1<OPENOF~1.1>
2007-02-24 23:13:58 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-02-24 23:13:58 47399 --a------ C:\WINDOWS\BricoPackUninst.cmd<BRICOP~2.CMD>
2007-02-24 23:13:58 2160 --a------ C:\WINDOWS\BricoPackFoldersDelete.cmd<BRICOP~1.CMD>
2007-02-24 11:16:33 0 d-------- C:\Program Files\Webteh
2007-02-24 10:45:59 0 d-------- C:\Program Files\Alcohol Soft<ALCOHO~1>
2007-02-24 10:44:41 0 d-------- C:\Program Files\ffdshow
2007-02-23 19:41:08 0 d-------- C:\Program Files\Java
2007-02-23 19:40:38 0 d-------- C:\Program Files\Common Files\Java
2007-02-23 19:40:21 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Sun
2007-02-22 16:02:32 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared<ADOBES~1>
2007-02-22 13:57:59 0 d-------- C:\Program Files\Creative
2007-02-22 13:56:59 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll
2007-02-22 13:56:59 86016 --a------ C:\WINDOWS\system32\OpenAL32.dll
2007-02-22 13:56:57 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Creative
2007-02-22 13:55:45 274432 --a------ C:\WINDOWS\system32\imon.dll
2007-02-22 13:45:35 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\WinRAR
2007-02-22 13:17:42 2949 --a------ C:\WINDOWS\mozver.dat
2007-02-22 12:48:28 664 --a------ C:\WINDOWS\system32\d3d9caps.dat
2007-02-22 12:47:42 0 --a------ C:\WINDOWS\nsreg.dat
2007-02-22 12:03:30 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Teleca
2007-02-22 01:15:08 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-22 01:15:05 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-22 01:14:45 62 --ahs---- C:\Documents and Settings\1EE7H4X\Application Data\desktop.ini
2007-02-21 23:40:26 0 d-------- C:\Program Files\Valve
2007-02-21 23:33:15 0 d-------- C:\Documents and Settings\1EE7H4X\Application Data\Identities<IDENTI~1>
2007-02-21 23:28:12 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-21 23:27:57 0 -rahs---- C:\MSDOS.SYS
2007-02-21 23:27:57 0 -rahs---- C:\IO.SYS
2007-02-21 23:27:57 0 --a------ C:\CONFIG.SYS
2007-02-21 23:27:57 0 --a------ C:\AUTOEXEC.BAT
2007-02-21 23:26:35 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~4>
2007-02-21 23:25:53 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-21 23:25:46 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-21 23:25:06 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-21 23:24:41 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-02-21 23:24:36 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~2>
2007-02-21 23:24:26 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"WhatPulse"="C:\\Program Files\\WhatPulse\\WhatPulse.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\msnmsgr.exe\" /background"
"DAEMON Tools"="\"C:\\Program Files\\DAEMON Tools\\daemon.exe\" -lang 1033"
"value"=".svchost.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"value"=".svchost.exe"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"Sony Ericsson PC Suite"="\"C:\\Program Files\\Sony Ericsson\\Mobile2\\Application Launcher\\Application Launcher.exe\" /startoptions"
"QuickTime Task"="\"C:\\Program Files\\K-Lite Codec Pack\\QuickTime\\qttask.exe\" -atboottime"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"nod32kui"="\"C:\\Program Files\\Eset\\nod32kui.exe\" /WAITSERVICE"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"GameXL"="\"C:\\Program Files\\Game Accelerator\\gamexl.exe\""
"EfreeSoft Boss Key"="C:\\Program Files\\Mgboss\\mgboss.exe -min"
"CTxfiHlp"="CTXFIHLP.EXE"
"CTHelper"="CTHELPER.EXE"
"Adobe Photo Downloader"="\"C:\\Program Files\\Adobe\\Photoshop Album Starter Edition\\3.0\\Apps\\apdproxy.exe\""
"ICQ Lite"="\"C:\\Program Files\\ICQLite\\ICQLite.exe\" -minimize"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\WhatPulse.exe]
@="C:\\Program Files\\WhatPulse\\WhatPulse.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runservices]
"value"=".svchost.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoChangeAnimation"=dword:00000000
"NoStrCmpLogical"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MemCheckBoxInRunDlg"=dword:00000000
"NoStrCmpLogical"=dword:00000000
"NoLowDiskSpaceChecks"=dword:00000001

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0

-- End of Deckard's System Scanner: finished at 2007-04-10 at 15:55:58 ---------

Extra.txt:
Deckard's System Scanner v20070328.36
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Professional (build 2600) SP 2.0
Architecture: X86; Language: English

CPU 0: AMD Athlon(tm) 64 Processor 3800+
Percentage of Memory in Use: 43%
Physical Memory (total/avail): 1023.36 MiB / 580.66 MiB
Pagefile Memory (total/avail): 2459.75 MiB / 2048.04 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1981.67 MiB

C: is Fixed (NTFS) - 232.88 GiB total, 75.56 GiB free.
D: is CDROM (No Media)
E: is Removable (No Media)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
J: is CDROM (No Media)

-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.
Windows Internal Firewall is enabled.

FirstRunDisabled is set.

AV: Eset NOD32 antivirus system 2.51 v2.51 (Eset)

-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\1EE7H4X\Application Data
CLASSPATH=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=NAAMAKAL-D8AF9F
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\1EE7H4X
LOGONSERVER=\\NAAMAKAL-D8AF9F
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Microsoft SQL Server\80\Tools\Binn\;C:\Program Files\K-Lite Codec Pack\QuickTime\QTSystem\
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 79 Stepping 2, AuthenticAMD
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=4f02
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
SESSIONNAME=Console
sourcesdk=c:\program files\valve\steam\steamapps\jerhak\sourcesdk
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\1EE7H4X\LOCALS~1\Temp
TMP=C:\DOCUME~1\1EE7H4X\LOCALS~1\Temp
USERDOMAIN=NAAMAKAL-D8AF9F
USERNAME=1EE7H4X
USERPROFILE=C:\Documents and Settings\1EE7H4X
VProject=c:\program files\valve\steam\steamapps\jerhak\counter-strike source\cstrike
windir=C:\WINDOWS

-- User Profiles ---------------------------------------------------------------

1EE7H4X (admin)
1EE7H4XPELI (new local, admin)

-- Add/Remove Programs ---------------------------------------------------------

--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Help Center 1.0 --> MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 8 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A80000000002}
Adobe Shockwave Player --> C:\WINDOWS\system32\Macromed\SHOCKW~1\UNWISE.EXE C:\WINDOWS\system32\Macromed\SHOCKW~1\Install.log
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe® Photoshop® Album Starter Edition 3.0 --> MsiExec.exe /I{4BDFD2CE-6329-42E4-9801-9B3D1F10D79B}
Apple Software Update --> MsiExec.exe /I{A50C25D7-62E9-4511-AD70-8E2DA5E79B7D}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
AviSynth 2.5 --> "C:\Program Files\AviSynth 2.5\Uninstall.exe"
BSPlayer --> "C:\Program Files\Webteh\BSplayerPro\uninstall.exe"
Creative Audio Console --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9 /remove
foobar2000 v0.9.4.2 --> "C:\Program Files\foobar2000\uninstall.exe"
ICQ 5.1 --> C:\Program Files\ICQLite\ICQLiteUninstall.EXE
iTunes --> MsiExec.exe /I{446DBFFA-4088-48E3-8932-74316BA4CAE4}
Java(TM) SE Development Kit 6 --> MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0160000}
Java(TM) SE Runtime Environment 6 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
K-Lite Mega Codec Pack 1.67 --> "C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire PRO 4.12.11 --> "C:\Program Files\LimeWire\uninstall.exe"
Microsoft Office PowerPoint Viewer 2003 --> MsiExec.exe /X{90AF0409-6000-11D3-8CFE-0150048383C9}
Microsoft Speech SDK 4.0 --> RunDll32 advpack.dll,LaunchINFSection C:\WINDOWS\INF\SpchSDK.inf, Uninstall.NT
Microsoft Speech SDK 4.0 ActiveX Components --> C:\WINDOWS\ST5UNST.EXE -n "C:\WINDOWS\Speech\ST5UNST.LOG"
Microsoft SQL Server Desktop Engine (SONY_MEDIAMGR) --> MsiExec.exe /X{E09B48B5-E141-427A-AB0C-D3605127224A}
Microsoft Web Publishing Wizard 1.53 --> RunDll32 ADVPACK.DLL,LaunchINFSection C:\WINDOWS\INF\wpie3x86.inf,WebPostUninstall
Microsoft Windows Journal Viewer --> MsiExec.exe /X{43DCF766-6838-4F9A-8C91-D92DA586DFA8}
Microsoft Visual Basic 6.0 Professional Edition --> "C:\Program Files\Microsoft Visual Studio\VB98\Setup\1033\Setup.exe"
mIRC --> "C:\Program Files\mIRC\mirc.exe" -uninstall
Mozilla Firefox (2.0.0.3) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
MSN Messenger 7.0 --> MsiExec.exe /I{ABEB838C-A1A7-4C5D-B7E1-8B4314600777}
NOD32 antivirus system --> C:\Program Files\Eset\Setup\setup.exe /UNINSTALL
NOD32 FiX v2.1 --> "C:\Program Files\Eset\unins000.exe"
NVIDIA Drivers --> C:\WINDOWS\system32\nvudisp.exe UninstallGUI
OpenOffice.org 2.1 --> MsiExec.exe /I{43983EB4-43DC-4C3D-9712-1EF592A31CA8}
QuickTime --> MsiExec.exe /I{50D8FFDD-90CD-4859-841F-AA1961C7767A}
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
S.T.A.L.K.E.R. - Shadow of Chernobyl --> "C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\unins000.exe"
Sexy Beach 3 (remove only) --> "C:\Program Files\Illusion\Sexy Beach 3\uninstall.exe"
Steam --> C:\PROGRA~1\Valve\Steam\UNWISE.EXE C:\PROGRA~1\Valve\Steam\INSTALL.LOG
Valve Hammer Editor --> C:\PROGRA~1\VALVEH~1\UNWISE.EXE C:\PROGRA~1\VALVEH~1\INSTALL.LOG
WhatPulse 1.5 --> C:\Program Files\WhatPulse\uninst.exe
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- End of Deckard's System Scanner: finished at 2007-04-10 at 15:55:58 ---------

yamaneko · Apr 10, 2007

Olisiko piilotettu tiedosto. Laita piilotetut tiedostot näkyville (ohje), ja katso löytyykö sitten.

MikroNoob · Apr 10, 2007

On ollut kokoajan piilotetut tiedostot ja kansiot näkyvissä

yamaneko · Apr 10, 2007

Oletko koittanut etsiä tiedostoa Windowsin Etsi-toiminnolla?

Se miksi haluaisin sinun löytävän sen tiedoston, johtuu siitä että kyseessä voisi olla uusi SDbot variantti, ja file olisi hyvä tarkistaa ja paikallistaa (jotta sen voisi tarvittaessa lähettää SDfixin tekijälle). Siksi pyydän että koita vielä etsiä tuota

MikroNoob · Apr 10, 2007

Löysin sen juuri, laitan sitä tuonne virustotalliin

yamaneko · Apr 10, 2007

Hienoa! Mistä löytyi?

MikroNoob · Apr 10, 2007

System32 :l Hyvin mä vedän

AntiVir 7.3.1.48 04.10.2007 TR/Agent.1345536.1
BitDefender 7.2 04.10.2007 DeepScan:Generic.Malware.G!SKI!!FLMWX!!Bprng.FF2E271E
Fortinet 2.85.0.0 04.10.2007 suspicious
Ikarus T3.1.1.5 04.10.2007 Backdoor.VB.EV
Microsoft 1.2405 04.10.2007 Backdoor:Win32/Rbot!8E3D
Sunbelt 2.2.907.0 04.07.2007 Trojan.G!SKI!!FLMWX!!Bprng.FF2E271E
Webwasher-Gateway 6.0.1 04.10.2007 Trojan.Agent.1345536.1

yamaneko · Apr 10, 2007

Huom! ei käytetä Hijackthis 2.0 betaa, vaan edellistä. Jos sinulla ei sitä ole, hae se osoitteesta http://koti.mbnet.fi/pattaya1/HijackThis.exe

1. Siirrä Hijackthis omaan kansioonsa, esim. C:\Hijackthis. Tämä on tärkeää, jotta Hijackthis toimisi oikein.

Käynnistä C:\Hijackthis\hijackthis.exe ja valitse Do a system scan only

Merkitse seuraavat rivit:

O4 - HKLM\..\Run: [value] .svchost.exe
O4 - HKLM\..\RunServices: [value] .svchost.exe
O4 - HKCU\..\Run: [value] .svchost.exe

ja valitse lopuksi Fix checked.

2. Lataa Killbox Option^Explicitiltä.

Huomaa: Jos sinulla on jo Killbox, tämä on uusi versio joka sinun tulee asentaa. Poista aikaisempi.

[*]Tallenna työpöydällesi.
[*] Tupla-klikkaa Killbox.exe ajaaksesi ohjelman.
[*] Valitse: [*]Delete on Reboot[*] sitten klikkaa All Files valintaa.
[*]Kopioi ja liitä alapuolella olevat tiedostopolut leikepöydälle mustaamalla KAIKKI ne ja painamalla CTRL + C (tai, mustaamisen jälkeen, oikea klikki hiirellä ja valitse kopioi):

C:\WINDOWS\system32\.svchost.exe

[*] Palaa Killboxiin, mene File valikkoon, ja valitse Paste from Clipboard.

[*]Klikkaa puna-valkoista Delete File valintaa. Klikkaa Yes "Delete on Reboot" pyyntöön. Klikkaa OK mihin vain PendingFileRenameOperations pyyntöön (ja anna fixaajan tietää jos jokin tälläinen tulee!).
Käynnistä koneesi itse jos se ei sitä automaattisesti tee.

Jos saat tälläisen viestin: "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." Kun yrität ajaa KillBoxia, klikkaa tätä ladataksesi ja ajaaksesi Missingfilessetup.exe;n. Sitten koita KillBoxia uudestaan.

3. Ota uusi Hjt loki

MikroNoob · Apr 10, 2007

Logfile of HijackThis v1.99.1
Scan saved at 17:21:03, on 10.4.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\WgaTray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\CTHELPER.EXE
C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
C:\Program Files\ICQLite\ICQLite.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WhatPulse\WhatPulse.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\DAEMON Tools\daemon.exe
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.exe
C:\Program Files\OpenOffice.org 2.1\program\soffice.BIN
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\Mozilla Firefox\firefox.exe
C:\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ycomp/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\K-Lite Codec Pack\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [GameXL] "C:\Program Files\Game Accelerator\gamexl.exe"
O4 - HKLM\..\Run: [EfreeSoft Boss Key] C:\Program Files\Mgboss\mgboss.exe -min
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [ICQ Lite] "C:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [WhatPulse] C:\Program Files\WhatPulse\WhatPulse.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Anapod Manager.lnk = C:\Program Files\Red Chair Software\Anapod Explorer\anamgr.exe
O4 - Startup: OpenOffice.org 2.1.lnk = C:\Program Files\OpenOffice.org 2.1\program\quickstart.exe
O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Yahoo! Widget Engine\YahooWidgetEngine.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: (no name) - {85e1f530-48f4-11d9-9629-08ff2ffc9f67} - (no file)
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O16 - DPF: {DD583921-A9E9-4FBF-9266-8DC2AB5EA0AF} (HGPlugin10USA Class) - http://gamedownload.ijjimax.com/gamedownload/dist/hgstart/HGPlugin10USA.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

yamaneko · Apr 10, 2007

1. Jos viitsit, lähetä C:\!KillBox\.svchost.exe SDfixin tekijälle. (Ohje) Tuon jälkeen voit poistaa tiedoston.

2. Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:

Laita täppi kohtaan "Automatically generate report after every scan"

Ota täppi pois kohdasta"Only if threats were found"

[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan, Ohje!

HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG Anti-Spyware:n raportti viestikejuusi.

MikroNoob · Apr 11, 2007

Lähetin tuon jtun, nytten latasin tuon avg 7.5, minkä linkki oli tuossa
Siis mulla aukeaa tällänen

yamaneko · Apr 11, 2007

Hyvä että lähetit!

Sulla on jo AVG Anti-Spyware koneellasi, tuo linkki on vain Afterdwanin luoma tuohon toiseen ohjelmaan.

Tee kuten edellisessä ohjeessa, mutta tosiaan tuolla AVG Anti-Spywarella

MikroNoob · Apr 11, 2007

Hehe... Poistin sen avg kun se ei päivittänyt, valitti jotain
sitten latasin tuon ja ihmettelin

yamaneko · Apr 11, 2007

Päivitykset saa myös täältä, jos automaattipäivitys ei onnistu
http://www.ewido.net/en/download/updates/

MikroNoob · Apr 11, 2007

Ahh kiitos

MikroNoob · Apr 11, 2007

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 0:28:45 12.4.2007

+ Scan result:

:mozilla.508:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.509:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.510:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
:mozilla.145:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.146:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.147:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.148:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.149:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.910:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@microsoftwga.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.857:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.71i : Cleaned.
:mozilla.160:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.54:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.55:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.56:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.79:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.80:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.81:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.82:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.215:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.216:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.300:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.301:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.302:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.303:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.464:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@atdmt[3].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.159:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
:mozilla.539:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.544:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.545:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.316:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.317:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.318:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.319:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.320:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.321:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.322:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.323:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.324:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.325:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.574:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.590:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.617:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.750:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.751:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.752:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.753:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Cpvfeed : Cleaned.
:mozilla.232:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.242:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.243:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.244:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.245:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.246:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.247:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.248:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.237:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.532:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.534:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.535:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.537:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.538:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.715:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.495:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
:mozilla.816:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.817:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.860:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned.
:mozilla.522:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.523:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Live : Cleaned.
:mozilla.524:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@search.live[2].txt -> TrackingCookie.Live : Cleaned.
:mozilla.575:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.212:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.213:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
:mozilla.905:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.906:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Onestat : Cleaned.
:mozilla.613:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.614:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.615:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.304:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.835:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.836:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.837:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.838:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
:mozilla.818:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.819:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.820:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.821:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.822:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.823:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.824:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@real[2].txt -> TrackingCookie.Real : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@realguide.real[1].txt -> TrackingCookie.Real : Cleaned.
:mozilla.507:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned.
:mozilla.572:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.573:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.576:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.578:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Revsci : Cleaned.
:mozilla.790:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.791:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.786:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
:mozilla.787:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@counter7.sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@counter7.sextracker[3].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@sextracker[1].txt -> TrackingCookie.Sextracker : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@sextracker[3].txt -> TrackingCookie.Sextracker : Cleaned.
:mozilla.371:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.372:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.662:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.663:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.664:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.665:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.666:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned.
:mozilla.351:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.352:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.353:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.354:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.355:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.356:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.357:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.358:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.359:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.360:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.361:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.362:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.363:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.364:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.365:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.366:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.367:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.207:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@statistik-gallup[2].txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.540:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.541:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.542:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.543:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
:mozilla.895:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Toplist : Cleaned.
:mozilla.233:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.234:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@tradedoubler[1].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.500:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Trafic : Cleaned.
:mozilla.315:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.771:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Weborama : Cleaned.
C:\Documents and Settings\1EE7H4X\Cookies\1ee7h4x@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.240:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.84:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.85:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.86:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.87:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.88:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.89:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.90:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.91:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.92:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.93:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.94:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.95:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.96:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.339:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.340:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.341:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.342:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.343:C:\Documents and Settings\1EE7H4X\Application Data\Mozilla\Firefox\Profiles\0av7siav.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\System Volume Information\_restore{FF3172FB-995B-4C0C-8698-3A4387966BCD}\RP33\A0024517.dll -> Trojan.Small : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{FF3172FB-995B-4C0C-8698-3A4387966BCD}\RP33\A0024513.exe -> Worm.Sunk.a : Cleaned with backup (quarantined).

::Report end

Siinä olis

yamaneko · Apr 11, 2007

No niin, näyttäisi puhtaalta. Miltä tuntuu, hidasteleeko kone vielä?

Mites tuo palomuuri, onhan sinulla edes Windowsin oma palomuuri päällä?

Nyt kun olet puhdas, seuraavaksi pari vinkkiä kuinka pienennetään saastumisriskiä. Kaikista on saatavilla joko suomenkielinen versio sekä/tai suomenkielinen opas.

-> Taistele vastaan!!-> Malware Complaints
Sivusto antaa haittaohjelmien uhreille mahdollisuuden kertoa tarinansa ja tehdä valituksen asiasta. Taistellaan yhdessä haittaohjelmien tekijöitä vastaan!

-> Tyhjennä järjestelmänpalautus -> Ohjeet
Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä.

-> Käytä CCleaneria -> CCleaner
Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti.

-> Käytä Ad-Awarea -> Ad-Aware
Lataa ja asenna Ad-Aware. Päivitä se ja skannaa konettasi sillä säännöllisesti.
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Käytä AVG Anti-Spywarea -> AVG Anti-Spyware
Lataa ja asenna AVG Anti-Spyware. Päivitä se ja skannaa konettasi sillä säännöllisesti
Opas saatavilla suomeksi! (Ewido ulkoasulla) Nimimerkki Axelin opas

-> Asenna SpywareBlaster -> SpywareBlaster
SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia!
Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas

-> Asenna MVPS Hosts tiedosto -> MVPS Hosts
Estää koneesi yhteyden haitallisiin sivustoihin.
Opas saatavilla suomeksi! Nimimerkki Axelin opas

-> Vaihda selaimesi Firefoxiin -> Firefox
Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer.

-> Pidä järjestelmäsi ajantasalla. -> Windows Update
Vieraile Windows Updatessa säännöllisesti.

-> Pidä palomuuri ja virustorjunta ajantasalla
Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi.

Pysy puhtaana

Log in or Sign up

HJT-Log :E, :D Kone jotenkin hidastunut :F

MikroNoob Guest

yamaneko Senior member

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

MikroNoob Guest

yamaneko Senior member

Share This Page

Log in or Sign up

HJT-Log :E, :D Kone jotenkin hidastunut :F

MikroNoob Guest

yamaneko Senior member

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

yamaneko Senior member

MikroNoob Guest

MikroNoob Guest

yamaneko Senior member

Share This Page

Useful Searches