Logfile of HijackThis v1.99.1 Scan saved at 0:10:47, on 13.7.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avast4\ashWebSv.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\Program Files\ZoneAlarm\zlclient.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\explorer.exe D:\downloads\HijackThis_v1.99.1.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [P1171Cfg.exe] P1171Cfg.exe /d:2 O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [µTorrent] "D:\downloads\torrent\utorrent.exe" O4 - Startup: aMSN.lnk = C:\Program Files\aMSN\amsn.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe Kiitos!
Avaa hijackthis merkkaa seuraavat rivi(t) ja paina fix checked, sulje muut ohjelmat siksi aikaa. O4 - HKLM\..\Run: [P1171Cfg.exe] P1171Cfg.exe /d:2 Tässä ohje miten merkataan: =======? 1. Lataa combofix.exe työpöydällesi jommastakummasta linkistä: http://www.techsupportforum.com/sectools/sUBs/ComboFix.exe http://download.bleepingcomputer.com/sUBs/ComboFix.exe 2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia. 3. Kun työkalu on valmis, se tuottaa lokin. (C:\ComboFix.txt) Lähetä tämä loki viesti ketjuusi. Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.
"aaro" - 2007-07-13 12:19:26 - ComboFix 07-07-13.8 - Service Pack 2 NTFS ((((((((((((((((((((((((( Files Created from 2007-06-13 to 2007-07-13 ))))))))))))))))))))))))))))))) 2007-07-12 21:09 <DIR> d-------- C:\Program Files\Windows Live Safety Center 2007-07-12 20:57 51,200 --a------ C:\WINDOWS\nircmd.exe 2007-07-12 18:37 <DIR> d-------- C:\Program Files\Common Files\PCSuite 2007-07-12 18:36 <DIR> d-------- C:\Program Files\PC Connectivity Solution 2007-07-12 18:32 8,320 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys 2007-07-12 18:32 65,536 --a------ C:\WINDOWS\system32\nmwcdcocls.dll 2007-07-12 18:32 137,216 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys 2007-07-12 18:32 12,288 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys 2007-07-12 18:13 91,392 --a------ C:\WINDOWS\system32\drivers\P1171Vid.sys 2007-07-12 18:13 69,632 --a------ C:\WINDOWS\system32\P1171Sti.dll 2007-07-12 18:13 65,536 --a------ C:\WINDOWS\system32\CtCamMgr.dll 2007-07-12 18:13 57,344 --a------ C:\WINDOWS\system32\P1171Hwx.dll 2007-07-12 18:13 36,864 --a------ C:\WINDOWS\system32\P1171Pin.dll 2007-07-12 18:13 20,480 --a------ C:\WINDOWS\system32\P1171Srv.exe 2007-07-12 18:13 20,480 --a------ C:\WINDOWS\P1171Cfg.exe 2007-07-12 10:06 81,920 --a------ C:\WINDOWS\system32\frapsvid.dll 2007-07-12 00:56 126,976 --a------ C:\WINDOWS\system32\P1171Vfw.dll 2007-07-11 17:05 532,480 --a------ C:\WINDOWS\system32\The Simpsons Movie.scr 2007-07-11 17:05 <DIR> d-------- C:\WINDOWS\system32\The Simpsons Movie dir 2007-07-11 13:44 77,312 --a------ C:\WINDOWS\ua2.dll 2007-07-11 08:31 <DIR> d-------- C:\DOCUME~1\aaro\APPLIC~1\Media Player Classic 2007-07-11 08:29 740,442 --a------ C:\WINDOWS\system32\divx.dll 2007-07-11 08:29 73,728 --a------ C:\WINDOWS\system32\dpl100.dll 2007-07-11 08:29 630,784 --a------ C:\WINDOWS\system32\vp7vfw.dll 2007-07-11 08:29 593,920 --a------ C:\WINDOWS\system32\xvidcore.dll 2007-07-11 08:29 564,224 --a------ C:\WINDOWS\system32\x264vfw.dll 2007-07-11 08:29 438,272 --a------ C:\WINDOWS\system32\vp6vfw.dll 2007-07-11 08:29 39,936 --a------ C:\WINDOWS\system32\huffyuv.dll 2007-07-11 08:29 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll 2007-07-11 08:29 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll 2007-07-11 08:29 217,088 --a------ C:\WINDOWS\system32\i420vfw.dll 2007-07-11 08:29 180,224 --a------ C:\WINDOWS\system32\xvidvfw.dll 2007-07-11 08:29 144,384 --a------ C:\WINDOWS\system32\Iacenc.dll 2007-07-11 08:29 10,752 --a------ C:\WINDOWS\system32\ff_vfw.dll 2007-07-11 08:29 <DIR> d-------- C:\Program Files\K-Lite Codec Pack 2007-07-11 08:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real 2007-07-11 08:29 <DIR> d-------- C:\DOCUME~1\aaro\APPLIC~1\Real 2007-07-11 08:20 <DIR> d-------- C:\Program Files\iTunes 2007-07-11 08:20 <DIR> d-------- C:\Program Files\iPod 2007-07-11 08:20 <DIR> d-------- C:\DOCUME~1\aaro\APPLIC~1\Apple Computer 2007-07-11 08:19 <DIR> d-------- C:\Program Files\QuickTime 2007-07-11 08:19 <DIR> d-------- C:\Program Files\Apple Software Update 2007-07-11 08:19 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple 2007-07-11 08:17 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer 2007-07-10 19:06 <DIR> d-------- C:\Program Files\Trend Micro 2007-07-10 18:13 <DIR> d-------- C:\WINDOWS\SxsCaPendDel (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-07-13 09:19:06 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\uTorrent 2007-07-12 18:18:21 -------- d-----w C:\Program Files\Nokia 2007-07-12 18:18:21 -------- d-----w C:\Program Files\Common Files\Nokia 2007-07-12 17:51:58 2,170 ----a-w C:\WINDOWS\system32\tmp.reg 2007-07-12 09:18:07 -------- d-----w C:\Program Files\Steam 2007-07-10 16:10:28 -------- d-----w C:\Program Files\AVG Anti-Spyware 7.5 2007-07-10 14:17:40 -------- d-----w C:\Program Files\Avast4 2007-06-08 05:11:12 831,048 ----a-w C:\WINDOWS\system32\WudfUpdate_01005.dll 2007-05-31 12:25:56 -------- d-----w C:\Program Files\mIRC 2007-05-29 19:03:57 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\OpenOffice.org2 2007-05-26 20:30:07 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\Opera 2007-05-26 13:09:19 -------- d-----w C:\Program Files\EVEREST 2007-05-24 15:32:00 -------- d--h--w C:\Program Files\InstallShield Installation Information 2007-05-24 15:31:07 -------- d-----w C:\Program Files\NVIDIA Corporation 2007-05-24 05:09:07 -------- d-----w C:\Program Files\SpeedFan 2007-05-21 18:44:45 -------- d-----w C:\Program Files\Nero 2007-05-19 15:38:48 -------- d-----w C:\Program Files\Alcohol Soft 2007-05-18 18:00:08 -------- d-----w C:\Program Files\MSXML 6.0 2007-05-18 17:42:38 502,272 ----a-w C:\WINDOWS\system32\winlogon.exe 2007-05-17 15:53:32 -------- d-----w C:\Program Files\OpenOffice.org 2.2 2007-05-16 18:42:42 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\Nokia 2007-05-16 18:37:32 -------- d-----w C:\Program Files\DIFX 2007-05-16 15:12:02 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll 2007-05-15 17:50:04 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\Command & Conquer 3 Tiberium Wars 2007-05-15 17:03:37 -------- d--h--r C:\DOCUME~1\aaro\APPLIC~1\SecuROM 2007-05-15 17:03:36 108,144 ----a-w C:\WINDOWS\system32\CmdLineExt.dll 2007-05-15 15:15:54 -------- d-----w C:\Program Files\Electronic Arts 2007-05-15 07:47:08 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\MusicIP 2007-05-14 17:05:38 -------- d-----w C:\DOCUME~1\aaro\APPLIC~1\ExportTool 2007-05-14 15:53:19 -------- d-----w C:\Program Files\aMSN 2007-05-14 15:42:32 -------- d-----w C:\Program Files\DivX 2007-04-30 15:46:10 745,600 ----a-w C:\WINDOWS\system32\aswBoot.exe 2007-04-30 15:35:28 95,872 ----a-w C:\WINDOWS\system32\AVASTSS.scr 2007-04-25 14:21:15 144,896 ----a-w C:\WINDOWS\system32\schannel.dll 2007-04-20 04:15:26 356,352 ----a-w C:\WINDOWS\system32\nvusmb.exe 2007-04-20 04:15:26 356,352 ----a-w C:\WINDOWS\system32\nvunrm.exe 2007-04-20 04:15:26 356,352 ----a-w C:\WINDOWS\system32\NVUNINST.EXE 2007-04-20 04:15:26 356,352 ----a-w C:\WINDOWS\system32\nvuide.exe 2007-04-20 04:15:26 356,352 ----a-w C:\WINDOWS\system32\nvudisp.exe 2007-04-20 03:05:00 81,920 ----a-w C:\WINDOWS\system32\nvwddi.dll 2007-04-20 03:05:00 81,920 ----a-w C:\WINDOWS\system32\nvmctray.dll 2007-04-20 03:05:00 8,429,568 ----a-w C:\WINDOWS\system32\nvcpl.dll 2007-04-20 03:05:00 6,668,288 ----a-w C:\WINDOWS\system32\nvoglnt.dll 2007-04-20 03:05:00 6,217,728 ----a-w C:\WINDOWS\system32\nvdisps.dll 2007-04-20 03:05:00 5,434,880 ----a-w C:\WINDOWS\system32\nv4_disp.dll 2007-04-20 03:05:00 466,944 ----a-w C:\WINDOWS\system32\nvshell.dll 2007-04-20 03:05:00 45,056 ----a-w C:\WINDOWS\system32\nvmccsrs.dll 2007-04-20 03:05:00 442,368 ----a-w C:\WINDOWS\system32\nvappbar.exe 2007-04-20 03:05:00 425,984 ----a-w C:\WINDOWS\system32\keystone.exe 2007-04-20 03:05:00 37,888 ----a-w C:\WINDOWS\system32\nvcodins.dll 2007-04-20 03:05:00 37,888 ----a-w C:\WINDOWS\system32\nvcod.dll 2007-04-20 03:05:00 344,064 ----a-w C:\WINDOWS\system32\nvapi.dll 2007-04-20 03:05:00 3,538,944 ----a-w C:\WINDOWS\system32\nvvitvs.dll 2007-04-20 03:05:00 3,289,088 ----a-w C:\WINDOWS\system32\nvgames.dll 2007-04-20 03:05:00 286,720 ----a-w C:\WINDOWS\system32\nvnt4cpl.dll 2007-04-20 03:05:00 229,376 ----a-w C:\WINDOWS\system32\nvmccs.dll 2007-04-20 03:05:00 2,273,280 ----a-w C:\WINDOWS\system32\nvwss.dll 2007-04-20 03:05:00 188,416 ----a-w C:\WINDOWS\system32\nvmccss.dll 2007-04-20 03:05:00 163,908 ----a-w C:\WINDOWS\system32\nvsvc32.exe 2007-04-20 03:05:00 143,360 ----a-w C:\WINDOWS\system32\nvcolor.exe 2007-04-20 03:05:00 1,703,936 ----a-w C:\WINDOWS\system32\nvwdmcpl.dll 2007-04-20 03:05:00 1,626,112 ----a-w C:\WINDOWS\system32\nwiz.exe 2007-04-20 03:05:00 1,474,560 ----a-w C:\WINDOWS\system32\nview.dll 2007-04-20 03:05:00 1,339,392 ----a-w C:\WINDOWS\system32\nvdspsch.exe 2007-04-20 03:05:00 1,101,824 ----a-w C:\WINDOWS\system32\nvmobls.dll 2007-04-20 03:05:00 1,019,904 ----a-w C:\WINDOWS\system32\nvwimg.dll 2007-04-20 03:05:00 1,018,748 ----a-w C:\WINDOWS\system32\nvucode.bin 2007-04-18 16:12:23 2,854,400 ----a-w C:\WINDOWS\system32\msi.dll 2007-04-16 19:47:36 33,624 ----a-w C:\WINDOWS\system32\wups.dll 2007-04-16 19:45:54 1,710,936 ----a-w C:\WINDOWS\system32\wuaueng.dll 2007-04-16 19:45:48 549,720 ----a-w C:\WINDOWS\system32\wuapi.dll 2007-04-16 19:45:42 325,976 ----a-w C:\WINDOWS\system32\wucltui.dll 2007-04-16 19:45:36 203,096 ----a-w C:\WINDOWS\system32\wuweb.dll 2007-04-16 19:45:28 92,504 ----a-w C:\WINDOWS\system32\cdm.dll 2007-04-16 19:45:20 53,080 ----a-w C:\WINDOWS\system32\wuauclt.exe 2007-04-16 19:45:20 43,352 ----a-w C:\WINDOWS\system32\wups2.dll 2007-04-16 19:44:20 271,224 ----a-w C:\WINDOWS\system32\mucltui.dll 2007-04-16 19:44:18 208,248 ----a-w C:\WINDOWS\system32\muweb.dll 2007-04-14 14:35:10 335 ----a-w C:\WINDOWS\nsreg.dat 2007-04-14 14:34:58 8,861 ----a-w C:\WINDOWS\mozver.dat 2007-04-14 14:34:58 118,784 ----a-w C:\WINDOWS\SeaMonkeyUninstall.exe 2007-04-14 14:34:51 118,784 ----a-w C:\WINDOWS\GREUninstall.exe 2007-04-13 00:21:14 271,360 ----a-w C:\WINDOWS\system32\mscoree.dll ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] 2006-12-18 05:16 59032 --a------ C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] 2007-03-14 03:43 501400 --a------ C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMan"="SOUNDMAN.EXE" [2006-06-21 00:42 C:\WINDOWS\soundman.exe] "Logitech Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 C:\WINDOWS\KHALMNPR.Exe] "Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [2006-07-19 13:03 C:\WINDOWS\KHALMNPR.Exe] "LogitechCommunicationsManager"="C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" [2006-08-03 10:44] "LVCOMSX"="C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" [2006-08-03 14:29] "avast!"="C:\PROGRA~1\Avast4\ashDisp.exe" [2007-04-30 18:42] "{0228e555-4f9c-4e35-a3ec-b109a192b4c2}"="C:\Program Files\Google\Gmail Notifier\gnotify.exe" [2005-07-16 00:48] "ZoneAlarm Client"="C:\Program Files\ZoneAlarm\zlclient.exe" [2007-03-09 01:02] "nwiz"="nwiz.exe" [2007-04-20 06:05 C:\WINDOWS\system32\nwiz.exe] "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2007-04-27 09:41] "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2007-06-28 09:14] "PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 15:10] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 15:00] "NVIDIA nTune"="C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2007-04-04 14:20] "µTorrent"="D:\downloads\torrent\utorrent.exe" [2007-07-13 12:18] "uTorrent"="D:\downloads\torrent\utorrent.exe" [2007-07-13 12:18] [HKEY_USERS\.default\software\microsoft\windows\currentversion\run] "Nokia.PCSync"=C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoResolveSearch"=1 (0x1) [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "LinkResolveIgnoreLinkInfo"=0 (0x0) "NoSMHelp"=01000000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\AVG Anti-Spyware 7.5\shellexecutehook.dll" [2007-07-10 17:55] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Driver] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\minimal\AVG Anti-Spyware Guard] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-] "PCSuiteTrayApplication"=C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup "!AVG Anti-Spyware"="C:\Program Files\AVG Anti-Spyware 7.5\avgas.exe" /minimized [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] p2psvc p2psvc p2pimsvc p2pgasvc PNRPSvc Contents of the 'Scheduled Tasks' folder 2007-07-11 05:19:22 C:\WINDOWS\tasks\AppleSoftwareUpdate.job ************************************************************************** catchme 0.3.915 W2K/XP/Vista - rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-07-13 12:20:43 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Completion time: 2007-07-13 12:21:10 --- E O F ---
Skannaa koneesi Ewido Online Scannerilla * Lataa Ewido_micro.exe tästä. * Tallenna tiedosto esimerkiksi työpöydälle. * Tuplaklikkaa Ewido_micro.exeä työpöydälläsi. * Ewido alkaa samantien päivittämään tunnisteitaan. Tässä voi mennä hetki. * Kun päivitykset on ladattu, varmista että kaikki kohdat ovat rastitettuja ikkunan vasemmassa laidassa. * Klikkaa vasemmalla alhaalla olevaa Start Scan -nappia. * Scannaus alkaa. Tässä voi kestää jonkun aikaa, riippuen tiedostojen määrästä. * Kun skannaus on valmis ja löytyneitä kohteita on, niin varmista, että kaikkien kohteiden vasemmalla puolella olevissa kohdissa on rastit. * Klikkaa Save report -nappia ja tallenna raportti vaikka työpöydälle. * Klikkaa Remove Infections -nappia. * Kun vastaat aukeavaan ilmoitukseen ok, niin kaikki saastuneet tiedostot poistetaan. * Poiston jälkeen voit sammuttaa Ewido Online Scannerin painamalla yläkulmassa olevaa punaista rastia. * Käynnistä kone nyt uudelleen ja postita tallentamasi raportti viestiketjuusi ========== Tämä jos tunnet tietokoneesi olevan hitaan puoleinen, etkä ole eheyttänyt pitkään aikaan: Avaa Oma tietokone -> Tee seuraava toimenpide kaikille Paikallisille levyille ========== Lataa CCleaner ja asenna se: Avaa "Options", sieltä "Language" ja valitse "Suomi (Finnish)" Avaa "Virheet" kohta, paina "Etsi rekisterin virheitä", paina "Korjaa valitut rekisterin virheet..". Paina "Kyllä", kun ohjelma kysyy "Haluatko varmuuskopioida muutokset rekisteriin", tallenna tiedosto esim. työpöydälle. Avaa "Puhdistaja", paina "Tutki" ja tämän jälkeen "Aja Ccleaner". Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti. ========== Jos sinulla ei ole tätä java versiota (6.2): Vanha java saastuttaa helposti koneesi! Javan päivitys ja välimuistin tyhjennys: 1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa. 2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... ) Niissä pitäisi olla seuraava kuva vieressä: 3. Valitse kaikki entiset Java versiosi ja valitse Poista. 4. Asenna uusin Java päivitys seuraavasta linkistä.. 5. Käynnistä kone uudelleen asennuksen jälkeen: http://java.sun.com/javase/downloads/index.jsp tai http://www.filehippo.com/download_java_runtime/ Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2 Paina Download Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se. 6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi). 7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia. (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa. Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle). 8. Varmista että kaikki kaksi valintaa ovat rastitettuja: *Applications and Applets *Trace and Log Files Ja paina OK -nappia 9. Klikkaa OK "Temporary Files Settings" -ikkunassasi. 10. Klikkaa OK jättääksesi Java asetusikkunasi. ========== Uusi Hijackthislogi ja ewido online skannerin raportti
Logfile of HijackThis v1.99.1 Scan saved at 20:26:25, on 13.7.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16473) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\ZoneLabs\vsmon.exe C:\Program Files\Avast4\aswUpdSv.exe C:\Program Files\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe C:\Program Files\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Avast4\ashWebSv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe C:\PROGRA~1\Avast4\ashDisp.exe C:\Program Files\Google\Gmail Notifier\gnotify.exe C:\Program Files\ZoneAlarm\zlclient.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\PC Connectivity Solution\ServiceLayer.exe C:\Program Files\Logitech\SetPoint\SetPoint.exe C:\Program Files\Common Files\Logitech\khalshared\KHALMNPR.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\system32\msiexec.exe F:\HjT\skanneri.exe O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\Logitech\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LVCOMSX] "C:\Program Files\Common Files\Logitech\LComMgr\LVComSX.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Program Files\Google\Gmail Notifier\gnotify.exe O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\ZoneAlarm\zlclient.exe" O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [NVIDIA nTune] "C:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [µTorrent] "D:\downloads\torrent\utorrent.exe" O4 - HKCU\..\Run: [uTorrent] "D:\downloads\torrent\utorrent.exe" O4 - Startup: aMSN.lnk = C:\Program Files\aMSN\amsn.exe O4 - Global Startup: Logitech SetPoint.lnk = ? O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\npjpi160_02.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase8300.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe Active File Monitor V5 (AdobeActiveFileMonitor5.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\AVG Anti-Spyware 7.5\guard.exe O23 - Service: iPod-palvelu (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
__________________________________________________ ewido anti-spyware online scanner http://www.ewido.net __________________________________________________ Name: TrackingCookie.Statistik-gallup Path: :mozilla.22:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Adrevolver Path: :mozilla.53:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Yadro Path: :mozilla.76:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.77:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Yieldmanager Path: :mozilla.78:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.93:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.94:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.95:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Overture Path: :mozilla.113:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Googleadservices Path: :mozilla.120:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Atdmt Path: :mozilla.127:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.128:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.129:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.130:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.131:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Statcounter Path: :mozilla.132:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.142:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.143:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.144:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Netflame Path: :mozilla.153:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.2o7 Path: :mozilla.163:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.210:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.211:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Adbrite Path: :mozilla.212:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Tribalfusion Path: :mozilla.307:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Webtrendslive Path: :mozilla.321:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.338:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.339:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.340:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Specificclick Path: :mozilla.341:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.348:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.349:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.350:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.351:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.352:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Serving-sys Path: :mozilla.353:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium Name: TrackingCookie.Hitbox Path: :mozilla.354:C:\Documents and Settings\aaro\Application Data\Mozilla\Firefox\Profiles\s6e4xbv2.default\cookies.txt Risk: Medium
Pysy puhtaana -> Tyhjennä järjestelmänpalautus Ohjeet Tyhjennä järjestelmänpalautuskansio ja luo uusi palautuspiste. Tämä puhdistaa palautuskansion mahdollisista haittaohjelmajäännöksistä. -> Käytä CCleaneria -> CCleaner Lataa ja asenna CCleaner. Puhdista väliaikaistiedostot ja -kansiot ohjelmalla säännöllisesti. -> Asenna SpywareBlaster -> SpywareBlaster SpywareBlaster estää haittaohjelmia asentumasta koneellesi. Ei kuluta muistia! Opas saatavilla suomeksi! Nimimerkki Ad-Awaren opas -> Asenna MVPS Hosts tiedosto -> MVPS Hosts Estää koneesi yhteyden haitallisiin sivustoihin. Opas saatavilla suomeksi! Nimimerkki Axelin opas -> Vaihda selaimesi Firefoxiin -> Firefox Firefox on nopeampi, turvallisempi ja parempi selain kuin Internet Explorer. -> Pidä järjestelmäsi ajantasalla. -> Windows Update Vieraile Windows Updatessa säännöllisesti. -> Pidä palomuuri ja virustorjunta ajantasalla Päivitä ja skannaa koneesi säännöllisesti virustorjuntaohjelmallasi. ja hyvä myös escan http://koti.mbnet.fi/pattaya1/escanmwav.htm ->Pidä ohjelmistosi ajantasalla. -> Secunia Software Inspector Secunia Software Inspector tutkii sinun järjestälmäsi ja ohjelmistosi puuttuvien turvallisuuspäivityksien osalta. Tavallinen tutkinta kestää normaalisti 5-40 sekuntia, kun läpikotainen (thorough system inspection) voi kestää useita minuutteja. ->Seuraa säännöllisesti viestintäviraston tietoja uusista haavoittuvuuksista -> CERT-FI Jos tulevaisuudessa tulee haittaohjelmien kanssa ongelmia, älä epäröi laittaa Hijackthis-logia tarkistettavaksi!
