HjT-logi. Kone toimii hyvin, mutta ei enää uskalla käydä pankin sivuilla.

Alapalkkiin tulee aina vähänväliä keltainen kolmio ja käskee lataamaan uuden virustorjunta-ohjelman, AntivirusGoldenin. Tämä varmaankin joku Spyware? Voisiko joku auttaa?


Logfile of HijackThis v1.99.1
Scan saved at 14:55:12, on 11.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Video Access ActiveX Object\pmsnrr.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\DAEMON Tools SearchBar\Search.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\honestech One Touch DVD\Receiver.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgw.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Arvo ja Piret\Työpöytä\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {A6ACAE64-F798-4930-AD86-BD3FB32038DB} - C:\Program Files\Video Access ActiveX Object\isadd.dll (file missing)
O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\DAEMON Tools SearchBar\search.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Protection Bar - {84938242-5C5B-4A55-B6B9-A1507543B418} - C:\Program Files\Video Access ActiveX Object\iesplugin.dll (file missing)
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: honestech One Touch DVD Receiver.lnk = C:\Program Files\honestech One Touch DVD\Receiver.exe
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

 

Moi!
Poista lisää/poista sovelluksen kautta DAEMON Tools SearchBar(tai WhenUSearch/tai Search)

Siirrä hijackthis.exe omaan kansioon C:\HJT\HijackThis.exe

.
Tee uusi hjt-scannaus Do a System scan only
Sulje kaikki muut ikkunat ja selaimen.Merkkaa nämä rivit ja paina Fix checked

O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\


[*]Käynnistä tietokone
[*]Kun kuulet koneen piippaavan, paina F8, kuitenkin ennen Windowsin logon esiintuloa
[*]Seuraavaksi pitäisi ilmestyä valikko
[*]Valitse valikosta vikasietotila.


Poista kansio C:\Program Files\DAEMON Tools SearchBar


Lataa SmitfraudFix (by S!Ri) työpöydällesi.

Tuplaklikkaa tiedostoa SmitfraudFix.exe

Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

**Jos työkalu ei käynnisty työpöydältä niin siirrä SmitfraudFix.exe suoraan järjestelmäaseman juureen (yleensä C:). Kokeile sitten käynnistää ohjelma uudestaan sieltä.

Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.
http://www.beyondlogic.org/consulting/processutil/processutil.htm


Lähetä uusi hjt-loki ja smitfraudloki

 

Moi!
Kiitosta vaan, mutta pikkunen ongelma(?) tuli vastaan.
Tein kaiken aivan kutn sanoit tähän kohtaan asti:
Tee uusi HjT-scannaus Do a System scan only .

Näitä rivejä ei näkynyt:
O4 - HKLM\..\Run: [WhenUSearch] "C:\Program Files\DAEMON Tools SearchBar\Search.exe"
O4 - HKLM\..\Run: [WhenUSearchWHSE] "C:\Program Files\DAEMON Tools SearchBar\whse.exe"

Se kolmas näkyi kylläkin. En ruvennut mitään sähläämään ennen kuin tarkistan.


PS. Lataanko tuon SmitfraudFix (by S!Ri):n vikasietotilassa ollessani?

 

lataa ihan normitilas ja scannaa normitilas

 

Nonii tässä uudet logit:

 

ja sitten...


Lataa molemmat ohjelmat koneelle asenna ja päivitä avg:n ohjeitten mukaisesti ennen kuin menet vikasietotilaan,vikasietotilassa scannaa ensin Smitfraufixil(optio2)
ja sen jälkeen vasta AVG a-s:llä

Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta


Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi.

Kun vikasietotilassa, tuplaklikkaa tiedostoa SmitfraudFix.exe
Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

Varoitus : Ajamalla optio 2:n EI-tarttuneessa tietokoneessa, poistaa sinun työpöytäsi taustakuvan.


ja sitten..

Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.
[*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
[*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
[*]Käynnistä AVG Anti-Spyware.
[*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
[*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

[*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
[*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
[*]Sitten "Reports" valikon alta:
[*]Laita täppi kohtaan "Automatically generate report after every scan"
[*]Ota täppi pois kohdasta"Only if threats were found

[*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
[*]"Resident shield is", muuta tila active:sta inactive:ksi
[*]Sulje ohjelma, ÄLÄ skannaa vielä.
Käynnistä koneesi vikasietotilaan, Ohje!



HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
[*]Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
[*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
[*]AVG aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
[*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
[*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

[*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
[*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
[*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.

ja kun scannaukset on tehty niin päivitä java

• Javan päivitys ja välimuistin tyhjennys:
  
  1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
  2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
  Niissä pitäisi olla seuraava kuva vieressä:
  3. Valitse kaikki entiset Java versiosi ja valitse Poista.
  4. Asenna uusin Java päivitys seuraavasta linkistä..
  5. Käynnistä kone uudelleen asennuksen jälkeen:
  
  http://java.sun.com/javase/downloads/index.jsp
  
  Rullaa alas kohteeseen Java Runtime Environment (JRE) 6
  
  Paina Download
  
  Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.
  
  6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
  
  7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.
  
  (Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
  Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).
  
  8. Varmista että kaikki kaksi valintaa ovat rastitettuja:
  
  • [*]Applications and Applets
    
    [*]Trace and Log Files
  
  
  Ja paina OK -nappia
  
  9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
  Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.
  
  10. Klikkaa OK jättääksesi Java asetusikkunasi.

Lähetä Smitfraud-loki + AVG-loki ja uusi Hjt-loki

 

huom editti ohjeissa.

 

AVG-n logi:



---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 20:07:15 12.3.2007

+ Scan result:



C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Customer Support.lnk -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\Uninstall Instructions.lnk -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\ACM.dll -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\Save.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\SaveUninst.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\ffext.mod -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Program Files\Save\save.htm -> Adware.SaveNow : Cleaned with backup (quarantined).
C:\Documents and Settings\Arvo ja Piret\Local Settings\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\Cache\A23E4567d01 -> Not-A-Virus.Downloader.Win32.WinFixer.o : Cleaned with backup (quarantined).
:mozilla.58:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.64:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.2o7 : Cleaned.
:mozilla.110:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.111:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.160:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.161:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.33:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.34:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.35:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.36:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.37:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
:mozilla.38:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adbrite : Cleaned.
C:\Documents and Settings\Juss\Cookies\juss@adbrite[2].txt -> TrackingCookie.Adbrite : Cleaned.
:mozilla.302:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.303:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adjuggler : Cleaned.
:mozilla.190:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Adocean : Cleaned.
:mozilla.87:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Adocean : Cleaned.
:mozilla.24:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Adtech : Cleaned.
:mozilla.25:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Adtech : Cleaned.
:mozilla.33:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.34:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.55:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.56:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.126:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Advertising : Cleaned.
:mozilla.127:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Advertising : Cleaned.
:mozilla.154:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.155:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.156:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.127:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.14:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.153:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.33:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.83:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.86:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Atdmt : Cleaned.
:mozilla.104:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Burstnet : Cleaned.
:mozilla.106:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
:mozilla.107:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.108:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.109:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.110:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.112:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.113:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.114:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.115:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.116:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.117:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.118:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.161:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.162:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.163:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.287:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.288:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.33:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.34:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.35:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.36:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.37:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.272:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Clickzs : Cleaned.
:mozilla.273:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Clickzs : Cleaned.
:mozilla.250:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Com : Cleaned.
:mozilla.118:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.18:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.23:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.51:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.10:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.11:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.12:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.13:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.9:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Euroclick : Cleaned.
:mozilla.15:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.16:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.56:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.57:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.58:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.59:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.60:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Fastclick : Cleaned.
:mozilla.72:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.73:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.74:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.75:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.76:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.115:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.116:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
:mozilla.259:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.260:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.262:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.269:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.270:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.271:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.272:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.283:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.284:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.56:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.57:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.58:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.68:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.69:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.70:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Hitbox : Cleaned.
:mozilla.71:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Masterstats : Cleaned.
:mozilla.85:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.92:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.152:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Overture : Cleaned.
:mozilla.15:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.186:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.7:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Overture : Cleaned.
:mozilla.221:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Paycounter : Cleaned.
:mozilla.266:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Paypopup : Cleaned.
:mozilla.120:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.121:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.122:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.137:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.138:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.46:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.47:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.48:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.49:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.50:C:\Documents and Settings\Arvo ja Piret\Application Data\Mozilla\Firefox\Profiles\heoxbcbl.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.79:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.80:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.81:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.82:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.83:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.105:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.106:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.107:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.108:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.109:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.110:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.275:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.276:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.277:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.278:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.279:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.280:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.122:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Sextracker : Cleaned.
:mozilla.123:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Sextracker : Cleaned.
:mozilla.10:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.11:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.12:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.9:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.304:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tacoda : Cleaned.
:mozilla.17:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.17:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.18:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.18:C:\FOUND.004\FILE0007.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.26:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.26:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.27:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.27:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.42:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.43:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Juss\Cookies\juss@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.111:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.67:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.71:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.83:C:\FOUND.029\FILE0001.CHK -> TrackingCookie.Tribalfusion : Cleaned.
:mozilla.114:C:\FOUND.018\FILE0003.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.51:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.52:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.53:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.54:C:\FOUND.032\FILE0009.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.62:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.63:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.64:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.65:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.66:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.67:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.93:C:\FOUND.007\FILE0001.CHK -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.30:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.31:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.32:C:\FOUND.011\FILE0001.CHK -> TrackingCookie.Zedo : Cleaned.
:mozilla.95:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.96:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.97:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.98:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.99:C:\Documents and Settings\Juss\Application Data\Mozilla\Firefox\Profiles\45cy5g63.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.


::Report end

 

Tosta linkistä tuli vissiin vähän uudempi versio tai jotain, kun mulla ei mitään liukusäädintä oo tossa General Settingsissä.
EDIT: Joo se oli vähän eri paikassa

Tässä HjT:
Logfile of HijackThis v1.99.1
Scan saved at 21:04:37, on 12.3.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Acer\eManager\anbmServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Launch Manager\LaunchAp.exe
C:\Program Files\Launch Manager\PowerKey.exe
C:\Program Files\Launch Manager\HotkeyApp.exe
C:\Program Files\Launch Manager\CtrlVol.exe
C:\Program Files\Launch Manager\OSDCtrl.exe
C:\Program Files\Launch Manager\Wbutton.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Arcade\PCMService.exe
C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe
C:\Program Files\honestech One Touch DVD\Receiver.exe
C:\Program Files\acer\eRecovery\Monitor.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis_v1.99.1.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://global.acer.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [preload] C:\Windows\RUNXMLPL.exe
O4 - HKLM\..\Run: [LaunchAp] C:\Program Files\Launch Manager\LaunchAp.exe
O4 - HKLM\..\Run: [PowerKey] "C:\Program Files\Launch Manager\PowerKey.exe"
O4 - HKLM\..\Run: [LManager] C:\Program Files\Launch Manager\HotkeyApp.exe
O4 - HKLM\..\Run: [CtrlVol] C:\Program Files\Launch Manager\CtrlVol.exe
O4 - HKLM\..\Run: [LMgrOSD] C:\Program Files\Launch Manager\OSDCtrl.exe
O4 - HKLM\..\Run: [Wbutton] "C:\Program Files\Launch Manager\Wbutton.exe"
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Arcade\PCMService.exe"
O4 - HKLM\..\Run: [eRecoveryService] C:\Windows\System32\Check.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVGFRE~1\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PowerBar] "C:\Program Files\CyberLink DVD Solution\Multimedia Launcher\PowerBar.exe" /AtBootTime
O4 - Global Startup: honestech One Touch DVD Receiver.lnk = C:\Program Files\honestech One Touch DVD\Receiver.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Ladbrokes Poker - {C2A80015-C447-4dc4-82DD-AED83D6ED57E} - C:\Program Files\ladbrokesMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {D8089245-3211-40F6-819B-9E5E92CD61A2} (FlashXControl Object) - https://register3.valueactive.com/mpp_236/webolr/OCX/FlashAX.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: Notebook Manager Service (anbmService) - OSA Technologies Inc. - C:\Acer\eManager\anbmServ.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVGFRE~1\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZONELABS\vsmon.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe













Ja Smitfraud:
SmitFraudFix v2.148

Scan done at 21:03:22,85, ma 12.03.2007
Run from C:\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is FAT32
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Arvo ja Piret\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ARVOJA~1\SUOSIKIT


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» pe386-msguard-lzx32-huy32


»»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

 

Moi!
Loki alkaa näyttää hyvältä

Poista seuraavat kansiot:

C:\Documents and Settings\Juss\Käynnistä-valikko\Ohjelmat\WhenU
C:\Program Files\Save

Ja sitten aja Smitfraudfixi optio 2 uudestaan vikasietotilassa!!! ja lähetä loki