hjt loki

Discussion in 'Virukset ja haittaohjelmat' started by typ0, Jul 15, 2006.

Thread Status:
Not open for further replies.
  1. typ0

    typ0 Regular member

    Joined:
    Mar 29, 2006
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    26
    Niin serkkujen kone on "hieman" sekaisin niin päätin laittaa heidän koneen hjt lokin tänne tutkittavaksi:

    ========

    Logfile of HijackThis v1.99.1
    Scan saved at 16:53:28, on 15.7.2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\LEXBCES.EXE
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\LEXPPS.EXE
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINNT\YW5qYQ\command.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    C:\Program Files\Network Monitor\netmon.exe
    C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\WINNT\system32\regsvc.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\slserv.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\rundll32.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\MessengerPlus! 3\MsgPlus.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\windows\defender.exe
    C:\WINNT\system32\598e4fa4.exe
    C:\WINNT\system32\0mcamcap.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\PROGRA~1\COMMON~1\woif\woifm.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\PROGRA~1\COMMON~1\woif\woifa.exe
    C:\WINNT\sllights.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\Red alert\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.odikjxojiqumdnoqtbu.com/...fI66m/EvhDUrCORsfI4NSy/OCUcpLYPQPjhq1_Vs.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sonera.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
    O4 - HKLM\..\Run: [webHancer Survey Companion] C:\Program Files\webHancer\Programs\whsurvey.exe
    O4 - HKLM\..\Run: [defender] C:\windows\defender.exe
    O4 - HKLM\..\Run: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\Run: [598e4fa4.exe] C:\WINNT\system32\598e4fa4.exe
    O4 - HKLM\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\Run: [Jump readme live win] C:\Documents and Settings\All Users\Application Data\FunkBibJumpReadme\site mix.exe
    O4 - HKLM\..\RunServices: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\RunServices: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
    O4 - HKCU\..\Run: [Acid Vc] C:\DOCUME~1\JRJEST~1\APPLIC~1\MIXBOR~1\01 curb owns.exe
    O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /scan
    O4 - HKCU\..\Run: [kinder magicsport friends - linjatuomari] "c:\program files\linjatuomari screenmate\kinder magicsport friends - linjatuomari.exe"
    O4 - HKCU\..\Run: [woif] C:\PROGRA~1\COMMON~1\woif\woifm.exe
    O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
    O4 - HKCU\..\Run: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [598e4fa4.exe] C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\598e4fa4.exe
    O4 - HKCU\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zango/ie/bridge-c17.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F04D012F-2E39-420F-8781-5CDE3F8569E4}: NameServer = 192.168.252.17 192.168.252.16
    O20 - Winlogon Notify: ShellScrap - C:\WINNT\system32\lvp6097se.dll
    O21 - SSODL: ntdll.dll - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINNT\system32\kiaehneb.dll
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\YW5qYQ\command.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe

    ========
     
    typ0, Jul 15, 2006
    #1
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Ihan vaan vähän sekaisin, joo ;)

    Poista ohjauspaneelista:

    Webhancer tms.
    Messenger Plus! 3
    Error Safe

    Lataa http://www.atribune.org/ccount/click.php?id=7
    Look2Me-Destroyer.exe työpöydällesi.

    TÄRKEÄÄ: Ennen fixin jatkamista, sinun täytyy tehdä seuraavat:

    * Tulosta tämä, tai tallenna tekstitiedostona sopivaan sijaintiin.
    * Klikkaa käynnistä -> Suorita ja kirjoita: services.msc
    * Klikkaa OK.
    * Tarkista että tämä palvelu on käynnissä tai sen käynnistymistapa on automaattinen:
    * Toissijainen kirjautuminen
    * Seuraavaksi tietokoneesi on oltava offlinessa, vedä nettipiuha seinästä jos tarpeen.
    * Virustorjuntasi, ja kaikkien muiden turvaohjelmistojen TÄYTYY olla suljettuja.
    [*]Sulje kaikki ikkunat ennen jatkamista.
    [*]Tuplaklikkaa Look2Me-Destroyer.exe ajaaksesi ohjelman.
    [*]Rastita Run this program as a task.
    [*]Saat viestin joka sanoo; "Look2Me-Destroyer will close and re-open in approximately 10 seconds". Klikkaa OK
    [*]Kun Look2Me-Destroyer uudelleen avautuu, klikkaa Scan for L2M-valintaa, työpöytäsi pikakuvakkeet katoavat hetkeksi, tämä on normaalia.
    [*]Kun skannaus on valmis, klikkaa Remove L2M-valintaa.
    [*]Saat Done Scanning viestin, klikkaa OK.
    [*]Kun valmis, saat tämän viestin: Done removing infected files! Look2Me-Destroyer will now shutdown your computer, klikkaa OK.
    [*]Tietokoneesi sammuttaa itsensä.
    [*]Käynnistä koneesi uudelleen.

    Jos palomuurisi varoittaa nettiyhteyksistä tähän ohjelmaan - salli ne.

    Jos saat runtime error '339', lataa MSWINSCK.OCX seuraavasta linkistä ja sijoita se C:\Windows\System32 kansioosi.

    http://www.ascentive.com/support/new/images/lib/MSWINSCK.OCX

    Koeta uudelleen.

    Lataa tuosta http://www.merijn.org/files/bfu.zip Brute Force Uninstaller työpöydällesi.
    [*]Oikea-klikkaa BFU zippiä työpöydälläsi, ja valitse Pura kaikki.
    [*]Klikkaa "Seuraava"
    [*]Boksissa missä valita mihin haluat tiedostot purkaa,
    [*]Klikkaa "Selaa"
    [*]Klikkaa + merkkiä oman tietokoneen vieressä
    [*]Klikkaa "Paikallinen Levy (C:)" tai mikä sinun tärkein levysi onkin
    [*]Klikkaa "Tee uusi kansio"
    [*]Kirjoita BFU
    [*]Klikkaa "Seuraava", ja ÄLÄ rastita boksia "Näytä puretut tiedostot" ja klikkaa "Valmis".
    OIKEA-KLIKKAA TÄSTÄ -> http://metallica.geekstogo.com/alcanshorty.bfu Alcra PLUS Poistajan.
    Tallenna se samaan kansioon jonka teit aiemmin (c:\BFU).

    Älä tee mitään tällä vielä!

    Käynnistä koneesi vikasietotilaan naputtamalla F8 näppäintä käynnistyksen yhteydessä.

    Klikkaa Käynnistä > Oma tietokone ja navigoi C:\BFU kansioon.
    [*] Käynnistä Brute Force Uninstaller tupla-klikkaamalla BFU.exe
    [*] Scriptline to execute kentässä kirjoita tai liitä c:\bfu\alcanshorty.bfu
    [*] Klikkaa Execute ja anna sen tehdä työnsä. (Sinun pitäisi nähdä edistyspalkki jos teit tämän oikein.)
    [*]Odota Complete script execution boksia ja klikkaa OK.
    [*]Klikkaa exit lopettaaksesi Brute Force Uninstallerin.

    Postita C:\Look2Me-Destroyer.txt tiedoston sisältö uuden HijackThis login kera postiisi.

    Jatketaan sitten eteenpäin :)
     
    Last edited: Jul 15, 2006
    -kemisti-, Jul 15, 2006
    #2
  3. typ0

    typ0 Regular member

    Joined:
    Mar 29, 2006
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    26
    En oo varma menikö hommat ihan ohjeiden mukaan mutta täs ois ny uutta lokia:

    ========

    Logfile of HijackThis v1.99.1
    Scan saved at 18:13:23, on 15.7.2006
    Platform: Windows 2000 SP4 (WinNT 5.00.2195)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINNT\System32\smss.exe
    C:\WINNT\system32\csrss.exe
    C:\WINNT\system32\winlogon.exe
    C:\WINNT\system32\services.exe
    C:\WINNT\system32\lsass.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\system32\LEXBCES.EXE
    C:\WINNT\system32\spoolsv.exe
    C:\WINNT\system32\LEXPPS.EXE
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINNT\YW5qYQ\command.exe
    C:\WINNT\system32\svchost.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    C:\Program Files\Network Monitor\netmon.exe
    C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
    C:\WINNT\system32\regsvc.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\WINNT\system32\MSTask.exe
    C:\WINNT\system32\slserv.exe
    C:\WINNT\system32\stisvc.exe
    C:\WINNT\System32\WBEM\WinMgmt.exe
    C:\WINNT\system32\svchost.exe
    C:\WINNT\Explorer.EXE
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe
    C:\windows\defender.exe
    C:\WINNT\system32\598e4fa4.exe
    C:\WINNT\system32\0mcamcap.exe
    C:\Program Files\Lexmark X1100 Series\lxbkbmon.exe
    C:\PROGRA~1\COMMON~1\woif\woifm.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    c:\progra~1\intern~1\iexplore.exe
    C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
    C:\PROGRA~1\COMMON~1\woif\woifa.exe
    C:\WINNT\sllights.exe
    C:\PROGRA~1\COMMON~1\woif\woifl.exe
    C:\Documents and Settings\Järjestelmänvalvoja\Työpöytä\Red alert\hijackthis\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.odikjxojiqumdnoqtbu.com/...fI66m/EvhDUrCORsfI4NSy/OCUcpLYPQPjhq1_Vs.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.sonera.fi/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Sonera Internet
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;*.*.fi;*.*.*.fi;<local>
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINNT\system32\msdxm.ocx
    O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [Lexmark X1100 Series] "C:\Program Files\Lexmark X1100 Series\lxbkbmgr.exe"
    O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
    O4 - HKLM\..\Run: [defender] C:\windows\defender.exe
    O4 - HKLM\..\Run: [598e4fa4.exe] C:\WINNT\system32\598e4fa4.exe
    O4 - HKLM\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\Run: [Jump readme live win] C:\Documents and Settings\All Users\Application Data\FunkBibJumpReadme\site mix.exe
    O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunServices: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\RunServices: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [Acid Vc] C:\DOCUME~1\JRJEST~1\APPLIC~1\MIXBOR~1\01 curb owns.exe
    O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /scan
    O4 - HKCU\..\Run: [woif] C:\PROGRA~1\COMMON~1\woif\woifm.exe
    O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
    O4 - HKCU\..\Run: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [598e4fa4.exe] C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\598e4fa4.exe
    O4 - HKCU\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zango/ie/bridge-c17.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{F04D012F-2E39-420F-8781-5CDE3F8569E4}: NameServer = 192.168.252.17 192.168.252.16
    O21 - SSODL: ntdll.dll - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINNT\system32\kiaehneb.dll
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\YW5qYQ\command.exe
    O23 - Service: Loogisen levyn hallinnan valvontapalvelu (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINNT\system32\LEXBCES.EXE
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe
    O23 - Service: PPPoE Service (PPPoEService) - Unknown owner - C:\PROGRA~1\EFFICI~1\ENTERN~1\app\pppoeservice.exe
    O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe

    ========

    Look2Me-Destroyer V1.0.12

    Scanning for infected files.....
    Scan started at 15.7.2006 17:38:07

    Infected! C:\WINNT\system32\lvp6097se.dll
    Infected! C:\WINNT\system32\aaa8la7u1d.dll
    Infected! C:\WINNT\system32\aftapi.dll
    Infected! C:\WINNT\system32\ajptif.dll
    Infected! C:\WINNT\system32\auctres.dll
    Infected! C:\WINNT\system32\auicap.dll
    Infected! C:\WINNT\system32\aytiveds.dll
    Infected! C:\WINNT\system32\az14lafq1d2e.dll
    Infected! C:\WINNT\system32\aza0le7m1h.dll
    Infected! C:\WINNT\system32\aza4037qe.dll
    Infected! C:\WINNT\system32\aza4lafq1d2e.dll
    Infected! C:\WINNT\system32\aza609hse.dll
    Infected! C:\WINNT\system32\aza6l51s1.dll
    Infected! C:\WINNT\system32\aza6la3s1d.dll
    Infected! C:\WINNT\system32\aza8la1u1d.dll
    Infected! C:\WINNT\system32\aza8la7u1d.dll
    Infected! C:\WINNT\system32\azaml9511.dll
    Infected! C:\WINNT\system32\azaqlaj51do.dll
    Infected! C:\WINNT\system32\azas0977e.dll
    Infected! C:\WINNT\system32\azasl5l71.dll
    Infected! C:\WINNT\system32\cempobj.dll
    Infected! C:\WINNT\system32\cynfmsp.dll
    Infected! C:\WINNT\system32\d6j02g1mg6.dll
    Infected! C:\WINNT\system32\dctmsft3.dll
    Infected! C:\WINNT\system32\dFd9.dll
    Infected! C:\WINNT\system32\dGdim.dll
    Infected! C:\WINNT\system32\dHd9.dll
    Infected! C:\WINNT\system32\dJtaclen.dll
    Infected! C:\WINNT\system32\dPdramp.dll
    Infected! C:\WINNT\system32\dPdx9_26.dll
    Infected! C:\WINNT\system32\dptmsft3.dll
    Infected! C:\WINNT\system32\drsbase.dll
    Infected! C:\WINNT\system32\drvmgr.dll
    Infected! C:\WINNT\system32\dtdlgs.dll
    Infected! C:\WINNT\system32\dtdmo.dll
    Infected! C:\WINNT\system32\dtrawex.dll
    Infected! C:\WINNT\system32\dumasf.dll
    Infected! C:\WINNT\system32\dwcpcsvc.dll
    Infected! C:\WINNT\system32\dXd9.dll
    Infected! C:\WINNT\system32\dzlay.dll
    Infected! C:\WINNT\system32\e8200ifme82a0.dll
    Infected! C:\WINNT\system32\fNxcom.dll
    Infected! C:\WINNT\system32\fp0603dse.dll
    Infected! C:\WINNT\system32\fp0o03d3e.dll
    Infected! C:\WINNT\system32\fp2203foe.dll
    Infected! C:\WINNT\system32\fp4003hme.dll
    Infected! C:\WINNT\system32\fp4603hse.dll
    Infected! C:\WINNT\system32\fp4o03h3e.dll
    Infected! C:\WINNT\system32\fp6q03j5e.dll
    Infected! C:\WINNT\system32\fpj4031qe.dll
    Infected! C:\WINNT\system32\fpl2033oe.dll
    Infected! C:\WINNT\system32\fpl6033se.dll
    Infected! C:\WINNT\system32\fplm0331e.dll
    Infected! C:\WINNT\system32\fpn0035me.dll
    Infected! C:\WINNT\system32\fpnq0355e.dll
    Infected! C:\WINNT\system32\fpp0037me.dll
    Infected! C:\WINNT\system32\fpp4037qe.dll
    Infected! C:\WINNT\system32\fPxxp32.dll
    Infected! C:\WINNT\system32\fs0o03d3e.dll
    Infected! C:\WINNT\system32\fysrch.dll
    Infected! C:\WINNT\system32\g4lmle311h.dll
    Infected! C:\WINNT\system32\h4n0le5m1h.dll
    Infected! C:\WINNT\system32\h8l20i3oe8.dll
    Infected! C:\WINNT\system32\hCl20i3oe8.dll
    Infected! C:\WINNT\system32\hpsetup.dll
    Infected! C:\WINNT\system32\hxtplug.dll
    Infected! C:\WINNT\system32\i024lafq1d2e.dll
    Infected! C:\WINNT\system32\i8jq0i15e8.dll
    Infected! C:\WINNT\system32\ibwphbk.dll
    Infected! C:\WINNT\system32\iCssdo.dll
    Infected! C:\WINNT\system32\ielogmsg.dll
    Infected! C:\WINNT\system32\ihnathlp.dll
    Infected! C:\WINNT\system32\in50_qc.dll
    Infected! C:\WINNT\system32\in50_qcx.dll
    Infected! C:\WINNT\system32\ipagehlp.dll
    Infected! C:\WINNT\system32\ipssuba.dll
    Infected! C:\WINNT\system32\ir28l5fu1.dll
    Infected! C:\WINNT\system32\ir4ul5h91.dll
    Infected! C:\WINNT\system32\ir68l5ju1.dll
    Infected! C:\WINNT\system32\ir6ul5j91.dll
    Infected! C:\WINNT\system32\ir8sl5l71.dll
    Infected! C:\WINNT\system32\irj6l51s1.dll
    Infected! C:\WINNT\system32\irn6l55s1.dll
    Infected! C:\WINNT\system32\irp6l57s1.dll
    Infected! C:\WINNT\system32\irr6l59s1.dll
    Infected! C:\WINNT\system32\it50_qcx.dll
    Infected! C:\WINNT\system32\iugshl.dll
    Infected! C:\WINNT\system32\izmontr.dll
    Infected! C:\WINNT\system32\j02qlaf51d2.dll
    Infected! C:\WINNT\system32\j4n2le5o1h.dll
    Infected! C:\WINNT\system32\j4p0le7m1h.dll
    Infected! C:\WINNT\system32\k4260efseh260.dll
    Infected! C:\WINNT\system32\k8pm0i71e8.dll
    Infected! C:\WINNT\system32\kK260efseh260.dll
    Infected! C:\WINNT\system32\l02slaf71d2.dll
    Infected! C:\WINNT\system32\l04qlah51d4.dll
    Infected! C:\WINNT\system32\l0j8la1u1d.dll
    Infected! C:\WINNT\system32\l0l6la3s1d.dll
    Infected! C:\WINNT\system32\l4j80e1ueh.dll
    Infected! C:\WINNT\system32\l8n40i5qe8.dll
    Infected! C:\WINNT\system32\lak.dll
    Infected! C:\WINNT\system32\lixlmpm.dll
    Infected! C:\WINNT\system32\locmgr10.dll
    Infected! C:\WINNT\system32\lv2s09f7e.dll
    Infected! C:\WINNT\system32\lv4609hse.dll
    Infected! C:\WINNT\system32\lv4u09h9e.dll
    Infected! C:\WINNT\system32\lv6609jse.dll
    Infected! C:\WINNT\system32\lv6s09j7e.dll
    Infected! C:\WINNT\system32\lv8809lue.dll
    Infected! C:\WINNT\system32\lvj6091se.dll
    Infected! C:\WINNT\system32\lvj8091ue.dll
    Infected! C:\WINNT\system32\lvjs0917e.dll
    Infected! C:\WINNT\system32\lvl6093se.dll
    Infected! C:\WINNT\system32\lvl8093ue.dll
    Infected! C:\WINNT\system32\lvls0937e.dll
    Infected! C:\WINNT\system32\lvns0957e.dll
    Infected! C:\WINNT\system32\lvp6097se.dll
    Infected! C:\WINNT\system32\lvp8097ue.dll
    Infected! C:\WINNT\system32\lvps0977e.dll
    Infected! C:\WINNT\system32\lvr6099se.dll
    Infected! C:\WINNT\system32\m028lafu1d28.dll
    Infected! C:\WINNT\system32\m0lsla371d.dll
    Infected! C:\WINNT\system32\m4280efueh280.dll
    Infected! C:\WINNT\system32\mfxml3r.dll
    Infected! C:\WINNT\system32\mhobjs.dll
    Infected! C:\WINNT\system32\micms.dll
    Infected! C:\WINNT\system32\minsspc.dll
    Infected! C:\WINNT\system32\mkltus40.dll
    Infected! C:\WINNT\system32\ml3216.dll
    Infected! C:\WINNT\system32\moclus.dll
    Infected! C:\WINNT\system32\moiqtz32.dll
    Infected! C:\WINNT\system32\mow3prt.dll
    Infected! C:\WINNT\system32\muc40loc.dll
    Infected! C:\WINNT\system32\mv00l9dm1.dll
    Infected! C:\WINNT\system32\mv02l9do1.dll
    Infected! C:\WINNT\system32\mv22l9fo1.dll
    Infected! C:\WINNT\system32\mv42l9ho1.dll
    Infected! C:\WINNT\system32\mv80l9lm1.dll
    Infected! C:\WINNT\system32\mvj0l91m1.dll
    Infected! C:\WINNT\system32\mvjml9111.dll
    Infected! C:\WINNT\system32\mvl0l93m1.dll
    Infected! C:\WINNT\system32\mvlml9311.dll
    Infected! C:\WINNT\system32\mvn0l95m1.dll
    Infected! C:\WINNT\system32\mvnml9511.dll
    Infected! C:\WINNT\system32\mvp0l97m1.dll
    Infected! C:\WINNT\system32\mvp2l97o1.dll
    Infected! C:\WINNT\system32\mvpml9711.dll
    Infected! C:\WINNT\system32\mvr0l99m1.dll
    Infected! C:\WINNT\system32\mximg32.dll
    Infected! C:\WINNT\system32\mxsystem.dll
    Infected! C:\WINNT\system32\n02ulaf91d2.dll
    Infected! C:\WINNT\system32\n06qlaj51do.dll
    Infected! C:\WINNT\system32\n8p40i7qe8.dll
    Infected! C:\WINNT\system32\nrhtml.dll
    Infected! C:\WINNT\system32\nydsbsrv.dll
    Infected! C:\WINNT\system32\nzdsatq.dll
    Infected! C:\WINNT\system32\o0nsla571d.dll
    Infected! C:\WINNT\system32\o0rola931d.dll
    Infected! C:\WINNT\system32\o4lu0e39eh.dll
    Infected! C:\WINNT\system32\oebctrac.dll
    Infected! C:\WINNT\system32\omeaccrc.dll
    Infected! C:\WINNT\system32\opmanage.dll
    Infected! C:\WINNT\system32\oseaccrc.dll
    Infected! C:\WINNT\system32\ovecli32.dll
    Infected! C:\WINNT\system32\p06slaj71do.dll
    Infected! C:\WINNT\system32\p0p6la7s1d.dll
    Infected! C:\WINNT\system32\p0r4la9q1d.dll
    Infected! C:\WINNT\system32\pCutoenr.dll
    Infected! C:\WINNT\system32\pirfproc.dll
    Infected! C:\WINNT\system32\pnustab.dll
    Infected! C:\WINNT\system32\ppflbmsg.dll
    Infected! C:\WINNT\system32\ptrfnet.dll
    Infected! C:\WINNT\system32\qcvd.dll
    Infected! C:\WINNT\system32\r0p8la7u1d.dll
    Infected! C:\WINNT\system32\rraenh.dll
    Infected! C:\WINNT\system32\rwvpmsg.dll
    Infected! C:\WINNT\system32\rxutils.dll
    Infected! C:\WINNT\system32\samsg.dll
    Infected! C:\WINNT\system32\sfofi.dll
    Infected! C:\WINNT\system32\tcpelib.dll
    Infected! C:\WINNT\system32\tMpiperf.dll
    Infected! C:\WINNT\system32\tppelib.dll
    Infected! C:\WINNT\system32\txkwks.dll
    Infected! C:\WINNT\system32\udbui.dll
    Infected! C:\WINNT\system32\udl.dll
    Infected! C:\WINNT\system32\wchfi.dll
    Infected! C:\WINNT\system32\wdsapi32.dll
    Infected! C:\WINNT\system32\wvpasf.dll
    Infected! C:\WINNT\system32\xBctsrv.dll

    Attempting to delete infected files...

    Attempting to delete: C:\WINNT\system32\lvp6097se.dll
    C:\WINNT\system32\lvp6097se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aaa8la7u1d.dll
    C:\WINNT\system32\aaa8la7u1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aftapi.dll
    C:\WINNT\system32\aftapi.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ajptif.dll
    C:\WINNT\system32\ajptif.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\auctres.dll
    C:\WINNT\system32\auctres.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\auicap.dll
    C:\WINNT\system32\auicap.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aytiveds.dll
    C:\WINNT\system32\aytiveds.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\az14lafq1d2e.dll
    C:\WINNT\system32\az14lafq1d2e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza0le7m1h.dll
    C:\WINNT\system32\aza0le7m1h.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza4037qe.dll
    C:\WINNT\system32\aza4037qe.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza4lafq1d2e.dll
    C:\WINNT\system32\aza4lafq1d2e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza609hse.dll
    C:\WINNT\system32\aza609hse.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza6l51s1.dll
    C:\WINNT\system32\aza6l51s1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza6la3s1d.dll
    C:\WINNT\system32\aza6la3s1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza8la1u1d.dll
    C:\WINNT\system32\aza8la1u1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\aza8la7u1d.dll
    C:\WINNT\system32\aza8la7u1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\azaml9511.dll
    C:\WINNT\system32\azaml9511.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\azaqlaj51do.dll
    C:\WINNT\system32\azaqlaj51do.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\azas0977e.dll
    C:\WINNT\system32\azas0977e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\azasl5l71.dll
    C:\WINNT\system32\azasl5l71.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\cempobj.dll
    C:\WINNT\system32\cempobj.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\cynfmsp.dll
    C:\WINNT\system32\cynfmsp.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\d6j02g1mg6.dll
    C:\WINNT\system32\d6j02g1mg6.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dctmsft3.dll
    C:\WINNT\system32\dctmsft3.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dFd9.dll
    C:\WINNT\system32\dFd9.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dGdim.dll
    C:\WINNT\system32\dGdim.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dHd9.dll
    C:\WINNT\system32\dHd9.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dJtaclen.dll
    C:\WINNT\system32\dJtaclen.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dPdramp.dll
    C:\WINNT\system32\dPdramp.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dPdx9_26.dll
    C:\WINNT\system32\dPdx9_26.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dptmsft3.dll
    C:\WINNT\system32\dptmsft3.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\drsbase.dll
    C:\WINNT\system32\drsbase.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\drvmgr.dll
    C:\WINNT\system32\drvmgr.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dtdlgs.dll
    C:\WINNT\system32\dtdlgs.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dtdmo.dll
    C:\WINNT\system32\dtdmo.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dtrawex.dll
    C:\WINNT\system32\dtrawex.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dumasf.dll
    C:\WINNT\system32\dumasf.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dwcpcsvc.dll
    C:\WINNT\system32\dwcpcsvc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dXd9.dll
    C:\WINNT\system32\dXd9.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\dzlay.dll
    C:\WINNT\system32\dzlay.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\e8200ifme82a0.dll
    C:\WINNT\system32\e8200ifme82a0.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fNxcom.dll
    C:\WINNT\system32\fNxcom.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp0603dse.dll
    C:\WINNT\system32\fp0603dse.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp0o03d3e.dll
    C:\WINNT\system32\fp0o03d3e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp2203foe.dll
    C:\WINNT\system32\fp2203foe.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp4003hme.dll
    C:\WINNT\system32\fp4003hme.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp4603hse.dll
    C:\WINNT\system32\fp4603hse.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp4o03h3e.dll
    C:\WINNT\system32\fp4o03h3e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fp6q03j5e.dll
    C:\WINNT\system32\fp6q03j5e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpj4031qe.dll
    C:\WINNT\system32\fpj4031qe.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpl2033oe.dll
    C:\WINNT\system32\fpl2033oe.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpl6033se.dll
    C:\WINNT\system32\fpl6033se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fplm0331e.dll
    C:\WINNT\system32\fplm0331e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpn0035me.dll
    C:\WINNT\system32\fpn0035me.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpnq0355e.dll
    C:\WINNT\system32\fpnq0355e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpp0037me.dll
    C:\WINNT\system32\fpp0037me.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fpp4037qe.dll
    C:\WINNT\system32\fpp4037qe.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fPxxp32.dll
    C:\WINNT\system32\fPxxp32.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fs0o03d3e.dll
    C:\WINNT\system32\fs0o03d3e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\fysrch.dll
    C:\WINNT\system32\fysrch.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\g4lmle311h.dll
    C:\WINNT\system32\g4lmle311h.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\h4n0le5m1h.dll
    C:\WINNT\system32\h4n0le5m1h.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\h8l20i3oe8.dll
    C:\WINNT\system32\h8l20i3oe8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\hCl20i3oe8.dll
    C:\WINNT\system32\hCl20i3oe8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\hpsetup.dll
    C:\WINNT\system32\hpsetup.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\hxtplug.dll
    C:\WINNT\system32\hxtplug.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\i024lafq1d2e.dll
    C:\WINNT\system32\i024lafq1d2e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\i8jq0i15e8.dll
    C:\WINNT\system32\i8jq0i15e8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ibwphbk.dll
    C:\WINNT\system32\ibwphbk.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\iCssdo.dll
    C:\WINNT\system32\iCssdo.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ielogmsg.dll
    C:\WINNT\system32\ielogmsg.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ihnathlp.dll
    C:\WINNT\system32\ihnathlp.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\in50_qc.dll
    C:\WINNT\system32\in50_qc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\in50_qcx.dll
    C:\WINNT\system32\in50_qcx.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ipagehlp.dll
    C:\WINNT\system32\ipagehlp.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ipssuba.dll
    C:\WINNT\system32\ipssuba.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ir28l5fu1.dll
    C:\WINNT\system32\ir28l5fu1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ir4ul5h91.dll
    C:\WINNT\system32\ir4ul5h91.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ir68l5ju1.dll
    C:\WINNT\system32\ir68l5ju1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ir6ul5j91.dll
    C:\WINNT\system32\ir6ul5j91.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ir8sl5l71.dll
    C:\WINNT\system32\ir8sl5l71.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\irj6l51s1.dll
    C:\WINNT\system32\irj6l51s1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\irn6l55s1.dll
    C:\WINNT\system32\irn6l55s1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\irp6l57s1.dll
    C:\WINNT\system32\irp6l57s1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\irr6l59s1.dll
    C:\WINNT\system32\irr6l59s1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\it50_qcx.dll
    C:\WINNT\system32\it50_qcx.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\iugshl.dll
    C:\WINNT\system32\iugshl.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\izmontr.dll
    C:\WINNT\system32\izmontr.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\j02qlaf51d2.dll
    C:\WINNT\system32\j02qlaf51d2.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\j4n2le5o1h.dll
    C:\WINNT\system32\j4n2le5o1h.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\j4p0le7m1h.dll
    C:\WINNT\system32\j4p0le7m1h.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\k4260efseh260.dll
    C:\WINNT\system32\k4260efseh260.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\k8pm0i71e8.dll
    C:\WINNT\system32\k8pm0i71e8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\kK260efseh260.dll
    C:\WINNT\system32\kK260efseh260.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l02slaf71d2.dll
    C:\WINNT\system32\l02slaf71d2.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l04qlah51d4.dll
    C:\WINNT\system32\l04qlah51d4.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l0j8la1u1d.dll
    C:\WINNT\system32\l0j8la1u1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l0l6la3s1d.dll
    C:\WINNT\system32\l0l6la3s1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l4j80e1ueh.dll
    C:\WINNT\system32\l4j80e1ueh.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\l8n40i5qe8.dll
    C:\WINNT\system32\l8n40i5qe8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lak.dll
    C:\WINNT\system32\lak.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lixlmpm.dll
    C:\WINNT\system32\lixlmpm.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\locmgr10.dll
    C:\WINNT\system32\locmgr10.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv2s09f7e.dll
    C:\WINNT\system32\lv2s09f7e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv4609hse.dll
    C:\WINNT\system32\lv4609hse.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv4u09h9e.dll
    C:\WINNT\system32\lv4u09h9e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv6609jse.dll
    C:\WINNT\system32\lv6609jse.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv6s09j7e.dll
    C:\WINNT\system32\lv6s09j7e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lv8809lue.dll
    C:\WINNT\system32\lv8809lue.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvj6091se.dll
    C:\WINNT\system32\lvj6091se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvj8091ue.dll
    C:\WINNT\system32\lvj8091ue.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvjs0917e.dll
    C:\WINNT\system32\lvjs0917e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvl6093se.dll
    C:\WINNT\system32\lvl6093se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvl8093ue.dll
    C:\WINNT\system32\lvl8093ue.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvls0937e.dll
    C:\WINNT\system32\lvls0937e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvns0957e.dll
    C:\WINNT\system32\lvns0957e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvp6097se.dll
    C:\WINNT\system32\lvp6097se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvp8097ue.dll
    C:\WINNT\system32\lvp8097ue.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvps0977e.dll
    C:\WINNT\system32\lvps0977e.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\lvr6099se.dll
    C:\WINNT\system32\lvr6099se.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\m028lafu1d28.dll
    C:\WINNT\system32\m028lafu1d28.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\m0lsla371d.dll
    C:\WINNT\system32\m0lsla371d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\m4280efueh280.dll
    C:\WINNT\system32\m4280efueh280.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mfxml3r.dll
    C:\WINNT\system32\mfxml3r.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mhobjs.dll
    C:\WINNT\system32\mhobjs.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\micms.dll
    C:\WINNT\system32\micms.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\minsspc.dll
    C:\WINNT\system32\minsspc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mkltus40.dll
    C:\WINNT\system32\mkltus40.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ml3216.dll
    C:\WINNT\system32\ml3216.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\moclus.dll
    C:\WINNT\system32\moclus.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\moiqtz32.dll
    C:\WINNT\system32\moiqtz32.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mow3prt.dll
    C:\WINNT\system32\mow3prt.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\muc40loc.dll
    C:\WINNT\system32\muc40loc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mv00l9dm1.dll
    C:\WINNT\system32\mv00l9dm1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mv02l9do1.dll
    C:\WINNT\system32\mv02l9do1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mv22l9fo1.dll
    C:\WINNT\system32\mv22l9fo1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mv42l9ho1.dll
    C:\WINNT\system32\mv42l9ho1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mv80l9lm1.dll
    C:\WINNT\system32\mv80l9lm1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvj0l91m1.dll
    C:\WINNT\system32\mvj0l91m1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvjml9111.dll
    C:\WINNT\system32\mvjml9111.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvl0l93m1.dll
    C:\WINNT\system32\mvl0l93m1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvlml9311.dll
    C:\WINNT\system32\mvlml9311.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvn0l95m1.dll
    C:\WINNT\system32\mvn0l95m1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvnml9511.dll
    C:\WINNT\system32\mvnml9511.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvp0l97m1.dll
    C:\WINNT\system32\mvp0l97m1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvp2l97o1.dll
    C:\WINNT\system32\mvp2l97o1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvpml9711.dll
    C:\WINNT\system32\mvpml9711.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mvr0l99m1.dll
    C:\WINNT\system32\mvr0l99m1.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mximg32.dll
    C:\WINNT\system32\mximg32.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\mxsystem.dll
    C:\WINNT\system32\mxsystem.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\n02ulaf91d2.dll
    C:\WINNT\system32\n02ulaf91d2.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\n06qlaj51do.dll
    C:\WINNT\system32\n06qlaj51do.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\n8p40i7qe8.dll
    C:\WINNT\system32\n8p40i7qe8.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\nrhtml.dll
    C:\WINNT\system32\nrhtml.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\nydsbsrv.dll
    C:\WINNT\system32\nydsbsrv.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\nzdsatq.dll
    C:\WINNT\system32\nzdsatq.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\o0nsla571d.dll
    C:\WINNT\system32\o0nsla571d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\o0rola931d.dll
    C:\WINNT\system32\o0rola931d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\o4lu0e39eh.dll
    C:\WINNT\system32\o4lu0e39eh.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\oebctrac.dll
    C:\WINNT\system32\oebctrac.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\omeaccrc.dll
    C:\WINNT\system32\omeaccrc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\opmanage.dll
    C:\WINNT\system32\opmanage.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\oseaccrc.dll
    C:\WINNT\system32\oseaccrc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ovecli32.dll
    C:\WINNT\system32\ovecli32.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\p06slaj71do.dll
    C:\WINNT\system32\p06slaj71do.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\p0p6la7s1d.dll
    C:\WINNT\system32\p0p6la7s1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\p0r4la9q1d.dll
    C:\WINNT\system32\p0r4la9q1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\pCutoenr.dll
    C:\WINNT\system32\pCutoenr.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\pirfproc.dll
    C:\WINNT\system32\pirfproc.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\pnustab.dll
    C:\WINNT\system32\pnustab.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ppflbmsg.dll
    C:\WINNT\system32\ppflbmsg.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\ptrfnet.dll
    C:\WINNT\system32\ptrfnet.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\qcvd.dll
    C:\WINNT\system32\qcvd.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\r0p8la7u1d.dll
    C:\WINNT\system32\r0p8la7u1d.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\rraenh.dll
    C:\WINNT\system32\rraenh.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\rwvpmsg.dll
    C:\WINNT\system32\rwvpmsg.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\rxutils.dll
    C:\WINNT\system32\rxutils.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\samsg.dll
    C:\WINNT\system32\samsg.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\sfofi.dll
    C:\WINNT\system32\sfofi.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\tcpelib.dll
    C:\WINNT\system32\tcpelib.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\tMpiperf.dll
    C:\WINNT\system32\tMpiperf.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\tppelib.dll
    C:\WINNT\system32\tppelib.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\txkwks.dll
    C:\WINNT\system32\txkwks.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\udbui.dll
    C:\WINNT\system32\udbui.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\udl.dll
    C:\WINNT\system32\udl.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\wchfi.dll
    C:\WINNT\system32\wchfi.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\wdsapi32.dll
    C:\WINNT\system32\wdsapi32.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\wvpasf.dll
    C:\WINNT\system32\wvpasf.dll Deleted successfully!

    Attempting to delete: C:\WINNT\system32\xBctsrv.dll
    C:\WINNT\system32\xBctsrv.dll Deleted successfully!

    Making registry repairs.

    Removing: HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\ShellScrap

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{98C60425-153C-4300-A0C5-3E63B13B65AA}"
    HKCR\Clsid\{98C60425-153C-4300-A0C5-3E63B13B65AA}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{E5AC9590-DEB4-4DD0-B2BF-DF9B4A658775}"
    HKCR\Clsid\{E5AC9590-DEB4-4DD0-B2BF-DF9B4A658775}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{0AD1B8BF-52B3-4FF8-ACED-F3B511B31C0C}"
    HKCR\Clsid\{0AD1B8BF-52B3-4FF8-ACED-F3B511B31C0C}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{87542E68-F821-4F55-8875-60727074F18A}"
    HKCR\Clsid\{87542E68-F821-4F55-8875-60727074F18A}

    Removing: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{491866B7-FEC7-44D4-B02D-9A8293C42988}"
    HKCR\Clsid\{491866B7-FEC7-44D4-B02D-9A8293C42988}

    Restoring Windows certificates.

    Replaced hosts file with default windows hosts file


    Restoring SeDebugPrivilege for Järjestelmänvalvojat - Succeeded
     
    typ0, Jul 15, 2006
    #3
  4. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Meni sinne päin ainakin.

    Fixaa nämä (do a system scan only, merkkaa ja paina fix checked):


    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.odikjxojiqumdnoqtbu.com/8xPIdinjwujZk4hJJvIZ6On3fI66m/...
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
    O4 - HKLM\..\Run: [webHancer Agent] C:\Program Files\webHancer\Programs\whagent.exe
    O4 - HKLM\..\Run: [defender] C:\windows\defender.exe
    O4 - HKLM\..\Run: [598e4fa4.exe] C:\WINNT\system32\598e4fa4.exe
    O4 - HKLM\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\Run: [Jump readme live win] C:\Documents and Settings\All Users\Application Data\FunkBibJumpReadme\site mix.exe
    O4 - HKLM\..\Run: [ntdll.dll] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\RunServices: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O4 - HKLM\..\RunServices: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [Acid Vc] C:\DOCUME~1\JRJEST~1\APPLIC~1\MIXBOR~1\01 curb owns.exe
    O4 - HKCU\..\Run: [Error Safe] "C:\Program Files\Error Safe Free\ers.exe" /scan
    O4 - HKCU\..\Run: [woif] C:\PROGRA~1\COMMON~1\woif\woifm.exe
    O4 - HKCU\..\Run: [shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
    O4 - HKCU\..\Run: [ntdll.dll] C:\WINNT\system32\0mcamcap.exe
    O4 - HKCU\..\Run: [598e4fa4.exe] C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\598e4fa4.exe
    O4 - HKCU\..\Run: [0mcamcap] C:\WINNT\system32\0mcamcap.exe
    O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} - http://static.zangocash.com/cab/Zango/ie/bridge-c17.cab
    O21 - SSODL: ntdll.dll - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINNT\system32\kiaehneb.dll
    O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINNT\YW5qYQ\command.exe
    O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe

    Sitten käynnistä -> suorita
    kirjoita sc stop cmdService ja klikkaa ok
    sc delete cmdService ja klikkaa ok
    sc stop "Network Monitor" ja klikkaa ok
    sc delete "Network Monitor" ja klikkaa ok

    Käynnistä vikasietotilaan (F8 käynnistyksen yhteydessä)

    Poista, jos löytyy:

    c:\secure32.html
    C:\Program Files\webHancer
    C:\windows\defender.exe
    C:\WINNT\system32\598e4fa4.exe
    C:\WINNT\system32\0mcamcap.exe
    C:\Documents and Settings\All Users\Application Data\FunkBibJumpReadme
    C:\Program Files\Error Safe Free
    C:\DOCUME~1\JRJEST~1\APPLIC~1\MIXBOR~1
    C:\PROGRA~1\COMMON~1\woif
    C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe
    C:\Documents and Settings\Järjestelmänvalvoja\Local Settings\Application Data\598e4fa4.exe
    C:\WINNT\system32\kiaehneb.dll
    C:\WINNT\YW5qYQ
    C:\Program Files\Network Monitor

    Käynnistä uudelleen.

    Hae findlop ->
    http://metallica.geekstogo.com/findlop.zip

    Pura ja tuplaklikkaa findlop.bat
    Logi löytyy tuolta C:\findlop.txt

    Skannaa koneesi http://www.kaspersky.com/downloads/kws/kavwebscan.html[b]Kaspersky Online Skannerilla[/b]
    Sinulta kysytään sallitko ActiveX -komponentin asentamisen Kasperskyltä, klikkaa Kyllä.
    [*] Ohjelma käynnistyy ja aloittaa viimeisimpien tunnistetiedostojen lataamisen.
    [*] Kun skanneri on asennettu ja tunnistetiedot ladattu, klikkaa Next.
    [*] Klikkaa nyt asetuksia, Scan Settings
    [*] Tarkista asetuksista, että seuraavat ovat valittuina:

    o Scan using the following Anti-Virus database:

    + Extended (Jos valittavissa, muuten valitse Standard)

    o Scan Options:

    + Scan Archives
    + Scan Mail Bases

    [*] Klikkaa OK
    [*] Nyt valitse "select a target to scan" otsikon alta Oma Tietokone, My Computer
    [*] Skannaus vie aikaa, joten ole kärsivällinen. Kun skannaus on valmis saat ilmoituksen, jos koneesi on saastunut.
    [*] Klikkaa nyt Save as Text-painiketta.
    [*] Tallenna tiedosto työpöydällesi.
    [*] Kopioi ja Liitä tiedoston sisältö seuraavaan vastaukseesi.

    Lähetä:

    - uusi HjT-loki
    - kasperskyn raportti
    - C:\findlop.txt-tiedoston sisältö
     
    -kemisti-, Jul 15, 2006
    #4
  5. typ0

    typ0 Regular member

    Joined:
    Mar 29, 2006
    Messages:
    157
    Likes Received:
    0
    Trophy Points:
    26
    Juu tuli ongelma: kun kirjotan siihen suorita juttuun tuon [bold]sc stop cmdService[/bold] niin se valittaa että
    "Tiedostoa sc (tai jotakin sen osaa) ei löydy. Varmista, että polku ja tiedostonimi ovat oikein ja että kaikki tarvittavat kirjastot ovat käytettävissä."
    Mitä teen?
     
    typ0, Jul 15, 2006
    #5
  6. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Aivan tuota sc-komentoa ei ole win 2000:ssa. Ohita se kohta ainakin toistaiseksi ja jatka eteenpäin.
     
    -kemisti-, Jul 16, 2006
    #6
  7. pkaksp

    pkaksp Moderator Staff Member

    Joined:
    Jan 10, 2005
    Messages:
    12,231
    Likes Received:
    53
    Trophy Points:
    128
    pkaksp, Jul 16, 2006
    #7
Thread Status:
Not open for further replies.

Share This Page