Kaverin Hjt-loki

NorttiBoy · Apr 11, 2006

Kone tuntuu välillä hitaalta ja suoritinkäyttö nousee usein 100 %
Tässä loki:

Logfile of HijackThis v1.99.1
Scan saved at 17:06:47, on 11.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\program files\steam\steam.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webalta.com/?p1=1&p2=1&p3=d2c4419e3b21f92db987067d0df0d89c6ef95700
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm356YYFI
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - (no file)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

tapiiri · Apr 11, 2006

Päivitä Ewido, älä scannaa vielä.

Käynnistä kone vikasietotilaan ja scannaa siellä complete system scan. Tallenna raportti ja lähetä se tänne vastauksena.

NorttiBoy · Apr 12, 2006

Tässähän tää:

---------------------------------------------------------
ewido anti-malware - Scan report
---------------------------------------------------------

+ Created on: 23:18:09, 11.4.2006
+ Report-Checksum: 78380420

+ Scan result:

:mozilla.11:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.12:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.13:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.14:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.15:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Bfast : Cleaned without backup
:mozilla.67:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.68:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.69:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.70:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.71:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.72:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.73:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.74:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.76:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.77:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.78:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.79:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned without backup
:mozilla.80:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.81:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.82:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.84:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.85:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adjuggler : Cleaned without backup
:mozilla.86:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adjuggler : Cleaned without backup
:mozilla.87:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.88:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.93:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.120:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.121:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.143:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned without backup
:mozilla.149:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.150:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.159:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.160:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.161:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.177:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.178:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.179:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.180:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.181:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.182:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.221:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Masterstats : Cleaned without backup
:mozilla.234:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.251:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\n827kwgv.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned without backup
:mozilla.90:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.91:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned without backup
:mozilla.92:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Atdmt : Cleaned without backup
:mozilla.94:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Doubleclick : Cleaned without backup
:mozilla.103:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.104:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.105:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.106:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.107:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned without backup
:mozilla.110:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.112:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.113:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.114:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.115:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.116:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Zedo : Cleaned without backup
:mozilla.117:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.118:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Statcounter : Cleaned without backup
:mozilla.119:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.120:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.121:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.122:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.123:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Casalemedia : Cleaned without backup
:mozilla.124:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.125:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Fastclick : Cleaned without backup
:mozilla.131:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Overture : Cleaned without backup
:mozilla.133:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Overture : Cleaned without backup
:mozilla.134:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Googleadservices : Cleaned without backup
:mozilla.139:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.140:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Adtech : Cleaned without backup
:mozilla.146:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Pointroll : Cleaned without backup
:mozilla.147:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Pointroll : Cleaned without backup
:mozilla.148:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Pointroll : Cleaned without backup
:mozilla.149:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Pointroll : Cleaned without backup
:mozilla.186:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Revenue : Cleaned without backup
:mozilla.196:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned without backup
:mozilla.207:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Adjuggler : Cleaned without backup
:mozilla.208:C:\Documents and Settings\Mauri\Application Data\Mozilla\Firefox\Profiles\vpecd5yx.muumi\cookies.txt -> TrackingCookie.Adjuggler : Cleaned without backup

::Report End

Pelkkää keksiä ja sit vielä hjt:

Logfile of HijackThis v1.99.1
Scan saved at 17:20:05, on 12.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\program files\steam\steam.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Winamp\winamp.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webalta.com/?p1=1&p2=1&p3=d2c4419e3b21f92db987067d0df0d89c6ef95700
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm356YYFI
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - (no file)
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - (no file)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

blade81 · Apr 12, 2006

Käynnistä hjt, klikkaa do a system scan only, merkkaa:
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZRxdm356YYFI

Sulje muut ikkunat ja klikkaa fix checked.

Päivitä koneen Java. Tässä ohjetta:

Javan päivitys ja välimuistin tyhjennys

1. Klikkaa Käynnistä > Ohjauspaneeli ja tupla-klikkaa Java kuvaketta (kahvikuppi) Ohjauspaneelissa.
2. Mene "Update" -välilehteen Java asetusikkunassasi. Päivitä Javasi klikkaamalla "Update Now" ja sitten käynnistä uudelleen.
3. Jos et pysty päivittämään automaattisesti, hae manuaalisesti täältä:

http://www.java.com/en/download/manual.jsp

4. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja siitä Java asetuksiisi.
5. Temporary Internet Files -osion alla, klikkaa Delete Files nappia.
6. Varmista että kaikki kolme valintaa ovat rastitettuja:

Downloaded Applets
Downloaded Applications
Other Files

7. Klikkaa OK "Delete Temporary Internet Files" -ikkunassasi.
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.
8. Klikkaa OK jättääksesi Java asetusikkunasi.

-kemisti- · Apr 12, 2006

Nuokin joutaa fixiin:

O16 - DPF: {00000000-0000-0000-0000-000020040000} - http://207.234.185.217/ABoxInst_int12.exe
O18 - Protocol: bt2 - {1730B77B-F429-498F-9B15-4514D83C8294} - (no file)
O18 - Filter: application/x-bt2 - {6E1DDCE8-76BC-4390-9488-806E8FB1AD77} - (no file)

Ja tämä myös, jos se ei ole itse asetettu:

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webalta.com/?p1=1&p2=1&p3=d2c4419e3b21f92db987067d0df0...[/b]

NorttiBoy · Apr 12, 2006

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.webalta.com/?p1=1&p2=1&p3=d2c4419e3b21f92db987067d0df0...

Ei kyl oo ite asetettu!

blade81 · Apr 12, 2006

Sit ei muuta kuin fixiin.

NorttiBoy · Apr 14, 2006

Tässä vielä loki:

Logfile of HijackThis v1.99.1
Scan saved at 15:05:48, on 14.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\D-Tools\daemon.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\program files\steam\steam.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

Onkos nyt puhdas?

-kemisti- · Apr 14, 2006

Java vielä päivitykseen kuten blade81 jo sanoi.

NorttiBoy · Apr 14, 2006

Se ei jostain syystä vaan päivity ei manuaalisesti, eikä automaattisesti. Mitäs sitten pitäis tehdä. Poistaa java ja asentaa uusiks?

-kemisti- · Apr 14, 2006

Juu se on hyvä vaihtoehto se

NorttiBoy · Apr 18, 2006

Nonni onko ny hyvä:

Logfile of HijackThis v1.99.1
Scan saved at 21:27:05, on 18.4.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\ewido anti-malware\ewidoctrl.exe
C:\Program Files\ewido anti-malware\ewidoguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\MessengerPlus! 3\MsgPlus.exe
C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HJT\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.dial.inet.fi:800
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -onlytray
O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
O16 - DPF: {F04A8AE2-A59D-11D2-8792-00C04F8EF29D} (Hotmail Attachments Control) - http://by21fd.bay21.hotmail.msn.com/activex/HMAtchmt.ocx
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 - Service: AntiVir Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Service (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

blade81 · Apr 18, 2006

Nyt on homma jees.

Log in or Sign up

Kaverin Hjt-loki

NorttiBoy Active member

tapiiri Regular member

NorttiBoy Active member

blade81 Active member

-kemisti- Active member

NorttiBoy Active member

blade81 Active member

NorttiBoy Active member

-kemisti- Active member

NorttiBoy Active member

-kemisti- Active member

NorttiBoy Active member

blade81 Active member

Share This Page

Log in or Sign up

Kaverin Hjt-loki

NorttiBoy Active member

tapiiri Regular member

NorttiBoy Active member

blade81 Active member

-kemisti- Active member

NorttiBoy Active member

blade81 Active member

NorttiBoy Active member

-kemisti- Active member

NorttiBoy Active member

-kemisti- Active member

NorttiBoy Active member

blade81 Active member

Share This Page

Useful Searches