Kone hidas Hjt-logi

josko joku viisaampi vois tarkistaa kun on ongelimia internet yhteyden kanssa katkoo yheteyttä ja muutenkin hidas kone
kiitokset jo etukäteen

 

Toi loki olis hyvä laittaa myös.

Lataa TÄSTÄ HJTInstall.exe

* Tallenna HJTInstall.exe työpöydällesi.
* Tuplaklikkaa HJTInstall.exe-kuvaketta työpöydälläsi.
* Oletuksena se asentaa itsensä hakemistoon C:\Program Files\Trend Micro\HijackThis.
* Klikkaa Install.
* Asennusohjelma luo HijackThis-kuvakkeen työpöydälle.
* Kun asennus on valmis, se käynnistää HijackThisin.
* Klikkaa Do a system scan and save a logfile-painiketta. Ohjelma aloittaa skannauksen ja lokin pitäisi avautua Muistioon.
* Klikkaa ensin "Muokkaa > Valitse kaikki" sitten "Muokkaa > Kopioi" kopioidaksesi koko lokin sisällön.
* Liitä lokin sisältö seuraavaan vastaukseesi.
* ÄLÄ käytä Analyse This-nappulaa, sen löydöt ovat vaarallisia väärinymmärrettyinä.
* ÄLÄ fixaa HijackThis-ohjelmalla vielä mitään. Suurin osa sen löydöistä ovat joko harmittomia tai jopa tarpeellisia.

 

joo taisin olla vähän jäissä ku laitoin ton login

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:06:24 PM, on 12/05/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16643)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Babylon\Babylon-Pro\Babylon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Internet Explorer\IEUser.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.babylon.com/home
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O3 - Toolbar: Babylon - {965B54B0-71E0-4611-8DE7-F73FA0B20E26} - C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON] %ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton Internet Security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Babylon Client] C:\Program Files\Babylon\Babylon-Pro\Babylon.exe -AutoStart
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Nokia.PCSync] "C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" /NoDialog (User 'Default user')
O4 - Startup: PowerReg Scheduler.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Translate with &Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Translate.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-AU/a-UNO1/GAME_UNO1.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 11517 bytes

 

scannaa hjy:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - Startup: PowerReg Scheduler.exe

============

Javan päivitys ja välimuistin tyhjennys:

1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä:

3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:

http://java.sun.com/javase/downloads/index.jsp

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u5

Paina Download

Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

*Applications and Applets

*Trace and Log Files

Ja paina OK -nappia

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.

10. Klikkaa OK jättääksesi Java asetusikkunasi.

=============

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

 

onks toi vista windows x64?

 

niin tuosta sitä ei silmään osu tota javaako päivittelet
aja vaikka toi combofix ensin

 

täs olis toi combofix logi

ComboFix 08-05-11.1 - walker 2008-05-12 22:38:36.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.1.1033.18.207 [GMT 10:00]
Running from: C:\Users\walker\Documents\My Received Files\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Users\walker\AppData\Roaming\inst.exe

.
((((((((((((((((((((((((( Files Created from 2008-04-12 to 2008-05-12 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-05-12 12:47 --------- d-----w C:\ProgramData\Babylon
2008-05-12 11:05 --------- d-----w C:\Program Files\Trend Micro
2008-05-12 00:30 --------- d-----w C:\Program Files\PokerStars
2008-05-10 14:06 --------- d-----w C:\ProgramData\Grisoft
2008-05-10 12:22 --------- d-----w C:\Program Files\CCleaner
2008-05-04 19:04 --------- d-----w C:\Program Files\Full Tilt Poker
2008-04-18 03:34 --------- d-----w C:\ProgramData\Symantec
2008-04-16 23:49 --------- d-----w C:\ProgramData\Yahoo! Companion
2008-04-16 23:48 --------- d-----w C:\Users\walker\AppData\Roaming\yahoo!
2008-04-14 12:13 --------- d-----w C:\Program Files\Full Tilt poker .org
2008-04-11 01:55 --------- d-----w C:\Program Files\Nokia
2008-04-11 01:55 --------- d-----w C:\Program Files\Common Files\PCSuite
2008-04-11 01:55 --------- d-----w C:\Program Files\Common Files\Nokia
2008-04-11 01:50 --------- d-----w C:\Program Files\PC Connectivity Solution
2008-04-11 01:40 --------- d-----w C:\ProgramData\Installations
2008-04-11 01:10 --------- d-----w C:\Program Files\Windows Mail
2008-04-10 21:55 --------- d-----w C:\ProgramData\Microsoft Help
2008-04-04 06:16 --------- d-----w C:\Users\walker\AppData\Roaming\Babylon
2008-04-04 05:26 --------- d-----w C:\Program Files\Babylon
2008-03-25 02:51 --------- d-----w C:\Users\walker\AppData\Roaming\Nokia Multimedia Player
2008-03-21 05:07 --------- d-----w C:\Users\walker\AppData\Roaming\PC Suite
2008-03-20 05:17 --------- d-----w C:\Users\walker\AppData\Roaming\Nokia
2008-03-20 05:08 --------- d-----w C:\ProgramData\PC Suite
2008-03-20 05:04 --------- d-----w C:\Program Files\DIFX
2008-02-29 06:51 19,000 ----a-w C:\Windows\System32\kd1394.dll
2008-02-29 06:39 40,960 ----a-w C:\Windows\System32\srclient.dll
2008-02-29 06:39 371,712 ----a-w C:\Windows\System32\srcore.dll
2008-02-29 06:38 313,856 ----a-w C:\Windows\System32\rstrui.exe
2008-02-29 06:38 16,384 ----a-w C:\Windows\System32\srdelayed.exe
2008-02-29 06:35 6,656 ----a-w C:\Windows\System32\kbd106n.dll
2008-02-29 06:34 7,168 ----a-w C:\Windows\System32\f3ahvoas.dll
2008-02-29 04:16 2,027,008 ----a-w C:\Windows\System32\win32k.sys
2008-02-21 04:43 826,368 ----a-w C:\Windows\System32\wininet.dll
2008-02-21 04:43 56,320 ----a-w C:\Windows\System32\iesetup.dll
2008-02-21 04:43 52,736 ----a-w C:\Windows\AppPatch\iebrshim.dll
2008-02-21 04:43 296,448 ----a-w C:\Windows\System32\gdi32.dll
2008-02-21 04:43 26,624 ----a-w C:\Windows\System32\ieUnatt.exe
2008-02-19 05:10 620,088 ----a-w C:\Windows\System32\ci.dll
2008-02-14 23:19 944,184 ----a-w C:\Windows\System32\winload.exe
2008-02-13 16:17 194,560 ----a-w C:\Windows\System32\WebClnt.dll
2008-02-13 16:12 3,504,696 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-02-13 16:12 3,470,392 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-02-13 16:10 537,600 ----a-w C:\Windows\AppPatch\AcLayers.dll
2008-02-13 16:10 449,536 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-02-13 16:10 4,247,552 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-02-13 16:10 24,064 ----a-w C:\Windows\System32\netcfg.exe
2008-02-13 16:10 22,016 ----a-w C:\Windows\System32\netiougc.exe
2008-02-13 16:10 2,560 ----a-w C:\Windows\AppPatch\AcRes.dll
2008-02-13 16:10 2,144,256 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-02-13 16:10 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-02-13 16:10 167,424 ----a-w C:\Windows\System32\tcpipcfg.dll
2008-02-13 16:10 1,686,528 ----a-w C:\Windows\System32\gameux.dll
2008-02-11 22:55 47,360 ----a-w C:\Users\walker\AppData\Roaming\pcouffin.sys
2008-01-20 23:59 174 --sha-w C:\Program Files\desktop.ini
.

------- Sigcheck -------

.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{965B54B0-71E0-4611-8DE7-F73FA0B20E26}"= "C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll" [2008-03-11 08:22 267488]

[HKEY_CLASSES_ROOT\clsid\{965b54b0-71e0-4611-8de7-f73fa0b20e26}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB.1]
[HKEY_CLASSES_ROOT\TypeLib\{162484B8-B114-453f-A344-C0B24B0F1D99}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB]

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"{965B54B0-71E0-4611-8DE7-F73FA0B20E26}"= C:\Program Files\Babylon\Babylon Toolbar\BabylonIEToolBar.dll [2008-03-11 08:22 267488]

[HKEY_CLASSES_ROOT\clsid\{965b54b0-71e0-4611-8de7-f73fa0b20e26}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB.1]
[HKEY_CLASSES_ROOT\TypeLib\{162484B8-B114-453f-A344-C0B24B0F1D99}]
[HKEY_CLASSES_ROOT\BabylonTBLib.BabylonTB]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlay]
@={F2F31467-B1AC-4df0-AE79-FD5FA085E22B}

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\UEAFOverlayOpen]
@={A3E208F7-0E3A-4182-A7A6-B169D5D691AA}

[HKEY_CLASSES_ROOT\CLSID\{F2F31467-B1AC-4df0-AE79-FD5FA085E22B}]
2006-12-03 16:03 2854912 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CLASSES_ROOT\CLSID\{A3E208F7-0E3A-4182-A7A6-B169D5D691AA}]
2006-12-03 16:03 2854912 --a------ C:\Program Files\Protector Suite QL\farchns.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe" [2008-01-20 19:25 1232896]
"TOSCDSPD"="TOSCDSPD.EXE" []
"Yahoo! Pager"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" [2007-08-30 16:43 4670704]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.exe" [2007-10-18 10:34 5724184]
"PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSuite.exe" [2008-03-28 11:20 1079296]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe" [2008-03-26 18:41 1232896]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" [2006-11-02 22:36 201728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="C:\Program Files\Windows Defender\MSASCui.exe" [2008-01-21 09:46 1006264]
"IgfxTray"="C:\Windows\system32\igfxtray.exe" [2007-03-29 15:32 138008]
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe" [2007-03-29 15:32 154392]
"Persistence"="C:\Windows\system32\igfxpers.exe" [2007-03-29 15:32 133912]
"RtHDVCpl"="RtHDVCpl.exe" [2007-03-14 17:50 4399104 C:\Windows\RtHDVCpl.exe]
"NDSTray.exe"="NDSTray.exe" []
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-02-02 15:36 835584]
"PSQLLauncher"="C:\Program Files\Protector Suite QL\launcher.exe" [2006-12-03 15:29 49168]
"TPwrMain"="C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE" [2006-12-19 22:16 411768]
"HSON"="C:\Program Files\TOSHIBA\TBS\HSON.exe" [2006-12-07 15:49 55416]
"SmoothView"="C:\Program Files\Toshiba\SmoothView\SmoothView.exe" [2007-03-22 10:46 448632]
"00TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe" [2007-03-23 13:41 538744]
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" [2007-03-21 16:23 413696]
"ccApp"="C:\Program Files\Common Files\Symantec Shared\ccApp.exe" [2006-10-25 08:08 107112]
"osCheck"="C:\Program Files\Norton Internet Security\osCheck.exe" [2006-10-27 10:18 22696]
"Symantec PIF AlertEng"="C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" [2008-01-29 16:38 583048]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 21:16 39792]
"Babylon Client"="C:\Program Files\Babylon\Babylon-Pro\Babylon.exe" [2008-03-11 08:23 3551456]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2008-03-26 18:41 1232896]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"DisableCAD"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\psfus]
C:\Windows\system32\psqlpwd.dll 2006-12-03 15:50 90112 C:\Windows\System32\psqlpwd.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"msacm.dvacm"= C:\PROGRA~1\COMMON~1\ULEADS~1\vio\dvacm.acm

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UacDisableNotify"=dword:00000001
"InternetSettingsDisableNotify"=dword:00000001
"AutoUpdateDisableNotify"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{9A4AE87E-09AE-43DA-A6F2-327B33651474}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CEAE780C-375C-4514-9A65-E1A990A13D14}"= UDP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{E9D48700-120E-4C7B-92AF-2B4FC079B5D7}"= TCP:C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:Yahoo! Messenger
"{96938E1F-7BB2-44BA-82DD-FE24F1ABD46C}"= UDP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{7F2E7AD7-AA5F-47C4-8FD0-269676441595}"= TCP:C:\Program Files\Yahoo!\Messenger\YServer.exe:Yahoo! FT Server
"{CB627DA7-B4F2-461D-83F5-D987B35D5570}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{F7A95CDF-F6B4-4463-AB98-60FAFA415A22}"= UDP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe:Sid Meier's Civilization 4 Demo
"{710C8065-49CB-4294-A636-13FC5750467C}"= TCP:C:\Program Files\Firaxis Games\Sid Meier's Civilization 4 Demo\Civilization4.exe:Sid Meier's Civilization 4 Demo

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 tos_sps32;TOSHIBA tos_sps32 Service;C:\Windows\system32\DRIVERS\tos_sps32.sys [2007-03-29 16:50]
R1 IDSvix86;Symantec Intrusion Prevention Driver;C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20080415.002\IDSvix86.sys [2008-02-14 02:18]
R2 TNaviSrv;TOSHIBA Navi Support Service;C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2007-03-29 16:52]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service;C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-26 14:55]
R3 FwLnk;FwLnk Driver;C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 15:11]
R3 igfx;igfx;C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-03-06 14:24]
R3 SYMNDISV;SYMNDISV;C:\Windows\system32\Drivers\SYMNDISV.SYS [2008-03-07 12:39]
R3 TcUsb;TC USB Kernel Driver;C:\Windows\system32\Drivers\tcusb.sys [2006-12-03 15:21]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver;C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-19 04:50]
R3 UVCFTR;UVCFTR;C:\Windows\system32\DRIVERS\UVCFTR_S.SYS [2007-03-12 20:47]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk60x86.sys [2007-01-10 03:00]
S3 pccsmcfd;PCCS Mode Change Filter Driver;C:\Windows\system32\DRIVERS\pccsmcfd.sys [2007-09-17 15:53]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc

*Newly Created Service* - COMHOST
.
Contents of the 'Scheduled Tasks' folder
"2008-05-09 16:44:55 C:\Windows\Tasks\Norton Internet Security - Run Full System Scan - walker.job"
- C:\PROGRA~1\NORTON~1\NORTON~1\Navw32.exe
"2008-05-12 01:57:12 C:\Windows\Tasks\User_Feed_Synchronization-{D83933F6-BF89-4202-9FE6-2F64654BCD19}.job"
- C:\Windows\system32\msfeedssync.exe
.
**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-05-12 22:45:53
Windows 6.0.6000 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\audiodg.exe
C:\Program Files\Protector Suite QL\upeksvr.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Windows\System32\wlanext.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\Windows\System32\agrsmsvc.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Windows\System32\TODDSrv.exe
C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
C:\Windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2008-05-12 22:55:38 - machine was rebooted
ComboFix-quarantined-files.txt 2008-05-12 12:54:43

The system cannot find message text for message number 0x2379 in the message file for Application.
The system cannot find message text for message number 0x2379 in the message file for Application.

231 --- E O F --- 2008-04-10 21:55:05

 

Combofix näyttää
NTFSx86 Microsoft® Windows Vista™ Business

===================

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

 

joo ilmeni tämmönen ongelma ettei sitä ohjelmaa voi päivittää koska internet yhteydessä jotain vikaa??? ajoin sen ohjelman kuitenkin mutta se ei tallentanu sitä logii joten teen sen uudestaan huomenna mutta palaillaan asiaan sitten kiitokset vaivan näöstä

 

oisko sulla mitään hajua että onko se hakemisto polku sama vistassa? jos vaikka tallentukin mutta ku ei löydy koko documents and settings kansioo

 

täs olis logi:

Malwarebytes' Anti-Malware 1.12
Database version: 722

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 136803
Time elapsed: 38 minute(s), 49 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 7
Files Infected: 237

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
C:\Casino (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\logs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\promo (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs (Adware.Casino) -> Quarantined and deleted successfully.

Files Infected:
C:\Casino\Poker Heaven\blackjack.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\browser.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\cacerts.crt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\cam.cas (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\cardlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\common.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\countries.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\db.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\devlib.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\devlibcomm.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\filemap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\fivecard.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\games.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\gsid.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\id.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\INSTALL.LOG (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\languages.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\libeay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\licens.txt (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\mfc80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\microsoft.vc80.crt.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\microsoft.vc80.mfc.manifest (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\modstatus.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\mp3dec.asi (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\mss32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\msvcp80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\msvcr80.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\navigator.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\omaha.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\options.cfg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\poker.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\poker.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sc.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\srvmap.lst (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\ssleay32.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\texas.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\UNWISE.EXE (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\update.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\webdollar.exe (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xml.dll (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\0.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\1.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\10.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\11.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\12.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\13.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\14.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\15.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\16.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\17.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\18.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\19.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\2.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\20.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\21.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\22.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\23.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\24.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\25.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\26.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\27.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\28.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\29.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\3.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\30.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\31.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\32.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\33.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\34.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\35.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\36.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\37.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\38.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\39.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\4.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\40.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\41.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\42.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\43.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\44.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\45.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\46.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\47.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\48.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\49.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\5.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\50.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\51.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\6.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\7.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\8.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\9.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\allin_popup.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\archive.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\archive_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\avatar.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\b.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\base.css (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\bj_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\bkg.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\browserdetect.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_close.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_filters_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_filters_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_game.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_general.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_join.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_main.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_minmax.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_sublevels_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\but_sublevels_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\caret.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\chatbubble.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\chips.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\decktype_settings.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\edit.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\gamelimits1.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\gamelimits2.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\gamelimits3.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\game_bjframe.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\game_blackjack.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\game_summary.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\gre_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\hand.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\hand.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\hand_cursor.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\hand_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\harrow.cur (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\headers_bkg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\headers_text.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\history.html (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\history.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\history_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\input_additional.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\input_boxes.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\input_lists.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\language.xml (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\language.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\languages.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\language_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\main.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\main_bkg.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\main_listhi.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\navigator_bg.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\navigator_buttons.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\navigator_moneytext.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\navigator_timer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_bottom.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_game_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_game_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_game_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_left.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_medium.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_moretables.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_texts.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\panel_top.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\pointer.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_cardback.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_cards.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_cards_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_cards_large.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_cards_large_4c.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_deckside.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_font_11p_bold.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_makechoice.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\poker_pucks.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\pol_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\popups.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_actions.png (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_active.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_inactive.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_mute.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_note.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\position_numbers.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\pot_bets.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\progress_ani.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\promo-test1.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\rus_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\sc_bkg8.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tabs_big.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tabs_small.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tab_casino.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\text.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\timeslider.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tur_font_11p_regular.xbf (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tx_bkg10.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\tx_bkg5.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\user.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\user_ff.xsl (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\white_line.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\win_graphics.bmp (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\xml.gif (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\data\xml_decoder.js (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\promo\e500_rakedhandrace.jpg (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx\c_button.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx\c_chip.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx\c_deal.mp3 (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx\p_alert.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\sfx\p_checkknock.wav (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\blackjack_game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\blackjack_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\ext_clientspecific.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\ext_game.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\ext_general.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\ext_mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\ext_navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\fcs_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\fc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\fc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\filemap.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\filerefs.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\gameclient.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\game_common.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\game_common_message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\game_panel.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\gizmo.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\mc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\message.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\mtt_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\mtt_lobby.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\navigator.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\omaha_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\omaha_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\optdef.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\poker_limits.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\sc_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\sc_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\soko_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\tel_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\texas_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\texas_main.xrs (Adware.Casino) -> Quarantined and deleted successfully.
C:\Casino\Poker Heaven\xrs\tournament_join.xrs (Adware.Casino) -> Quarantined and deleted successfully.