koneen hidastuminen

kalou90 · Sep 1, 2008

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:59:33, on 1.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Java\jre1.6.0_03\bin\jucheck.exe
C:\Program Files\Windows Live\installer\WLSetupSvc.exe
C:\Program Files\Creative\Creative Centrale\Centrale.exe
C:\Program Files\Creative\Shared Files\AVCMANU.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: 127.255.255.255 serial.alcohol-soft.com
O1 - Hosts: 127.255.255.255 www.alcohol-soft.com
O1 - Hosts: 127.255.255.255 images.alcohol-soft.com
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MediaFace Integration] "C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136384698578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203270347109
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C8DE98D-0FBF-42D6-8225-6E33DB9589C5}: NameServer = 80.248.96.130,80.248.97.30
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 15018 bytes

Tämmönen loki tuli. En löytänyt tota photo galleria, tein suorita-> msconfig, tuolta. Ongelmana että kone alkaa pyörittää photogallerya kun yritän siirtää biisejä creativen soittimelle.

Hujo · Sep 1, 2008

Lataa SDFix by AndyManchesta ja tallenna se työpöydällesi.

Käynnistä koneesi vikasietotilaan:

sammuta ja käynnistä
käynnistyksen yhteydessä hakkaa F8 nappia
valitse nuolinäppäimellä vikasietotila
paina enter ja enter
valitse käyttäjätilisi
paina kyllä

Jossakin koneissa hakataan F8:sin sijasta F5:tä

" Kun vikasietotilassa, pura tiedoston SDFix.zip sisältö (SDFix kansio) työpöydällesi. Työpöydälle pitäisi ilmestyä kansio nimeltä SDFix.
" Avaa SDFix-kansio ja tuplaklikkaa tiedostoa RunThis.bat käynnistääksesi ohjelman.
" Paina Y käynnistääksesi skriptin.
" Työkalu puhdistaa troijalaisen palvelut ja tekee myös joitakin korjauksia rekisteriin. Lopuksi se pyytää käynnistämään koneen uudelleen, "Press any key to Reboot".
" Paina mitä tahansa näppäintä ja kone käynnistyy uudelleen.
" Käynnistyminen kestää normaalia kauemmin sillä SDFix puhdistaa konetta.
" Kun kone on käynnistynyt ja työpöytä latautunut, SDFix kertoo että puhdistus on suoritettu, "Finished".
" Paina sitten mitä tahansa näppäintä sulkeaksesi skriptin ja ladataksesi pikakuvakkeet työpöydälle.
" Lopuksi avaa SDFix kansio (työpöydällä) ja kopioi & liitä tiedoston Report.txt sisältö viestiketjuusi uuden HijackThis:n lokin kera.

=============

1.Lataa combofix.exe työpöydällesi yhdestä linkistä:
combofix1
combofix2

2. Tuplaklikkaa combofix.exe tiedostoa ja seuraa ohjeistuksia.
3. Kun työkalu on valmis, se tuottaa lokin. Lähetä tämä loki viesti ketjuusi.
Huom! Älä klikkaile combofixin ikkunaa käytön aikana. Tämä saattaa aiheuttaa ohjelman jumiutumisen.

==============

Lataa Malwarebytes' Anti-Malware työpöydällesi.

1. Tuplaklikkaa mbam-setup.exe ja seuraa ohjeita asentaaksesi ohjelman.
2. Lopuksi varmistu, että seuraavat on valittu: Update Malwarebytes', Anti-Malwareja
Launch Malwarebytes' Anti-Malware ja sen jälkeen klikkaaFinish.
3. Jos päivitys löytyy. ohjelma lataa ja asentaa uusimman version.
4. Kun ohjelma on latautunut, valitse Perform full scan ja klikkaa Scan.
5. Kun skanni on valmis, klikkaa OK ja sitten Show Results nähdäksesi tulokset.
6. Varmistu, että kaikki on merkitty ja klikkaa Remove Selected.
7. Tämän jälkeen loki avautuu muistioon. Tallenna se paikkaan, josta löydät sen helposti. Loki
löytyy myös täältä: C:\Documents and Settings\Käyttäjänimi\Application
Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-päiväys.txt
8. Lähetä lokin sisältö seuraavassa viestissäsi.

=============

Lataa Tästä Ccleaner
CCleaner v2.05.555- Standard Build, ÄLÄ aseenna Yahoo toolbaria!
Asennuksessa poista merkki/rasti kohdasta "asenna Yahoo! toolbar/työkalupalkki".
Asennuksen jälkeen aukaise CCleaner.
Valitse vasemmalta pystyrivistä Options.
Valitse viereisestä pystyrivistä Settings.
Language kohtaan valitse Suomi.

Puhdistaja
Valitse vasemmalta pystyrivistä Puhdistaja.
Paina alhaalta Tutki.
Nyt CCleaner tutkii, mitä voidaan poistaa (tempit, cookiessit jne.).
Kun tutkiminen on valmis, paina Aja CCleaner.
Nyt CCleaner poistaa löydetyt tempit, cookiessit jne.

Rekisterin virheiden korjaus
Valitse vasemmalta pystyrivistä Rekisteri.
Paina alhaalta Etsi rekisterin virheitä.
Kun etsintä on valmis ja olet varma, että haluat korjata ne rivit jotka ovat merkattuja, niin paina Korjaa valitut rekisterin virheet.
Sinulta kysytään "haluatko varmuuskopioida muutokset rekisteriin", paina Kyllä. Tallenna varmuuskopio vaikka "Omat tiedostot" -kansioon.
Klikkaa uudesta aukeavasta ikkunasta Korjaa kaikki valitut virheet.
Saat vielä varmistus kysymyksen, paina Ok.
Kun virheet on korjattu, paina Sulje.
Nyt voit sulkea CCleanerin painamalla oikealta ylhäältä punaista rastia.

kalou90 · Sep 2, 2008

Noniin täs ois nytten kaikki pyytämäsi lokit!

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-02 14:55:10
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:36,9c,3b,59,13,d6,69,f8,97,54,78,8f,52,06,67,84,1a,dc,ae,ee,f3,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:39,c9,6a,50,89,0a,42,d4,2b,af,30,d4,48,03,ba,2e,86,35,05,97,f6,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:8a,94,cb,cb,07,8d,0c,63,dc,06,b4,26,e6,4e,96,95,de,3e,2e,ea,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,9e,6a,1a,3b,97,81,c3,39,ca,81,12,05,5e,59,7d,6e,d0,..
"khjeh"=hex:ba,90,e3,68,a7,c6,6b,a6,09,7e,22,b3,c4,88,75,77,2e,a6,a0,9a,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,39,10,5d,a7,e5,e1,e8,5a,19,66,b9,d1,ad,e7,f4,74,d7,32,1f,14,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:39,c9,6a,50,89,0a,42,d4,2b,af,30,d4,48,03,ba,2e,86,35,05,97,f6,..
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:8a,94,cb,cb,07,8d,0c,63,dc,06,b4,26,e6,4e,96,95,de,3e,2e,ea,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,9e,6a,1a,3b,97,81,c3,39,ca,81,12,05,5e,59,7d,6e,d0,..
"khjeh"=hex:ba,90,e3,68,a7,c6,6b,a6,09,7e,22,b3,c4,88,75,77,2e,a6,a0,9a,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,39,10,5d,a7,e5,e1,e8,5a,19,66,b9,d1,ad,e7,f4,74,d7,32,1f,14,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:39,c9,6a,50,89,0a,42,d4,2b,af,30,d4,48,03,ba,2e,86,35,05,97,f6,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:8a,94,cb,cb,07,8d,0c,63,dc,06,b4,26,e6,4e,96,95,de,3e,2e,ea,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,9e,6a,1a,3b,97,81,c3,39,ca,81,12,05,5e,59,7d,6e,d0,..
"khjeh"=hex:ba,90,e3,68,a7,c6,6b,a6,09,7e,22,b3,c4,88,75,77,2e,a6,a0,9a,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet004\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,39,10,5d,a7,e5,e1,e8,5a,19,66,b9,d1,ad,e7,f4,74,d7,32,1f,14,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\0D79C293C1ED61418462E24595C90D04]
"p0"="C:\Program Files\Alcohol Soft\Alcohol 120\"
"h0"=dword:00000000
"ujdew"=hex:39,c9,6a,50,89,0a,42,d4,2b,af,30,d4,48,03,ba,2e,86,35,05,97,f6,..
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4]
"p0"="C:\Program Files\DAEMON Tools\"
"h0"=dword:00000001
"khjeh"=hex:8a,94,cb,cb,07,8d,0c,63,dc,06,b4,26,e6,4e,96,95,de,3e,2e,ea,3a,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001]
"a0"=hex:20,01,00,00,9e,6a,1a,3b,97,81,c3,39,ca,81,12,05,5e,59,7d,6e,d0,..
"khjeh"=hex:ba,90,e3,68,a7,c6,6b,a6,09,7e,22,b3,c4,88,75,77,2e,a6,a0,9a,38,..

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet005\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40]
"khjeh"=hex:55,39,10,5d,a7,e5,e1,e8,5a,19,66,b9,d1,ad,e7,f4,74,d7,32,1f,14,..

scanning hidden registry entries ...

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL"
"DeviceNotSelectedTimeout"="15"
"GDIProcessHandleQuota"=dword:00002710
"Spooler"="yes"
"swapdisk"=""
"TransmissionRetryTimeout"="90"
"USERProcessHandleQuota"=dword:00002710
"LoadAppInit_DLLs"=dword:00000001

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0

SDFix: Version 1.220
Run by Kalle on ti 02.09.2008 at 14:44

Microsoft Windows XP [versio 5.1.2600]
Running From: C:\Documents and Settings\Kalle\Ty”p”yt„\SDFix

Checking Services :

Restoring Default Security Values
Restoring Default Hosts File

Rebooting

Checking Files :

No Trojan Files Found

Malwarebytes' Anti-Malware 1.25
Tietokantaversio: 1103
Windows 5.1.2600 Service Pack 2

7:18:15 2.9.2008
mbam-log-09-02-2008 (07-18-02).txt

Tarkistustyyppi: Täysi tarkistus (C:\|M:\|)
Tarkistetut kohteet: 355083
Kulunut aika: 2 hour(s), 46 minute(s), 3 second(s)

Saastuneita muistiprosesseja: 0
Saastuneita muistimoduuleja: 0
Saastuneita rekisteriavaimia: 3
Saastuneita rekisteriarvoja: 0
Saastuneita rekisterikohteita: 0
Saastuneita hakemistoja: 7
Saastuneita tiedostoja: 241

Saastuneita muistiprosesseja:
(Haitallisia kohteita ei löydetty)

Saastuneita muistimoduuleja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisteriavaimia:
HKEY_CLASSES_ROOT\Interface\{bc8c2e5f-d8b4-4997-bce3-8775c3707956} (Adware.Hotbar) -> No action taken.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} (Trojan.BHO) -> No action taken.
HKEY_CLASSES_ROOT\CLSID\{4e7bd74f-2b8d-469e-ccb0-b130eedbe97c} (Trojan.BHO) -> No action taken.

Saastuneita rekisteriarvoja:
(Haitallisia kohteita ei löydetty)

Saastuneita rekisterikohteita:
(Haitallisia kohteita ei löydetty)

Saastuneita hakemistoja:
C:\Casino (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\logs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\promo (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs (Adware.Casino) -> No action taken.

Saastuneita tiedostoja:
M:\System Volume Information\_restore{29A76DD8-5BE7-4417-BBEA-BD8E3E7B0171}\RP405\A0133459.EXE (Trojan.Agent) -> No action taken.
C:\Casino\PAF Diamond Poker\blackjack.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\browser.exe (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\cacerts.crt (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\cam.cas (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\cardlib.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\common.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\countries.lst (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\creditdebit.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\db.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\devlib.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\devlibcomm.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\filemap.lst (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\fivecard.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\games.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\gsid.txt (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\id.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\INSTALL.LOG (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\languages.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\libeay32.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\licens.txt (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\mfc80.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\microsoft.vc80.crt.manifest (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\microsoft.vc80.mfc.manifest (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\modstatus.lst (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\mp3dec.asi (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\mss32.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\msvcp80.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\msvcr80.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\navigator.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\omaha.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\options.cfg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\poker.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\poker.exe (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sc.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\srvmap.lst (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\ssleay32.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\texas.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\UNWISE.EXE (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\update.exe (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xml.dll (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\0.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\1.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\10.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\11.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\12.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\13.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\14.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\15.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\16.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\17.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\18.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\19.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\2.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\20.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\21.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\22.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\23.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\24.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\25.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\26.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\27.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\28.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\29.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\3.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\30.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\31.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\32.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\33.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\34.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\35.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\36.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\37.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\38.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\39.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\4.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\40.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\41.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\42.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\43.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\44.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\45.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\46.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\47.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\48.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\49.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\5.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\50.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\51.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\6.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\7.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\8.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\9.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\allin_popup.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\archive.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\archive_ff.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\avatar.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\b.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\base.css (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\bj_bkg.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\bkg.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\browserdetect.js (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_blackjack.png (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_cashier.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_close.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_filters_big.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_filters_small.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_game.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_general.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_join.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_main.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_medium.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_minmax.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_sublevels_big.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\but_sublevels_small.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\caret.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\chatbubble.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\chips.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\decktype_settings.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\edit.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\gamelimits1.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\gamelimits2.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\gamelimits3.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\game_bjframe.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\game_blackjack.png (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\game_summary.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\gre_font_11p_regular.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\hand.html (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\hand.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\hand_cursor.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\hand_ff.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\harrow.cur (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\headers_bkg.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\headers_text.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\history.html (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\history.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\history_ff.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\input_additional.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\input_boxes.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\input_lists.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\language.xml (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\language.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\languages.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\language_ff.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\main.js (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\main_bkg.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\main_listhi.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\navigator_bg.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\navigator_buttons.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\navigator_moneytext.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\navigator_timer.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_big.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_bottom.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_game_big.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_game_small.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_game_top.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_left.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_medium.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_moretables.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_texts.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\panel_top.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\pointer.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_cardback.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_cards.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_cards_4c.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_cards_large.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_cards_large_4c.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_deckside.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_bold.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_font_11p_regular.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_makechoice.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\poker_pucks.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\pol_font_11p_regular.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\popups.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_actions.png (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_active.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_inactive.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_mute.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_note.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\position_numbers.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\progress_ani.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\promo-test1.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\rus_font_11p_regular.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\sc_bkg8.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tabs_big.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tabs_cashier.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tabs_small.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\text.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\timeslider.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tur_font_11p_regular.xbf (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tx_bkg10.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\tx_bkg5.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\user.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\user_ff.xsl (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\white_line.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\win_graphics.bmp (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\xml.gif (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\data\xml_decoder.js (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\promo\sundayspecial.jpg (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx\c_button.wav (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx\c_chip.wav (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx\c_deal.mp3 (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx\p_alert.wav (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\sfx\p_checkknock.wav (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\blackjack_game_panel.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\blackjack_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\common.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\creditdebit.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_clientspecific.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_creditdebit.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_game.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_general.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_mc_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\ext_navigator.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\fcs_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\fc_join.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\fc_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\filemap.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\filerefs.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\gameclient.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\game_common.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\game_common_message.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\game_panel.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\gizmo.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\mc_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\message.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\mtt_join.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\mtt_lobby.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\navigator.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\omaha_join.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\omaha_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\optdef.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\poker_limits.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\sc_join.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\sc_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\soko_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\tel_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\texas_join.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\texas_main.xrs (Adware.Casino) -> No action taken.
C:\Casino\PAF Diamond Poker\xrs\tournament_join.xrs (Adware.Casino) -> No action taken.
C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (Trojan.BHO) -> No action taken.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:01:09, on 2.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MediaFace Integration] "C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136384698578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203270347109
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C8DE98D-0FBF-42D6-8225-6E33DB9589C5}: NameServer = 80.248.96.130,80.248.97.30
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

--
End of file - 14572 bytes

Kiitoksia paljon neuvoista!

Hujo · Sep 2, 2008

aja nortonin poistotyökalu

==============

scannaa hjt:llä merkkaa paina Fix checked

O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

=============

Tarkista Kaspersky Online Skannerilla

1. Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
2. Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
3. Kun lataus on valmis, klikkaa Settings.
4. Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save:
Spyware, Adware, Dialers, and other potentially dangerous programs
Archives
Mail databases
5. Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
6. Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
7. Näet listan saastuneista kohteista. Klikkaa Save Report As....
8. Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.
9. Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi uuden HijackThis-lokin kera

kalou90 · Sep 2, 2008

lisää lokeja!

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Wednesday, September 3, 2008
Operating System: Microsoft Windows XP Home Edition Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Tuesday, September 02, 2008 18:50:05
Records in database: 1182121
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
J:\
K:\
L:\
M:\
N:\
O:\
P:\
R:\

Scan statistics:
Files scanned: 293657
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 07:50:07

No malware has been detected. The scan area is clean.

The selected area was scanned.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:48:33, on 3.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MediaFace Integration] "C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136384698578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203270347109
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C8DE98D-0FBF-42D6-8225-6E33DB9589C5}: NameServer = 80.248.96.130,80.248.97.30
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 13717 bytes

Hujo · Sep 3, 2008

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: (no name) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - (no file)

=============

Javan päivitys ja välimuistin tyhjennys:

Lataa JavaRa ja pura se työpöydällesi.

***Sulje kaikki päällä olevat Internet Explorerin ikkunat ennen jatkamista!***

* Tuplaklikkaa JavaRa.exeä käynnistääksesi ohjelma.
* Valitse English pudotusvalikosta valitaksesi kieleksi englannin ja klikkaa Select.
* Klikkaa Remove Older Versions poistaaksesi vanhat Java-versiot koneeltasi.
* Klikkaa Yes kun pyydetään. Kun JavaRa on valmis, se ilmoittaa, että lokitiedosto on luotu. Klikkaa OK.
* Lokitiedosto avautuu. Lähetä sen sisältö seuraavassa viestissäsi.
4. Asenna uusin Java päivitys seuraavasta linkistä..

http://java.sun.com/javase/downloads/index.jsp

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6 Update 7
Paina Download
Laita Platform -kohtaan Windows
Ruksaa I agree to the Java SE Runtime Environment 6 License Agreement ja paina Continue
Paina Windows Offline Installationin alapuolella jre-6u4-windows-i586-p.exe

Tallenna tiedosto vaikka työpöydälle ja asenna se.

5. Käynnistä kone uudelleen asennuksen jälkeen.
6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).
7. General-välilehdellä klikkaa Settings. Vedä liukusäädintä (Disk Space) pienemmälle.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Klikkaa Delete Files -nappia. Varmista että kaikki kaksi valintaa ovat rastitettuja:
* Applications and Applets
* Trace and Log Files

Ja paina OK -nappia
Huomaa: Tämä poistaa kaikki ladatut sovellukset ja appletit VÄLIMUISTISTA.

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.
10. Välilehti Update: ota ruksi pois kohdasta Check for Updates automatically
Valitse Never check
11. Klikkaa Apply ja OK jättääksesi Java asetusikkunasi.

kalou90 · Sep 3, 2008

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Sep 03 18:58:40 2008

Found and removed: C:\Program Files\Java\jre1.5.0_06

Found and removed: C:\Program Files\Java\jre1.5.0_09

Found and removed: C:\Program Files\Java\jre1.5.0_10

Found and removed: C:\Program Files\Java\jre1.5.0_11

Found and removed: C:\Program Files\Java\jre1.6.0_02

Found and removed: C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64

Found and removed: Software\JavaSoft\Java2D\1.5.0_03

Found and removed: Software\JavaSoft\Java2D\1.5.0_06

Found and removed: Software\JavaSoft\Java2D\1.5.0_09

Found and removed: Software\JavaSoft\Java2D\1.5.0_10

Found and removed: Software\JavaSoft\Java2D\1.5.0_11

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Classes\JavaPlugin.150_06

Found and removed: SOFTWARE\Classes\JavaPlugin.150_09

Found and removed: SOFTWARE\Classes\JavaPlugin.150_10

Found and removed: SOFTWARE\Classes\JavaPlugin.150_11

Found and removed: SOFTWARE\Classes\JavaWebStart.isInstalled.1.5.0.0

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.5.0_11

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.5.0_11

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510006

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D510009

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511000

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D511001

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150060}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150090}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150100}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0150110}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Features\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Classes\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Classes\JavaPlugin.160_02

Found and removed: SOFTWARE\Classes\JavaPlugin.160_03

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_03

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\7A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ACBB9B2318A96D117A58000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610002

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\8A0F842331866D117AB7000B0D610003

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160020}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160030}

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_06

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_09

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_10

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.5.0_11

Found and removed: Software\Classes\JavaPlugin.160_02

Found and removed: Software\Classes\JavaPlugin.160_03

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_06\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_09\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_10\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.5.0_11\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_02\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_03\bin\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\C:\Program Files\Common Files\Java\Update\Base Images\jre1.6.0.b105\patch-jre1.6.0_03.b05\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core1.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core2.zip

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDlls\C:\Program Files\Common Files\Java\Update\Base Images\jre1.5.0.b64\core3.zip

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_03

Found and removed: Software\JavaSoft\Java2D\1.6.0_02

Found and removed: Software\JavaSoft\Java2D\1.6.0_03

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_02

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_03

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

JavaRa 1.11 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Wed Sep 03 18:59:40 2008

------------------------------------

Finished reporting.

Hujo · Sep 3, 2008

toi combofix loki kokonaan

kalou90 · Sep 3, 2008

tässä tämä:

ComboFix 08-09-01.05 - Kalle 2008-09-04 0:23:10.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1035.18.1394 [GMT 3:00]
Running from: C:\Documents and Settings\Kalle\Työpöytä\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

(((((((((((((((((((((((((((((((((((((( Muut poistot ))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Juha\Application Data\BITS
C:\Documents and Settings\Juha\Application Data\BITS\BITS.ini
C:\Documents and Settings\Juha\Application Data\BITS\DHTTable.dat
C:\Documents and Settings\Juha\Application Data\BITS\ProxyList.ini
C:\Documents and Settings\Juha\Application Data\BITS\Torrent\20080210161019.torrent
C:\Documents and Settings\Juha\Application Data\BITS\Torrent\20080210161019.torrent.filelist
C:\Documents and Settings\Juha\Local Settings\Application Data\Microsoft\Windows Media\10.0\WMSDKNSD.XML
C:\Documents and Settings\Kalle\Application Data\BITS
C:\Documents and Settings\Kalle\Application Data\BITS\BITS.ini
C:\Documents and Settings\Kalle\Application Data\BITS\DHTTable.dat
C:\Documents and Settings\Kalle\Application Data\BITS\ProxyList.ini
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent.~tmp
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent.bits
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent.filelist
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent.hybridlist
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080203224117.torrent.seeds
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210160739.torrent
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210160739.torrent.filelist
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210161019.torrent
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210161019.torrent.~tmp
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210161019.torrent.bits
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210161019.torrent.filelist
C:\Documents and Settings\Kalle\Application Data\BITS\Torrent\20080210161019.torrent.seeds
C:\Documents and Settings\Tarja\Application Data\BITS
C:\Documents and Settings\Tarja\Application Data\BITS\BITS.ini
C:\Documents and Settings\Tarja\Application Data\BITS\DHTTable.dat
C:\Documents and Settings\Tarja\Application Data\BITS\ProxyList.ini
C:\Documents and Settings\Tarja\Application Data\BITS\Torrent\20080210161019.torrent
C:\Documents and Settings\Tarja\Application Data\BITS\Torrent\20080210161019.torrent.filelist
C:\Program Files\FlashGet Network
C:\Program Files\FlashGet Network\Flashget\explorerbar.dll
C:\Program Files\FlashGet Network\Flashget\fgoption.ini
C:\Program Files\FlashGet Network\Flashget\JCCHS.INI
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\0.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\1.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\10.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\11.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\12.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\13.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\14.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\15.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\16.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\17.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\18.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\19.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\2.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\20.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\21.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\3.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\4.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\5.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\6.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\7.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\8.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\9.bmp
C:\Program Files\FlashGet Network\Flashget\modules\garage\Headers\nologin.bmp
C:\Program Files\FlashGet Network\Flashget\P2PCfg.ini
C:\Program Files\FlashGet Network\Flashget\P2PShare.dat
C:\Program Files\FlashGet Network\Flashget\p2spmgr.ini
C:\Program Files\FlashGet Network\Flashget\p4spmgr.ini
C:\Program Files\FlashGet Network\Flashget\Profiles\config.dat
C:\Program Files\FlashGet Network\Flashget\Profiles\tasks.dat
C:\WINDOWS\system32\actskn43.ocx
C:\WINDOWS\system32\skinboxer43.dll
C:\WINDOWS\system32\url(5).dll

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_6TO4
-------\Service_6to4

((((( Tiedostot, jotka on luotu seuraavalla aikav„lill„: 2008-08-03 to 2008-09-03 )))))))))))))))))
.

2008-09-04 00:13 . 2008-09-04 00:14 <KANSIO> d-------- C:\Program Files\Crawler
2008-09-03 20:53 . 2008-09-04 00:20 54,156 --ah----- C:\WINDOWS\QTFont.qfn
2008-09-03 20:53 . 2008-09-03 20:53 1,409 --a------ C:\WINDOWS\QTFont.for
2008-09-03 16:01 . 2008-09-03 16:02 2,312 --a------ C:\CTMeasureTiming.ini
2008-09-03 15:43 . 2008-09-03 15:45 <KANSIO> d--h----- C:\Documents and Settings\All Users\Application Data\{F80BA25A-BEA5-42AE-89A4-E9FC6C7E53FB}
2008-09-03 15:35 . 2008-09-03 15:43 <KANSIO> d--h----- C:\Documents and Settings\All Users\Application Data\{5334905D-AC76-4CD2-ABF3-A37CF6596FBB}
2008-09-03 15:34 . 2008-09-03 15:36 <KANSIO> d--h----- C:\Program Files\Creative Installation Information
2008-09-03 15:34 . 2008-09-03 15:34 <KANSIO> d-------- C:\Program Files\Common Files\Creative
2008-09-02 16:20 . 2008-09-02 16:20 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-09-02 14:38 . 2008-09-02 14:38 <KANSIO> d-------- C:\WINDOWS\ERUNT
2008-09-01 23:02 . 2008-09-01 23:02 <KANSIO> d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-01 23:02 . 2008-09-01 23:02 <KANSIO> d-------- C:\Documents and Settings\Kalle\Application Data\Malwarebytes
2008-09-01 23:02 . 2008-09-01 23:02 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-09-01 23:02 . 2008-08-17 15:01 38,472 --a------ C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-09-01 23:02 . 2008-08-17 15:01 17,144 --a------ C:\WINDOWS\system32\drivers\mbam.sys
2008-09-01 22:54 . 2008-08-29 04:05 <KANSIO> d-------- C:\SDFix
2008-09-01 20:58 . 2008-09-01 20:58 <KANSIO> d-------- C:\Program Files\Trend Micro
2008-09-01 20:01 . 2008-09-04 00:11 <KANSIO> d-------- C:\Documents and Settings\Kalle\Application Data\Creative
2008-09-01 19:59 . 2008-09-01 19:59 755,320 --a------ C:\WINDOWS\system32\awrdscdc.ax
2008-09-01 19:59 . 2006-10-06 09:17 53,248 --------- C:\WINDOWS\Ctregrun.exe
2008-09-01 19:58 . 2008-09-01 19:59 <KANSIO> d-------- C:\Program Files\Audible
2008-09-01 19:58 . 2008-09-03 15:34 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\Creative
2008-09-01 19:56 . 2008-09-03 15:36 <KANSIO> d-------- C:\Program Files\Creative
2008-08-30 13:16 . 2008-08-30 13:31 <KANSIO> d-------- C:\WINDOWS\system32\CatRoot_bak
2008-08-19 15:36 . 2008-08-19 15:36 <KANSIO> d-------- C:\Program Files\PrevxCSI
2008-08-19 15:36 . 2008-09-03 15:14 <KANSIO> d-------- C:\Documents and Settings\All Users\Application Data\PrevxCSI
2008-08-19 15:36 . 2008-08-19 18:20 17,408 --a------ C:\WINDOWS\system32\drivers\pxark.sys

.
(((((((((((((((((((((((((((((((((((( Find3M-raportti ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-03 21:21 --------- d-----w C:\Documents and Settings\Kalle\Application Data\Spyware Terminator
2008-09-03 17:41 --------- d-----w C:\Documents and Settings\All Users\Application Data\Spyware Terminator
2008-09-03 17:06 --------- d-----w C:\Documents and Settings\Kalle\Application Data\Registry Booster
2008-09-03 16:05 --------- d-----w C:\Program Files\Java
2008-09-03 12:50 --------- d-----w C:\Program Files\Winamp Remote
2008-09-03 12:35 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-09-03 12:13 --------- d-----w C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-09-03 06:32 --------- d-----w C:\Documents and Settings\Juha\Application Data\Spyware Terminator
2008-09-02 15:28 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-02 15:21 --------- d-----w C:\Program Files\Windows Live
2008-09-02 15:02 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-09-02 13:23 --------- d-----w C:\Program Files\Common Files\Symantec Shared
2008-09-02 12:24 --------- d-----w C:\Documents and Settings\Kalle\Application Data\Azureus
2008-09-01 19:30 --------- d-----w C:\Program Files\DivX
2008-08-30 17:31 --------- d-----w C:\Documents and Settings\Tarja\Application Data\Spyware Terminator
2008-08-30 16:12 --------- d--h--w C:\Program Files\DC++
2008-08-20 12:31 --------- d-----w C:\Program Files\Sega
2008-08-14 18:29 --------- d-----w C:\Documents and Settings\Kalle\Application Data\MegauploadToolbar
2008-08-12 12:07 19,228 ----a-w C:\Documents and Settings\Kalle\Application Data\wklnhst.dat
2008-08-07 10:32 --------- d-----w C:\Documents and Settings\Tarja\Application Data\AdobeUM
2008-07-18 18:34 586,240 ----a-w C:\WINDOWS\WLXPGSS.SCR
2008-07-06 19:06 --------- d-----w C:\Program Files\MERICDA
2008-07-06 18:56 138,032 ----a-w C:\WINDOWS\~GLC0000.TMP
2008-06-14 19:02 6,198 ----a-w C:\Documents and Settings\Tarja\Application Data\wklnhst.dat
2007-08-04 08:05 0 ----a-w C:\Documents and Settings\Vieras\Application Data\wklnhst.dat
2007-04-18 14:50 0 ----a-w C:\Documents and Settings\TEMP.YOUR-69CFC18782\Application Data\wklnhst.dat
2007-02-09 17:23 68 ----a-w C:\Documents and Settings\Juha\Application Data\wklnhst.dat
2006-12-20 17:07 87,608 ----a-w C:\Documents and Settings\Kalle\Application Data\ezpinst.exe
2006-12-20 17:07 47,360 ----a-w C:\Documents and Settings\Kalle\Application Data\pcouffin.sys
.

(((((((((((((((((((((((((((((( Rekisterin k„ynnistyskohteet )))))))))))))))))))))))))))))))))))))))))))))
.
.
*Huom* Tyhji„ arvoja ja laillisia oletusarvoja ei n„ytet„
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" [2005-08-18 307200]
"Uniblue Registry Booster"="C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe" [2007-04-29 5660672]
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" [2007-10-18 5724184]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2004-09-15 15360]
"Orb"="C:\Program Files\Winamp Remote\bin\OrbTray.exe" [2008-01-07 495616]
"ccleaner"="C:\Program Files\CCleaner\ccleaner.exe" [2008-05-28 1197296]
"CTSyncU.exe"="C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe" [2007-07-17 868352]
"SoftAuto.exe"="C:\Program Files\Creative\Software Update 3\SoftAuto.exe" [2008-07-28 405504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 892928]
"PinnacleDriverCheck"="C:\WINDOWS\system32\PSDrvCheck.exe" [2004-03-10 406016]
"OpwareSE2"="C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" [2003-05-08 49152]
"MediaFace Integration"="C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe" [2005-03-28 53248]
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2004-07-27 81920]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" [2004-07-27 221184]
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360]
"ATICCC"="C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" [2006-05-10 90112]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [2006-05-20 188416]
"SpywareTerminator"="C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe" [2008-05-01 1817600]
"SoundMan"="SOUNDMAN.EXE" [2006-08-03 C:\WINDOWS\SOUNDMAN.EXE]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 C:\WINDOWS\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [2004-09-15 15360]
"Nokia.PCSync"="C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"VIDC.MJPG"= Pvmjpg21.dll
"VIDC.PIM1"= pclepim1.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
SecurityProviders msapsspc.dllschannel.dlldigest.dllmsnsspc.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\WINDOWS\\pchealth\\helpctr\\binaries\\HelpCtr.exe"=
"C:\\Program Files\\LimeWire\\LimeWire.exe"=
"C:\\Program Files\\Azureus\\Azureus.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\Program Files\\Messenger\\msmsgs.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Sports Interactive\\Football Manager 2008\\fm.exe"=
"C:\\Program Files\\KONAMI\\Pro Evolution Soccer 2008\\PES2008.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\Orb.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbTray.exe"=
"C:\\Program Files\\Winamp Remote\\bin\\OrbStreamerClient.exe"=
"C:\\Program Files\\BUFFALO\\Client Manager3\\BWSVC\\bwsvc.exe"=
"C:\\Program Files\\BUFFALO\\Client Manager3\\AOSS\\aoss.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"C:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Sega\\Beijing 2008\\Beijing.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1212:TCP"= 1212:TCP:mese

R0 pe3ah4nc;DiRT Environment Driver (pe3ah4nc);C:\WINDOWS\system32\drivers\pe3ah4nc.sys [2007-05-18 64880]
R0 ps6ah4nc;DiRT Synchronization Driver (ps6ah4nc);C:\WINDOWS\system32\drivers\ps6ah4nc.sys [2007-05-18 55160]
R0 pxark;pxark;C:\WINDOWS\system32\drivers\pxark.sys [2008-08-19 17408]
R1 aswSP;avast! Self Protection;C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 BUFADPT;BUFADPT;C:\WINDOWS\system32\BUFADPT.SYS [2007-01-11 11008]
R1 sp_rsdrv2;Spyware Terminator Driver 2;C:\WINDOWS\system32\drivers\sp_rsdrv2.sys [2008-05-01 141312]
R2 AdobeActiveFileMonitor;Adobe Active File Monitor;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe [2004-10-20 98304]
R2 aswFsBlk;aswFsBlk;C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 CSIScanner;CSIScanner;C:\Program Files\PrevxCSI\prevxcsi.exe [2008-08-19 618040]
R2 NwSapAgent;SAP-agentti;C:\WINDOWS\system32\svchost.exe [2004-09-15 14336]
R3 SIS163u;SiS163 usb Wireless LAN Adapter Driver;C:\WINDOWS\system32\DRIVERS\sis163u.sys [2005-06-20 215040]
S1 nltdi;nltdi;C:\WINDOWS\system32\drivers\nltdi.sys [ ]
S2 pr2ah4nc;DiRT Drivers Auto Removal (pr2ah4nc);C:\WINDOWS\system32\pr2ah4nc.exe svc [ ]
S3 BTCOMM;BTCOMM;C:\WINDOWS\system32\drivers\Btcomm.sys [ ]
S3 BTKRNBDG;Bluetooth COM Bridge;C:\WINDOWS\system32\DRIVERS\btkrnbdg.sys [ ]
S3 CTUPnPSv;Creative Centrale Media Server;C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 PhotoshopElementsDeviceConnect;Photoshop Elements Device Connect;C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe [2004-10-20 118784]
S3 PVUSB;CESG502 USB Driver;C:\WINDOWS\system32\DRIVERS\CESG502.sys [2007-05-26 40672]
S3 vad_multi;Windigo Virtual Audio Device (WDM);C:\WINDOWS\system32\drivers\vadmulti.sys [ ]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{419cdb9e-7ee1-11dc-af0b-003005a3688b}]
\Shell\AutoRun\command - N:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7ce43614-1bab-11db-9c33-003005a3688b}]
\Shell\AutoRun\command - F:\Autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a74175c4-84d0-11da-9aec-003005a3688b}]
\Shell\AutoRun\command - K:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c687e35a-d180-11db-b2f3-003005a3688b}]
\Shell\AutoRun\command - M:\autorun.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{19511CB5-139F-6C8B-0807-080700020602}]
C:\WINDOWS\smhost.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{1DDD2674-4233-B2C4-0308-030500020300}]
C:\WINDOWS\system32\nvideo.exe
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Documents and Settings\Kalle\Application Data\Mozilla\Firefox\Profiles\u0iskb8c.default\
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp://www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q=
FF -: plugin - C:\Documents and Settings\Kalle\Application Data\Mozilla\Firefox\Profiles\u0iskb8c.default\extensions\turntoolviewer@turntool.com\plugins\nptnt.dll
FF -: plugin - C:\Program Files\Adobe\Acrobat 7.0\Reader\browser\nppdf32.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npagent.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\npCortona.dll
FF -: plugin - C:\Program Files\Mozilla Firefox\plugins\NPNMeXPlugin.dll
FF -: plugin - C:\Program Files\Yahoo!\Common\npyaxmpb.dll
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-04 00:27:57
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
C:\WINDOWS\system32\ati2evxx.exe
C:\WINDOWS\system32\ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\Bwsvc.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Spyware Terminator\sp_rsser.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Logitech\MouseWare\system\EM_EXEC.EXE
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\MagicDisc\MagicDisc.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
.
**************************************************************************
.
Completion time: 2008-09-04 0:39:51 - machine was rebooted
ComboFix-quarantined-files.txt 2008-09-03 21:39:47

Pre-Run: 134,848,364,544 tavua vapaana
Post-Run: 134,750,961,664 tavua vapaana

291 --- E O F --- 2008-09-03 15:03:42

Hujo · Sep 4, 2008

Mites kone toimii

=============

Lataa OTMoveIt
OTMoveIt ja tallenna se työpöydällesi.

Tuplaklikkaa OTMoveIt.exe.
Klikkaa CleanUp!.
Valitse Yes kun kysytään "Begin cleanup Process?".
Jos pyydetään, että saako koneen käynnistää uudeelleen, valitse Yes.OTMoveIt poistaa itsensä kun se on valmis, jos näin ei käy poista se itse.

HUOM: Jos palomuurisi tai joku muu tietoturvaohjelma varoittaa, että OTMoveIt yrittää päästä nettin, niin anna sen päästä sinne.

kalou90 · Sep 4, 2008

No kone toimii muuten oikeen hyvin, mutta sama photogallery installer käynnistyy aina kun creative centralen aukaisee.

Hujo · Sep 4, 2008

Luo poistolista:
• Avaa HiJackThis
• Klikkaa "Configure" valintaa oikealla alhaalla
• Klikkaa "Misc Tools"
• Klikkaa boxia joka sanoo "Uninstall Manager"
• Klikkaa valintaa "Save list"
• Kopioi ja liitä kyseinen lista muistiosta ketjuusi

kalou90 · Sep 4, 2008

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
3DMark06
AC3Filter (remove only)
Adobe Anchor Service CS3
Adobe Asset Services CS3
Adobe Bridge CS3
Adobe Bridge Start Meeting
Adobe Camera Raw 4.0
Adobe CMaps
Adobe Color - Photoshop Specific
Adobe Color Common Settings
Adobe Color EU Extra Settings
Adobe Color JA Extra Settings
Adobe Color NA Recommended Settings
Adobe Default Language CS3
Adobe Device Central CS3
Adobe ExtendScript Toolkit 2
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Fonts All
Adobe Help Viewer CS3
Adobe Linguistics CS3
Adobe PDF Library Files
Adobe Photoshop CS3
Adobe Photoshop CS3
Adobe Photoshop Elements 3.0
Adobe Reader 7.0.5 - Suomi
Adobe Setup
Adobe Shockwave Player
Adobe Stock Photos CS3
Adobe Type Support
Adobe Update Manager CS3
Adobe Version Cue CS3 Client
Adobe WinSoft Linguistics Plugin
Adobe XMP Panels CS3
Apple Software Update
ArcSoft PhotoStudio 5.5
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
ATI-ohjelmiston poisto-ohjelma
AudibleManager
Auto Gordian Knot 2.48b
avast! Antivirus
AviSynth 2.5
AVIVO Codecs
Azureus Vuze
Backyard Basketball 2007
Beijing 2008
BitLord 1.1
Blaze Media Pro
BlindWrite 6.0.0.17
BSPlayer
BUFFALO Client Manager 3
Canon MP Navigator 2.0
Canon MP450
Canon Utilities Easy-PhotoPrint
Cardio PC Link v1.1.1se
CASIO FA-124
CCleaner (remove only)
CDBurnerXP Pro 3
CD-DA X-Tractor v0.24
Command & Conquer Red Alert 2
ConvertXtoDVD 2.1.6.186
ConvertXtoDVD 3.0.0.1
Crawler Toolbar with Web Security Guard
Creative Centrale
Creative Centrale
Creative Software Update
Creative ZEN X-Fi User's Guide
DC++ 0.706
Deer Hunter - The 2005 Season
DiRT
DVD Decrypter (Remove Only)
DVD Shrink 3.2
DVDx
DVDx
EA Link
EA SPORTS online 2007
Earthsim
Easy-WebPrint
EVEREST Home Edition v2.20
ffdshow [rev 1862] [2008-02-19]
FIFA 07
FMC Graphic Pack V2.0
Football Manager 2006
Football Manager 2008
Free Video Flip and Rotate version 1.2
Fujitsu Siemens Computers WLAN 802.11b/g D1705/D1706
Full Tilt Poker
fx-9860 OS Update
fx-9860G Software Development Kit
GdiplusUpgrade
Google Desktop
Google Earth
GPxPatch (remove only)
Grand Theft Auto Vice City
Half-Life
HijackThis 2.0.2
Hotfix for Windows XP (KB915865)
Hotfix for Windows XP (KB926239)
Hotfix-päivitys Windows Internet Explorer 7:lle (KB947864)
Hotfix-päivitys Windows XP:lle (KB952287)
HP Digital Photo Advisor
HP Image Zone 4.5
HP Photosmart Cameras 4.5
HP Software Update
ImgBurn
Interactive User’s Guide
InterVideo WinDVD
iTunes
Java(TM) 6 Update 7
Jimmy's PG/Gamefix 8.05 PART1
Jimmy's Roster 3.06 Part 1
JLC's Internet TV
LimeWire PRO 4.12.3
LMA Manager 2007
Logitech Gaming Software
Logitech iTouch -ohjelmisto
Logitech MouseWare 9.79
Madden NFL 07
MagicDisc 2.6.93
Malwarebytes' Anti-Malware
MapSource - WorldMap v3.01
MapSource Product Install
Mayspies Print Designer V1.3
MBT SmartStats for Basketball
MediaFACE 4.2
Megaupload Toolbar
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Hotfix (KB928366)
Microsoft .NET Framework 2.0 Service Pack 1
Microsoft AutoRoute 2005
Microsoft Encarta Encyclopedia Standard 2005
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft Money
Microsoft National Language Support Downlevel APIs
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Excel Viewer 2003
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office PowerPoint Viewer 2003
Microsoft Office Professional Edition 2003
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Photo Premium 10
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft User-Mode Driver Framework Feature Pack 1.5
Microsoft Windows Media Video 9 VCM
Microsoft Visual C++ 2005 Redistributable
Microsoft Works
Microsoft Works 2005 Osien valitseminen
Microsoft Works Suiten Microsoft Word -lisäosa
Millennium-Atlas
MotoGP URT 3
Mozilla Firefox (3.0.1)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
Need for Speed™ Carbon
Nero Suite
neroxml
NHL® 08
Nokia Connectivity Cable Driver
Nokia Multimedia Converter 2.0
Nokia PC Suite
Nokia PC Suite
NordicBet Poker
NVIDIA Drivers
OmniPage SE 2.0
PAF Diamond Poker
PAF POKER (remove only)
PartyPoker
PC Connectivity Solution
PDF Settings
Philips Firmware Manager
Pinnacle Hollywood FX for Studio
Pivot Stickfigure Animator
PL-2303 USB-to-Serial
PokerRoom.com (remove only)
PowerISO
Prevx CSI
Pro Evolution Soccer 2008
Pro Evolution Soccer 5
Puupeli 2
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB900485)
Päivitys Windows XP:lle (KB904942)
Päivitys Windows XP:lle (KB908531)
Päivitys Windows XP:lle (KB910437)
Päivitys Windows XP:lle (KB911280)
Päivitys Windows XP:lle (KB916595)
Päivitys Windows XP:lle (KB920872)
Päivitys Windows XP:lle (KB922582)
Päivitys Windows XP:lle (KB927891)
Päivitys Windows XP:lle (KB930916)
Päivitys Windows XP:lle (KB932823-v3)
Päivitys Windows XP:lle (KB933360)
Päivitys Windows XP:lle (KB938828)
Päivitys Windows XP:lle (KB942763)
Päivitys Windows XP:lle (KB951072-v2)
QuickTime
ratDVD 0.78.1444
Real Alternative 1.46
Realtek AC'97 Audio
Red Alert 2
Satellite TV for PC Elite 4.8.8.0
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for CAPICOM (KB931906)
Security Update for CAPICOM (KB931906)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office Word 2007 (KB950113)
Shockwave
Sonic DVDit Pro
Sonic Express Labeler
Sonic Update Manager
SopCast 3.0.0
Spyware Terminator
SpywareBlaster v3.5.1
Studio 9
Subtitle Workshop 2.51
Suojauspäivitys ohjelmistolle Windows XP (KB923689)
Suojauspäivitys ohjelmistolle Windows XP (KB941569)
Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)
Suojauspäivitys Windows Internet Explorer 7:lle (KB939653)
Suojauspäivitys Windows Internet Explorer 7:lle (KB942615)
Suojauspäivitys Windows Internet Explorer 7:lle (KB944533)
Suojauspäivitys Windows Internet Explorer 7:lle (KB950759)
Suojauspäivitys Windows Internet Explorer 7:lle (KB953838)
Suojauspäivitys Windows Media Player 10:lle (KB936782)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suojauspäivitys Windows XP:lle (KB908519)
Suojauspäivitys Windows XP:lle (KB911562)
Suojauspäivitys Windows XP:lle (KB911927)
Suojauspäivitys Windows XP:lle (KB913580)
Suojauspäivitys Windows XP:lle (KB914388)
Suojauspäivitys Windows XP:lle (KB914389)
Suojauspäivitys Windows XP:lle (KB917344)
Suojauspäivitys Windows XP:lle (KB917953)
Suojauspäivitys Windows XP:lle (KB918118)
Suojauspäivitys Windows XP:lle (KB918439)
Suojauspäivitys Windows XP:lle (KB919007)
Suojauspäivitys Windows XP:lle (KB920213)
Suojauspäivitys Windows XP:lle (KB920670)
Suojauspäivitys Windows XP:lle (KB920683)
Suojauspäivitys Windows XP:lle (KB920685)
Suojauspäivitys Windows XP:lle (KB921503)
Suojauspäivitys Windows XP:lle (KB922819)
Suojauspäivitys Windows XP:lle (KB923191)
Suojauspäivitys Windows XP:lle (KB923414)
Suojauspäivitys Windows XP:lle (KB923980)
Suojauspäivitys Windows XP:lle (KB924270)
Suojauspäivitys Windows XP:lle (KB924496)
Suojauspäivitys Windows XP:lle (KB924667)
Suojauspäivitys Windows XP:lle (KB925902)
Suojauspäivitys Windows XP:lle (KB926255)
Suojauspäivitys Windows XP:lle (KB926436)
Suojauspäivitys Windows XP:lle (KB927779)
Suojauspäivitys Windows XP:lle (KB927802)
Suojauspäivitys Windows XP:lle (KB928255)
Suojauspäivitys Windows XP:lle (KB928843)
Suojauspäivitys Windows XP:lle (KB929123)
Suojauspäivitys Windows XP:lle (KB930178)
Suojauspäivitys Windows XP:lle (KB931261)
Suojauspäivitys Windows XP:lle (KB931784)
Suojauspäivitys Windows XP:lle (KB932168)
Suojauspäivitys Windows XP:lle (KB933729)
Suojauspäivitys Windows XP:lle (KB935839)
Suojauspäivitys Windows XP:lle (KB935840)
Suojauspäivitys Windows XP:lle (KB936021)
Suojauspäivitys Windows XP:lle (KB937143)
Suojauspäivitys Windows XP:lle (KB938127)
Suojauspäivitys Windows XP:lle (KB938829)
Suojauspäivitys Windows XP:lle (KB939653)
Suojauspäivitys Windows XP:lle (KB941202)
Suojauspäivitys Windows XP:lle (KB941568)
Suojauspäivitys Windows XP:lle (KB941644)
Suojauspäivitys Windows XP:lle (KB941693)
Suojauspäivitys Windows XP:lle (KB943055)
Suojauspäivitys Windows XP:lle (KB943460)
Suojauspäivitys Windows XP:lle (KB943485)
Suojauspäivitys Windows XP:lle (KB944653)
Suojauspäivitys Windows XP:lle (KB945553)
Suojauspäivitys Windows XP:lle (KB946026)
Suojauspäivitys Windows XP:lle (KB948590)
Suojauspäivitys Windows XP:lle (KB948881)
Suojauspäivitys Windows XP:lle (KB950749)
Suojauspäivitys Windows XP:lle (KB950760)
Suojauspäivitys Windows XP:lle (KB950762)
Suojauspäivitys Windows XP:lle (KB950974)
Suojauspäivitys Windows XP:lle (KB951066)
Suojauspäivitys Windows XP:lle (KB951376)
Suojauspäivitys Windows XP:lle (KB951376-v2)
Suojauspäivitys Windows XP:lle (KB951698)
Suojauspäivitys Windows XP:lle (KB951748)
Suojauspäivitys Windows XP:lle (KB952954)
Suojauspäivitys Windows XP:lle (KB953839)
Test Drive Unlimited
Titan Poker
TVAnts 1.0
UnderCoverXP 1.14
Uniblue Registry Booster
Uninstall 1.0.0.0
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb955433)
VCRedistSetup
WIDCOMM Bluetooth-ohjelmisto
VideoLAN VLC media player 0.8.6
Winamp
Winamp Remote
Windows Defender
Windows Defender Signatures
Windows Genuine Advantage v1.3.0254.0
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live installer
Windows Live Messenger
Windows Live Photo Gallery
Windows Liven kirjautumisavustaja
Windows Liven sähköposti
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 10
Windows Media Player 11
Windows Media Player Firefox Plugin
Windows Messenger 5.1
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windowsin ohjainpaketti - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0)
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1)
Windowsin ohjainpaketti - Nokia Modem (02/15/2007 3.1)

Windowsin ohjainpaketti - Nokia Modem (05/24/2007 6.84.0.1)
WinISD beta
WinISD Pro [alpha]
WinRAR archiver
Virtua Tennis
Virtua Tennis 3
VobSub v2.23 (Remove Only)
Worms 4 Mayhem
XviD MPEG4 Video Codec (remove only)
Yahoo! Install Manager
Yahoo! Toolbar
ZENcast Organizer

Hujo · Sep 5, 2008

sähän käytät tuota firefoxsia

====================

Poista lisää poista sovelutuksesta

Yahoo! Install Manager
Yahoo! Toolbar
Crawler Toolbar with Web Security Guard
Megaupload Toolbar
Spyware Terminator

==================

Näyttää vielä olevan noita

Windows Live Photo Gallery

noita Photo juttuja siellä näyttää olevan muutamia

==================

poista vikasiedossa kansiot

C:\Program Files\Yahoo!
C:\Program Files\Crawler
C:\PROGRA~1\MEGAUP~1
C:\Program Files\Spyware Terminator

kalou90 · Sep 5, 2008

Nyt on nuo tehty paitsi näitä kansioita en löytänyt vikasietotilassa: C:\PROGRA~1\MEGAUP~1
C:\Program Files\Spyware Terminator

mitäs viel poistettavaa ois et sais photogalleryt pois?

Hujo · Sep 5, 2008

tuotako se lähtee pyörittämään

Windows Live Photo Gallery

vai mitä se lähtee siellä pyörittään

==================

scannaa uusi hjt:n loki

kalou90 · Sep 5, 2008

Hjt:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:51:23, on 5.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher.aspx?tp=aus&qkw=%s&tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MediaFace Integration] "C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136384698578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203270347109
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C8DE98D-0FBF-42D6-8225-6E33DB9589C5}: NameServer = 80.248.96.130,80.248.97.30
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 13136 bytes

tommonen ilmestyy siis!

Hujo · Sep 5, 2008

scanaa hjt:llä merkkaa paina Fix checked

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.crawler.com/search/dispatcher...w=%s&tbid=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.crawler.com/search/ie.aspx?tb_id=60076
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://dnl.crawler.com/support/sa_customize.aspx?TbId=60076
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe" -startup
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO
O16 - DPF: {3451DEDE-631F-421C-8127-FD793AFC6CC8} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {44990200-3C9D-426D-81DF-AAB636FA4345} (Symantec SmartIssue) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {44990301-3C9D-426D-81DF-AAB636FA4345} (Symantec Script Runner Class) - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab

================

viitais tuohon mikä löytyy lisää poista sovelutuksesta

Windows Live Photo Gallery

kalou90 · Sep 5, 2008

dodii nyt se tehty:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:55:25, on 5.9.2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Winamp Remote\bin\OrbTray.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE
C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe
C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
C:\Program Files\Logitech\MouseWare\system\em_exec.exe
C:\Program Files\Creative\Software Update 3\SoftAuto.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\BTTray.exe
C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
C:\Program Files\PrevxCSI\prevxcsi.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Winamp Remote\bin\Orb.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\PC Connectivity Solution\NclBTHandler.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE
C:\PROGRA~1\Creative\SHARED~1\VFSvrU.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [zBrowser Launcher] "C:\Program Files\Logitech\iTouch\iTouch.exe"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [PinnacleDriverCheck] "C:\WINDOWS\system32\PSDrvCheck.exe" -CheckReg
O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe"
O4 - HKLM\..\Run: [MediaFace Integration] "C:\Program Files\Fellowes\MediaFACE 4.2\SetHook.exe"
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_5 -reboot 1
O4 - HKCU\..\Run: [Uniblue Registry Booster] C:\Program Files\Uniblue\Registry Booster\RegistryBooster.exe /S
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray.exe" /background
O4 - HKCU\..\Run: [CTSyncU.exe] "C:\Program Files\Creative\Sync Manager Unicode\CTSyncU.exe"
O4 - HKCU\..\Run: [SoftAuto.exe] "C:\Program Files\Creative\Software Update 3\SoftAuto.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: ClientManager3.lnk = C:\Program Files\BUFFALO\Client Manager3\cm3_tray.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra 'Tools' menuitem: Titan Poker - {49783ED4-258D-4f9f-BE11-137C18D3E543} - C:\Poker\Titan Poker\casino.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O9 - Extra button: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra 'Tools' menuitem: PartyPoker.com - {B7FE5D70-9AA2-40F1-9C6B-12A255F085E1} - C:\Program Files\PartyGaming\PartyPoker\RunApp.exe
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\btsendto_ie.htm
O9 - Extra button: NordicBet Poker - {E6073F93-9541-4be4-9800-109D378EB99B} - C:\Microgaming\Poker\nordicbetMPP\MPPoker.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by13fd.bay13.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1136384698578
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1203270347109
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C8DE98D-0FBF-42D6-8225-6E33DB9589C5}: NameServer = 80.248.96.130,80.248.97.30
O23 - Service: Adobe Active File Monitor (AdobeActiveFileMonitor) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsFileAgent.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth-ohjelmisto\bin\btwdins.exe
O23 - Service: Bwsvc - BUFFALO INC. - C:\Program Files\BUFFALO\Client Manager3\bwsvc\bwsvc.exe
O23 - Service: CSIScanner - Prevx - C:\Program Files\PrevxCSI\prevxcsi.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Photoshop Elements Device Connect (PhotoshopElementsDeviceConnect) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 3.0\PhotoshopElementsDeviceConnect.exe
O23 - Service: DiRT Drivers Auto Removal (pr2ah4nc) (pr2ah4nc) - CODEMASTERS - C:\WINDOWS\system32\pr2ah4nc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:\WINDOWS\system32\sfrem01.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

--
End of file - 11675 bytes

Poistanko tuon Windows Photo Galleryn?

Hujo · Sep 5, 2008

epäilisin että kuuluu siihen se on sun päätettävissä.

Log in or Sign up

koneen hidastuminen

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

Share This Page

Log in or Sign up

koneen hidastuminen

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

kalou90 Regular member

Hujo Guest

Share This Page

Useful Searches