mulla kaksi viirusta

Discussion in 'Virukset ja haittaohjelmat' started by teijo, Dec 1, 2006.

  1. teijo

    teijo Guest

    mitenkähän nämä kaksi viirusta saisi pois..ne on kummatkin ohjauspanelissa ja ne työntää kokoajan pelkkiä pornomainoksia? ja tässä on hijackthis-muistioLogfile of HijackThis v1.99.1
    Scan saved at 16:13:57, on 1.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Video ActiveX Object\pmsngr.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\Skype\Phone\Skype.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    C:\Program Files\Logitech\Music Anywhere\LMASysTray.exe
    C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
    C:\Program Files\Skype\Plugin Manager\SkypePM.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Video ActiveX Object\pmmon.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\teijo\Työpöytä\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.fi/
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll (file missing)
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [SpywareTerminator] "C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech Music Anywhere Settings.lnk = ?
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O15 - Trusted Zone: http://*.maxiphone.fi
    O15 - Trusted Zone: http://cs.song.fi"
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {17D641AA-BD9E-45DC-A662-9B827A20DCC9} (IceSipEngine Control) - http://maxiphone.fi:8080/Songphone/Maxiphone/videoenabled4.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119976586256
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137444562125
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\Plugin Manager\Skype4COM.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - C:\WINDOWS\system32\xxfgmy.dll (file missing)
    O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe
     
    teijo, Dec 1, 2006
    #1
  2. jepsis

    jepsis Member

    Joined:
    Dec 5, 2006
    Messages:
    17
    Likes Received:
    0
    Trophy Points:
    11
    jepsis, Dec 9, 2006
    #2
  3. fixeri

    fixeri Regular member

    Joined:
    Oct 5, 2006
    Messages:
    381
    Likes Received:
    0
    Trophy Points:
    26
    merkkaa ja paina fix checked:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    O2 - BHO: (no name) - {1a1ddc19-5893-43ab-a73f-f41a0f34d115} - C:\Program Files\Video ActiveX Object\isaddon.dll (file missing)
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

    Poista tuo kansio:

    C:\Program Files\---->Video ActiveX Object<----


    Sit katotaan vielä tuolla löytyykö mitään:


    Lataa smitfraudfix:

    http://siri.urz.free.fr/Fix/SmitfraudFix.zip

    Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

    Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
    Valitse optio 1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
    Postita tämän tekstitiedoston sisältö viestiketjuusi.

    Huomaa: process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.


    Lähetä Smitfraudfix logi ja uus hjt logi.
     
    fixeri, Dec 10, 2006
    #3
  4. teijo

    teijo Guest

    Logfile of HijackThis v1.99.1
    Scan saved at 18:15:42, on 10.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Logitech\Music Anywhere\LMASysTray.exe
    C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\teijo\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech Music Anywhere Settings.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://*.maxiphone.fi
    O15 - Trusted Zone: http://cs.song.fi"
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {17D641AA-BD9E-45DC-A662-9B827A20DCC9} (IceSipEngine Control) - http://maxiphone.fi:8080/Songphone/Maxiphone/videoenabled4.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119976586256
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137444562125
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\Plugin Manager\Skype4COM.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)
    O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

     
    teijo, Dec 10, 2006
    #4
  5. fixeri

    fixeri Regular member

    Joined:
    Oct 5, 2006
    Messages:
    381
    Likes Received:
    0
    Trophy Points:
    26
    Fixaa nuo pois:

    O3 - Toolbar: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O21 - SSODL: emptins - {588599f4-de26-4c28-ba14-f4eb17e33481} - (no file)

    Ajetaan vielä AVG:llä.

    Ohje AVG Anti-Spyware 7.5:n käyttöön
    Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis työkalun toimintaa.

    Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

    Lataa AVG Anti-Spyware 7.5 http://www.ewido.net/en/download/
    ja tallenna ohjelma työpöydällesi.
    • Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
    • Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
    • Käynnistä AVG Anti-Spyware.
    • Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

    o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

    • Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
    • Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
    • Sitten "Reports" valikon alta:

    o Laita täppi kohtaan "Automatically generate report after every scan"
    o Ota täppi pois kohdasta"Only if threats were found"

    • Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
    • "Resident shield is", muuta tila active:sta inactive:ksi
    • Sulje ohjelma, ÄLÄ skannaa vielä.
    Käynnistä koneesi vikasietotilaan,

    sammuta ja käynnistä
    käynnistyksen yhteydessä naputtele F8
    valitse nuoli näppäimellä vikasietotila
    paina enter ja enter

    HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.
    • Kun vikasietotilassa, käynnistä AVG Anti-Spyware.
    • Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
    • Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

    Kun skannaus on valmis:
    TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
    • Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
    • Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

    • Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
    • Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.

    • Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.
     
    fixeri, Dec 10, 2006
    #5
  6. teijo

    teijo Guest

    Logfile of HijackThis v1.99.1
    Scan saved at 10:22:57, on 11.12.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.5730.0011)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Sygate\SPF\smc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\WINDOWS\system32\CTsvcCDA.EXE
    C:\Program Files\Executive Software\Diskeeper\DkService.exe
    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\Program Files\Spyware Doctor\sdhelp.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\wdfmgr.exe
    C:\Program Files\Microsoft IntelliType Pro\type32.exe
    C:\Program Files\Microsoft IntelliPoint\point32.exe
    C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\RunDLL32.exe
    C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE
    C:\WINDOWS\CTHELPER.EXE
    C:\WINDOWS\system32\CTXFIHLP.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    C:\Program Files\Winamp\winampa.exe
    C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
    C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
    C:\Program Files\Spyware Doctor\swdoctor.exe
    C:\Program Files\Logitech\Music Anywhere\LMASysTray.exe
    C:\WINDOWS\system32\LVComS.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\Program Files\Creative\ShareDLL\CADI\NotiMan.exe
    C:\Program Files\Skype\Plugin Manager\SkypePM.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\teijo\Työpöytä\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
    O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe"
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe"
    O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [kis] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe"
    O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Executive Software\Diskeeper\DkIcon.exe"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [CTDVDDET] "C:\Program Files\Creative\Sound Blaster X-Fi\DVDAudio\CTDVDDET.EXE"
    O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
    O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
    O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
    O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
    O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
    O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe" /SCB
    O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware Doctor\swdoctor.exe" /Q
    O4 - Startup: PowerReg Scheduler.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Logitech Music Anywhere Settings.lnk = ?
    O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
    O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
    O8 - Extra context menu item: Add to Kaspersky Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\\ie_banner_deny.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\shdocvw.dll
    O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
    O11 - Options group: [INTERNATIONAL] International*
    O15 - Trusted Zone: http://*.maxiphone.fi
    O15 - Trusted Zone: http://cs.song.fi"
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
    O16 - DPF: {17D641AA-BD9E-45DC-A662-9B827A20DCC9} (IceSipEngine Control) - http://maxiphone.fi:8080/Songphone/Maxiphone/videoenabled4.cab
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1119976586256
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1137444562125
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
    O16 - DPF: {9D190AE6-C81E-4039-8061-978EBAD10073} (F-Secure Online Scanner 3.0) - http://support.f-secure.com/ols/fscax.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab
    O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Skype\Plugin Manager\Skype4COM.dll
    O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
    O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
    O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp.exe" -r (file missing)
    O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE
    O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
    O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:\Program Files\Spyware Doctor\sdhelp.exe
    O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe

     
    teijo, Dec 10, 2006
    #6
  7. teijo

    teijo Guest

    hewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.597:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.247realmedia : Cleaned.
    :mozilla.333:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.334:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.335:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.336:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.372:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.464:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.498:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.455:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.456:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.344:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.345:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adjuggler : Cleaned.
    :mozilla.184:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.207:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.208:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.209:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.210:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.168:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.453:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.516:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.328:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
    :mozilla.33:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.433:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.359:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.248:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.293:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
    :mozilla.349:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.467:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.500:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.510:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.94:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.95:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.99:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.276:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.547:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.558:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Overture : Cleaned.
    :mozilla.373:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.374:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
    :mozilla.272:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.273:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.274:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.275:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
    :mozilla.259:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.260:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.261:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Revenue : Cleaned.
    :mozilla.30:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.31:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.34:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.35:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.36:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.37:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.488:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.489:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.454:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tacoda : Cleaned.
    :mozilla.38:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.39:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.40:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.41:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.530:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Trafic : Cleaned.
    :mozilla.586:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.587:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.588:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.615:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Valuead : Cleaned.
    :mozilla.507:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.508:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Weborama : Cleaned.
    :mozilla.264:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.614:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.254:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.255:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.256:C:\Documents and Settings\teijo\Application Data\Mozilla\Firefox\Profiles\shewd1ah.Oletuskäyttäjä\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.


    ::Report end

     
    teijo, Dec 10, 2006
    #7

Share This Page