Ongelmana cid popupit

Näitä pop-uppeja singahtelee näytölle vähän väliä. Itse en oikein osaa asialle mitään tehdä, ja apua todella kaivattaisiin!

HijackThis logit:

Logfile of HijackThis v1.99.1
Scan saved at 12:06:00, on 30.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\TS\Työpöytä\scanner.exe.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.dfinindjrsvsgvml.com/ru_eM6pmgLEk0q3NfszVaSqI4cG4ieaoWv42uf8qvvqZSFGhVlV0TceCfZ56Nor1.cgi
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {3581CCF8-6756-8F08-0F21-2549D58E78A6} - C:\DOCUME~1\TS\APPLIC~1\BITSBO~1\mp3 loud.exe (file missing)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [logo drive pure extra] C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\DRIVEONLINE.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKLM\..\Run: [flag loud mp3 bore] C:\Documents and Settings\All Users\Application Data\Phone store flag loud\blah enc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [rdr bold] C:\DOCUME~1\TS\APPLIC~1\SAVEOP~1\FILE LICENSE BIN.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S1025.tmp" /EF "HKCU"
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: KeenValue.lnk = C:\Program Files\Common Files\KeenValue\keenvalue.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Tuki - {4B6FAFCE-0159-47C0-8D39-CB9CF426E462} - http://tuki.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {8EB234C1-96A6-4F1F-A9CD-D16DF849F613} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {C7CEB2CF-7962-41C2-80E1-9B59963A614F} - http://service.kolumbus.fi/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1854001.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

Poista lisää poista sovelutuksesta

REALBAR

scannaa hjt:llä merkkaa paina Fix checked

O2 - BHO: (no name) - {3581CCF8-6756-8F08-0F21-2549D58E78A6} - C:\DOCUME~1\TS\APPLIC~1\BITSBO~1\mp3 loud.exe (file missing)
O2 - BHO: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:\PROGRA~1\COMMON~1\Real\Toolbar\realbar.dll
O4 - HKLM\..\Run: [logo drive pure extra] C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\DRIVEONLINE.exe
O4 - HKLM\..\Run: [flag loud mp3 bore] C:\Documents and Settings\All Users\Application Data\Phone store flag loud\blah enc.exe
O4 - HKCU\..\Run: [rdr bold] C:\DOCUME~1\TS\APPLIC~1\SAVEOP~1\FILE LICENSE BIN.exe
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O16 - DPF: {1230CB21-C88D-11CF-B347-000000000000} - http://www.eingang69.de/EroticAccess/Cabs/1854001.cab

===========================

Lataa SmitfraudFix (c) S!Ri
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.

========================

Lataa NoLop työpöydällesi yhdestä seuraavista linkeistä...
Linkki1
Linkki2
Linkki3

1.Sulje kaikki ohjelmat, koska tämä vaihe vaatii uudelleenkäynnistyksen
2.Tuplaklikkaa NoLop.exe ajaaksesi sen
3.Klikkaa nappulaa "Search and Destroy"
<<Tietokoneesi skannataan saastuneiden tiedostojen osalta>>
4, Kun skannaus on valmis, sinua pyydetään käynnistämään kone uudestaan, jos infektio löytyy. Klikkaa OK
5. Klikkaa "REBOOT"-painiketta.
6. NoLopin pitäisi antaa viesti. Jos ei, tuplaklikkaa ohjelmaa ja se valmistuu. Lähetä C:\NoLop.log-tiedoston sisältö uuden HijackThis-lokin kera.
-- Jos saat seuraavan virheen, "mscomctl.ocx or one of its dependencies are not correctly registered," lataa mscomctl.ocx ja tallenna se system32-hakemistoosi (yleensä c:\Windows\system32). Tämän jälkeen aja ohjelma uudestaan.

 

En löytänyt lisää & poista sovellutuksesta Realbaria, jatkanko silti muiden ohjeiden mukaan vai onko niistä apua jos tuota ei ole poistettu?

 

jatka vain eteen päin

 

SmitFraudFix v2.233

Scan done at 13:21:44,18, su 30.09.2007
Run from C:\Documents and Settings\TS\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TS


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TS\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\TS\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Paketinajoituksen miniportti
DNS Server Search Order: 193.210.18.18
DNS Server Search Order: 193.210.19.19

Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Paketinajoituksen miniportti
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS1\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS3\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End





NoLop! Log by Skate_Punk_21

Fix running from: C:\Documents and Settings\TS\Työpöytä
[30.9.2007]
[13:25:12]

---Infection Files Found/Removed---
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\bin audio.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\CityExit.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\Deaf Send.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\Drive corn.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\DRIVEONLINE.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\OneLogo.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\stupid blue.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\Third scr.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\THISNURB.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\TRAYFRAG.exe
C:\Documents and Settings\All Users\Application Data\Bold Keep Logo Drive\warn name.exe
C:\Documents and Settings\Vieras\Application Data\SAVE OPTION USER\iztbgivp.exe

Beginning Removal...
Rebooting...
Removing Lop's Leftover Files/Folders...
Editing Registry...
**Fix Complete!**

---Listing AppData sub directories---

C:\Documents and Settings\All Users\Application Data\Adobe
C:\Documents and Settings\All Users\Application Data\Apple Computer
C:\Documents and Settings\All Users\Application Data\Bleh 32 Info Bore
C:\Documents and Settings\All Users\Application Data\Creative
C:\Documents and Settings\All Users\Application Data\Epson
C:\Documents and Settings\All Users\Application Data\Ifi
C:\Documents and Settings\All Users\Application Data\Lavasoft
C:\Documents and Settings\All Users\Application Data\Messenger Plus!
C:\Documents and Settings\All Users\Application Data\Microsoft
C:\Documents and Settings\All Users\Application Data\Msn6
C:\Documents and Settings\All Users\Application Data\Olympus
C:\Documents and Settings\All Users\Application Data\Phone Store Flag Loud
C:\Documents and Settings\All Users\Application Data\Quicktime
C:\Documents and Settings\All Users\Application Data\Support.com
C:\Documents and Settings\All Users\Application Data\Udl
C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
C:\Documents and Settings\Default User\Application Data\Microsoft
C:\Documents and Settings\Jani\Application Data\Adobe
C:\Documents and Settings\Jani\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Jani\Application Data\Apple Computer
C:\Documents and Settings\Jani\Application Data\Creative
C:\Documents and Settings\Jani\Application Data\Identities
C:\Documents and Settings\Jani\Application Data\Installshield
C:\Documents and Settings\Jani\Application Data\Installshield Installation Information
C:\Documents and Settings\Jani\Application Data\Macromedia
C:\Documents and Settings\Jani\Application Data\Microsoft
C:\Documents and Settings\Jani\Application Data\Mozilla
C:\Documents and Settings\Jani\Application Data\Real
C:\Documents and Settings\Jani\Application Data\Sports Interactive
C:\Documents and Settings\Jani\Application Data\Sun
C:\Documents and Settings\Localservice\Application Data\Microsoft
C:\Documents and Settings\Networkservice\Application Data\Microsoft
C:\Documents and Settings\Opiskelu\Application Data\Identities
C:\Documents and Settings\Opiskelu\Application Data\Macromedia
C:\Documents and Settings\Opiskelu\Application Data\Microsoft
C:\Documents and Settings\Opiskelu\Application Data\Mozilla
C:\Documents and Settings\Opiskelu\Application Data\Real
C:\Documents and Settings\Ts\Application Data\Adobe
C:\Documents and Settings\Ts\Application Data\Adobeum -- EMPTY Directory
C:\Documents and Settings\Ts\Application Data\Apple Computer
C:\Documents and Settings\Ts\Application Data\Epson
C:\Documents and Settings\Ts\Application Data\Fotowire
C:\Documents and Settings\Ts\Application Data\Help
C:\Documents and Settings\Ts\Application Data\Hewlett-packard
C:\Documents and Settings\Ts\Application Data\Identities
C:\Documents and Settings\Ts\Application Data\Ifi
C:\Documents and Settings\Ts\Application Data\Installshield
C:\Documents and Settings\Ts\Application Data\Intertrust
C:\Documents and Settings\Ts\Application Data\Intervideo
C:\Documents and Settings\Ts\Application Data\Kazaa Lite
C:\Documents and Settings\Ts\Application Data\Lavasoft -- EMPTY Directory
C:\Documents and Settings\Ts\Application Data\Macromedia
C:\Documents and Settings\Ts\Application Data\Microsoft
C:\Documents and Settings\Ts\Application Data\Mozilla
C:\Documents and Settings\Ts\Application Data\Msn6
C:\Documents and Settings\Ts\Application Data\Real
C:\Documents and Settings\Ts\Application Data\Save Option User
C:\Documents and Settings\Ts\Application Data\Sun
C:\Documents and Settings\Vieras\Application Data\Adobe
C:\Documents and Settings\Vieras\Application Data\Apple Computer
C:\Documents and Settings\Vieras\Application Data\Hewlett-packard
C:\Documents and Settings\Vieras\Application Data\Identities
C:\Documents and Settings\Vieras\Application Data\Intervideo
C:\Documents and Settings\Vieras\Application Data\Macromedia
C:\Documents and Settings\Vieras\Application Data\Microsoft
C:\Documents and Settings\Vieras\Application Data\Mozilla
C:\Documents and Settings\Vieras\Application Data\Real
C:\Documents and Settings\Vieras\Application Data\Sun



HijackThis-loki:

Logfile of HijackThis v1.99.1
Scan saved at 13:36:23, on 30.9.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\TS\Työpöytä\scanner.exe.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - toimittaja Elisa Internet
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;localhost;<local>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb07.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tgcmd] "C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe" /server /startmonitor /deaf
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [OM2_Monitor] "C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe"
O4 - HKCU\..\Run: [EPSON Stylus DX5000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBVE.EXE /FU "C:\WINDOWS\TEMP\E_S1025.tmp" /EF "HKCU"
O4 - Startup: SMC2602W 11Mbps WLAN Monitor.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Date Manager.lnk = C:\Program Files\Date Manager\DateManager.exe
O4 - Global Startup: KeenValue.lnk = C:\Program Files\Common Files\KeenValue\keenvalue.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: PrecisionTime.lnk = C:\Program Files\PrecisionTime\PrecisionTime.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: Tuki - {4B6FAFCE-0159-47C0-8D39-CB9CF426E462} - http://tuki.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: SMS-viesti - {8EB234C1-96A6-4F1F-A9CD-D16DF849F613} - http://sms.kolumbus.fi/ (file missing) (HKCU)
O9 - Extra button: Palvelut - {C7CEB2CF-7962-41C2-80E1-9B59963A614F} - http://service.kolumbus.fi/ (file missing) (HKCU)
O11 - Options group: [INTERNATIONAL] International*
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab
O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) - http://rimmel.ai-media.com/save/makeover.cab
O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure BackWeb (BackWeb Client - 7681197) - Unknown owner - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: F-Secure BackWeb LAN Access - Unknown owner - C:\Program Files\F-Secure\BackWeb\7681197\Program\fsbwlan.exe
O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: F-Secure Authentication Agent (FSAA) - F-Secure Corporation. All Rights Reserved. - C:\Program Files\F-Secure\Common\FSAA.EXE
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\System32\HPZipm12.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

 

Painetaan tuosta raskaalla jyrällä

Escan
Ohjeet tuolla sivulla.
http://koti.mbnet.fi/pattaya1/escanmwav.htm
lataa tuosta
http://www.spywareinfo.dk/download/mwav.exe
päivitä tuosta
http://koti.mbnet.fi/pattaya1/lataus/Mwav.bat
laita täpit merkkauksien mukaan
http://koti.mbnet.fi/pattaya1/eScan6.jpg

scannaa

jos ala luukkuun tulee jotain niin kopioi se näin:
Käytä komentoa Ctrl+A.
Kopioi rivit komennolla Ctrl+C.
Liitä rivit komennolla Ctrl+V.

Laita virus log tänne.

 

Tässä nyt tämä virus log:

File C:\WINDOWS\system32\ia.dll tagged as not-a-virusialer.Win32.E-Group.i. No Action Taken.
File C:\Documents and Settings\All Users\Application Data\Phone store flag loud\blah enc.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Application Data\SAVE OPTION USER\PingForkToolSect.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Application Data\SAVE OPTION USER\rkgsyhtk.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\2hhszvsu.exe tagged as not-a-virusownloader.Win32.WinFixer.d. No Action Taken.
File C:\Documents and Settings\TS\Local Settings\Temp\cogujxky.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\evgoxcwk.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\kdltvynf.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\keenvalueUninstall.exe infected by "Trojan-Downloader.Win32.Keenval" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\kvlhookwin.dll infected by "Trojan-Downloader.Win32.Keenval.p" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\oseqmqxu.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\PerfectNavUninstall.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\remove.exe infected by "Trojan-Downloader.Win32.Keenval.f" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\staAAF.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\sxwexjlv.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\UpdatedKeenValueInstall.exe infected by "Trojan-Downloader.Win32.Keenval" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\UpdatedUpdaterInstall.exe infected by "Trojan-Downloader.Win32.Keenval" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\TS\Local Settings\Temp\vijflnyh.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\wcomnzqn.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\TS\Local Settings\Temp\WUSV_UNIVInst.exe tagged as not-a-virus:AdWare.Win32.SaveNow.c. No Action Taken.
File C:\Documents and Settings\TS\Local Settings\Temp\__unin__.exe tagged as not-a-virus:AdWare.Win32.Altnet.b. No Action Taken.
File C:\Documents and Settings\TS\Työpöytä\SmitfraudFix\SmitfraudFix\Reboot.exe tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Documents and Settings\TS\Työpöytä\SmitfraudFix.zip tagged as not-a-virus:RiskTool.Win32.Reboot.f. No Action Taken.
File C:\Documents and Settings\Vieras\Local Settings\Temp\kvlhookwin.dll infected by "Trojan-Downloader.Win32.Keenval.p" Virus. Action Taken: File Deleted.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAA0.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAA1.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAA2.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAA3.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAAC.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staAAD.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temp\staBF8.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temporary Internet Files\Content.IE5\4HWBOVKR\content23700-0[1].htm tagged as not-a-virus:AdWare.Win32.Gator.k. No Action Taken.
File C:\Documents and Settings\Vieras\Local Settings\Temporary Internet Files\Content.IE5\4HWBOVKR\upAYB[1].int infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\Documents and Settings\Vieras\Local Settings\Temporary Internet Files\Content.IE5\QDCJY965\ErrorSafeFreeInstall_fi[1].exe tagged as not-a-virusownloader.Win32.WinFixer.d. No Action Taken.
File C:\NoLopBackups\Bin Audio.exe.01.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Camp Cake.exe.02.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Cityexit.exe.03.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Deaf Send.exe.04.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Drive Corn.exe.05.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Driveonline.exe.06.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Eachobj.exe.07.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\File License Bin.exe.0167.infected infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\NoLopBackups\Iztbgivp.exe.0168.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Onelogo.exe.09.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Stupid Blue.exe.010.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Third Scr.exe.011.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Thisnurb.exe.012.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Trayfrag.exe.013.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\NoLopBackups\Warn Name.exe.015.infected tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL tagged as not-a-virus:AdWare.Win32.MyWay.w. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP914\A0131005.exe infected by "Trojan-Downloader.Win32.Keenval.m" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP914\A0131007.exe tagged as not-a-virus:AdWare.Win32.PowerSearch.a. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP914\A0131008.exe infected by "Trojan-Downloader.Win32.Keenval.k" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP931\A0133925.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP932\A0133927.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP932\A0134021.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP932\A0134040.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP932\A0135039.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135263.exe tagged as not-a-virus:AdTool.Win32.WhenU.i. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135269.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135282.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135311.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135329.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135380.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933\A0135414.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135649.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135677.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135704.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135705.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135706.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135707.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135708.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135709.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135710.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135711.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135712.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135713.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135714.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135715.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135716.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135717.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135718.exe tagged as not-a-virus:AdWare.Win32.Lop.bb. No Action Taken.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135722.exe infected by "Packed.Win32.PolyCrypt.d" Virus. Action Taken: File Renamed.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135733.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135734.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135735.exe infected by "Trojan.Win32.Obfuscated.en" Virus. Action Taken: File Deleted.
File C:\WINDOWS\system32\ia.dll tagged as not-a-virusialer.Win32.E-Group.i. No Action Taken.

 

katos sitten että menee karanteeniin

Ohje AVG:n Anti-Spyware 7.5:n käyttöön
Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis:n työkalun toimintaa.

Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta

Lataa AVG:n Anti-Spyware 7.5:n
ja tallenna ohjelma työpöydällesi.
o Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
o Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
o Käynnistä AVG:n Anti-Spyware.
o Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.

o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

o Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
o Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".

o Sitten "Reports" valikon alta:
o Laita täppi kohtaan "Automatically generate report after every scan"
o Ota täppi pois kohdasta"Only if threats were found"

o Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
o "Resident shield is", muuta tila active:sta inactive:ksi
o Sulje ohjelma, ÄLÄ skannaa vielä.

Käynnistä koneesi vikasietotilaan,
sammuta ja käynnistä
käynnistyksen yhteydessä naputtele F8
valitse nuoli näppäimellä vikasietotila
paina enter ja enter

HUOM! Älä käytä muita ohjelmia AVG:n skannauksen aikana, tämä saattaa häiritä skannausta.
o Kun vikasietotilassa, käynnistä AVG:n Anti-Spyware.
o Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
o Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

Kun skannaus on valmis:
TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
o Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
o Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"

o Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
o Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
o Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi.

===============

Lataa tuolta http://www.ccleaner.com/download/builds.aspx
CCleaner v2.00.500 - Standard Build, ÄLÄ aseenna Yahoo toolbaria!

laita asetukset näin:
Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot.

aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma
aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi

 

AVG:n raportti

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 19:49:40 30.9.2007

+ Scan result:



C:\Documents and Settings\TS\Local Settings\Temp\__unin__.exe -> Adware.Altnet : Cleaned with backup (quarantined).
HKLM\SOFTWARE\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
HKU\S-1-5-21-527237240-796845957-682003330-1004\Software\Cydoor -> Adware.Cydoor : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934\A0135722.exe.mwt -> Adware.Lop : Cleaned with backup (quarantined).
C:\Program Files\Common Files\Real\WeatherBug\MiniBugTransporter.dll -> Adware.Minibug : Cleaned with backup (quarantined).
C:\Documents and Settings\TS\Local Settings\Temp\p2psetup.exe -> Adware.P2PNet : Cleaned with backup (quarantined).
C:\WINDOWS\system32\ia.dll -> Dialer.EGroup.i : Cleaned with backup (quarantined).
HKU\S-1-5-21-527237240-796845957-682003330-1004\Software\Premium Web Service -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-527237240-796845957-682003330-1004\Software\Premium Web Service\Content Browser -> Dialer.Generic : Cleaned with backup (quarantined).
HKU\S-1-5-21-527237240-796845957-682003330-1004\Software\Premium Web Service\Content Browser\Settings -> Dialer.Generic : Cleaned with backup (quarantined).
C:\Documents and Settings\TS\Local Settings\Temp\2hhszvsu.exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup (quarantined).
C:\Documents and Settings\Vieras\Local Settings\Temporary Internet Files\Content.IE5\QDCJY965\ErrorSafeFreeInstall_fi[1].exe -> Not-A-Virus.Downloader.Win32.WinFixer.d : Cleaned with backup (quarantined).
:mozilla.149:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.150:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.151:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.152:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.204:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@blinck.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@blinck.112.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@blinck.112.2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@msnaccountservices.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@msnportal.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@partygaming.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@partygaming.122.2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@partygaming.122.2o7[3].txt -> TrackingCookie.2o7 : Cleaned.
C:\Documents and Settings\Vieras\Cookies\vieras@2o7[2].txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.178:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.180:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.76:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.77:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@adtech[2].txt -> TrackingCookie.Adtech : Cleaned.
:mozilla.10:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.11:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.128:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.129:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.12:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.130:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.131:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@advertising[2].txt -> TrackingCookie.Advertising : Cleaned.
:mozilla.115:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.25:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@atdmt[2].txt -> TrackingCookie.Atdmt : Cleaned.
:mozilla.266:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.267:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.268:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
:mozilla.592:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Cnn : Cleaned.
:mozilla.225:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.139:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.140:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.141:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.142:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.143:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.144:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.145:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.146:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.147:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.148:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.164:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.165:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.201:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.233:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.251:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.254:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.667:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.668:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.669:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.670:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.671:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.672:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.673:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.674:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.675:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.676:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.677:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.678:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.679:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.776:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.777:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.778:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.779:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.780:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.781:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Connextra : Cleaned.
:mozilla.114:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned.
:mozilla.25:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.43:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.67:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@doubleclick[2].txt -> TrackingCookie.Doubleclick : Cleaned.
:mozilla.265:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@as-eu.falkag[2].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@as-eu.falkag[1].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@as-eu.falkag[3].txt -> TrackingCookie.Falkag : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@as-eu.falkag[4].txt -> TrackingCookie.Falkag : Cleaned.
:mozilla.225:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.226:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@fastclick[2].txt -> TrackingCookie.Fastclick : Cleaned.
:mozilla.88:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.115:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.116:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.118:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.281:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
:mozilla.19:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.20:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.266:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.267:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@search.live[1].txt -> TrackingCookie.Live : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@server.iad.liveperson[1].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@server.iad.liveperson[2].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@server.iad.liveperson[4].txt -> TrackingCookie.Liveperson : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@www.lop[2].txt -> TrackingCookie.Lop : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@www.lop[2].txt -> TrackingCookie.Lop : Cleaned.
:mozilla.137:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
:mozilla.7:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Netflame : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@data2.perf.overture[2].txt -> TrackingCookie.Overture : Cleaned.
:mozilla.664:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.161:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.162:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Pro-market : Cleaned.
:mozilla.117:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.118:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned.
:mozilla.271:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.272:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.273:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.274:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.275:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned.
:mozilla.128:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.129:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.130:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.131:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.285:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.286:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.287:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.288:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.289:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.290:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@bs.serving-sys[2].txt -> TrackingCookie.Serving-sys : Cleaned.
:mozilla.157:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned.
:mozilla.21:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.22:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.23:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.24:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.58:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.59:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.60:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.61:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.62:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.6:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.71:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned.
:mozilla.14:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.17:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.41:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.7:C:\Documents and Settings\Opiskelu\Application Data\Mozilla\Firefox\Profiles\ywytvpbi.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@statistik-gallup[1].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@statistik-gallup[2].txt -> TrackingCookie.Statistik-gallup : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@statistik-gallup[3].txt -> TrackingCookie.Statistik-gallup : Cleaned.
:mozilla.10:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.11:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.56:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.7:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.8:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.96:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.97:C:\Documents and Settings\TS\Application Data\Mozilla\Firefox\Profiles\o8gqfuax.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
:mozilla.9:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@tradedoubler[2].txt -> TrackingCookie.Tradedoubler : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned.
C:\Documents and Settings\Vieras\Cookies\vieras@m.webtrends[2].txt -> TrackingCookie.Webtrends : Cleaned.
:mozilla.136:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.137:C:\Documents and Settings\Vieras\Application Data\Mozilla\Firefox\Profiles\ocpcho00.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
:mozilla.12:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.13:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.14:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.15:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.16:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.17:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.18:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.25:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@ad.yieldmanager[2].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@ad.yieldmanager[3].txt -> TrackingCookie.Yieldmanager : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@ad.yieldmanager[4].txt -> TrackingCookie.Yieldmanager : Cleaned.
:mozilla.166:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.167:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
:mozilla.168:C:\Documents and Settings\Jani\Application Data\Mozilla\Firefox\Profiles\1hlurbdr.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\Jani\Cookies\jani@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@zedo[1].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@zedo[2].txt -> TrackingCookie.Zedo : Cleaned.
C:\Documents and Settings\TS\Cookies\ts@zedo[3].txt -> TrackingCookie.Zedo : Cleaned.


::Report end

 

Lataa SmitfraudFix (c) S!Ri
Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi:

Avaa SmitfraudFix kansio ja tupla-klikkaa smitfraudfix.cmd
Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
Postita tämän tekstitiedoston sisältö viestiketjuusi.

Huomaa : process.exe filun tunnistaa jotkut Anti-virus ohjelmat (AntiVir, Dr.Web, Kaspersky) "Haittakaluna"; se ei ole virus, vaan ohjelma joka pysäyttää prosesseja. A/V ohjelmat eivät pysty tunnistamaan hyvän ja pahan käytön tälläisten ohjelmian väliltä, silloin ne saattavat varoittaa käyttäjää.

======================

• Avaa HiJackThis
• Klikkaa "Configure" valintaa oikealla alhaalla
• Klikkaa "Misc Tools"
• Klikkaa boxia joka sanoo "Uninstall Manager"
• Klikkaa valintaa "Save list"
• Kopioi ja liitä kyseinen lista muistiosta postiisi

 

SmitFraudFix v2.233

Scan done at 20:21:18,12, su 30.09.2007
Run from C:\Documents and Settings\TS\Ty”p”yt„\SmitfraudFix\SmitfraudFix
OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\iTunesHelper.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Sonera\InternetAvustaja\bin\tgcmd.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\BackWeb-7681197.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TS


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\TS\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\TS\Suosikit


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="Nykyinen kotisivu"


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Rustock



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Paketinajoituksen miniportti
DNS Server Search Order: 193.210.18.18
DNS Server Search Order: 193.210.19.19

Description: Realtek RTL8139 Family PCI Fast Ethernet NIC - Paketinajoituksen miniportti
DNS Server Search Order: 192.168.2.1

HKLM\SYSTEM\CCS\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CCS\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS1\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS1\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS3\Services\Tcpip\..\{788EADFF-1613-437F-B6B7-0226F63F4FDF}: DhcpNameServer=192.168.2.1
HKLM\SYSTEM\CS3\Services\Tcpip\..\{DBE2DDA0-1173-4AC9-BFAE-3D4053577ED7}: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=193.210.18.18 193.210.19.19


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

----------------------------------------------------
HJT:

ABBYY FineReader 6.0 Sprint
Ad-Aware 2007
Adobe Acrobat 5.0
Adobe Download Manager 2.0 (Poista ainoastaan)
Adobe Photoshop 6.0
Adobe Reader 7.0.7
ADSL Pure Bridge Utility
Apple Software Update
ATI Control Panel
ATI Display Driver
AudibleManager
AVG Anti-Spyware 7.5
Camera RAW Plug-In for EPSON Creativity Suite
CCleaner (remove only)
Creative MediaSource 5
Creative Removable Disk Manager
Creative System Information
Creative ZEN V Series (R2)
EPSON Attach To Email
EPSON Copy Utility 3
EPSON Easy Photo Print
EPSON File Manager
EPSON Scan
EPSON Scan Assistant
EPSON Web-To-Page
EPSON-tulostinohjelma
ESDX5000_CX4900 Käyttöopas
FlowGoBar Toolbar for IE
Football Manager 2007
F-Secure Anti-Virus
F-Secure BackWeb
F-Secure Management Agent
HijackThis 1.99.1
Hotfix for Windows XP (KB915865)
Hotfix-päivitys Windows XP:lle (KB914440)
HP-muistolevy
Ifi Tilausohjelma 3.5
InterActual Player
InterVideo WinDVD
iTunes
J2SE Runtime Environment 5.0 Update 6
Logitech Desktop Messenger
Logitech Print Service
Macromedia Flash Player 8
Macromedia Shockwave Player
Messenger Plus! 3 & Sponsor
Messenger Plus! Live & Sponsor
Microsoft Internationalized Domain Names Mitigation APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office XP Media Content
Microsoft Office XP Standard opiskelijoille ja opettajille
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.7)
MSN Työkalupalkki
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 Parser and SDK
Network Play System (Patching)
OLYMPUS CAMEDIA Master 4.1
OLYMPUS Master 2
Päivitys Windows XP:lle (KB894391)
Päivitys Windows XP:lle (KB896727)
Päivitys Windows XP:lle (KB898461)
Päivitys Windows XP:lle (KB900485)
Päivitys Windows XP:lle (KB904942)
Päivitys Windows XP:lle (KB910437)
Päivitys Windows XP:lle (KB911280)
Päivitys Windows XP:lle (KB916595)
Päivitys Windows XP:lle (KB920872)
Päivitys Windows XP:lle (KB922582)
Päivitys Windows XP:lle (KB927891)
Päivitys Windows XP:lle (KB929338)
Päivitys Windows XP:lle (KB930916)
Päivitys Windows XP:lle (KB931836)
Päivitys Windows XP:lle (KB933360)
Päivitys Windows XP:lle (KB938828)
QuickTime
RealPlayer
Realtek AC'97 Audio
SAMSUNG CDMA Modem Driver Set
Samsung Mobile USB Modem Software
Samsung PC Studio II 2.0 PIMS & File Manager
SMC2602W 11Mbps Wireless PCI Card
Sonera Internet Avustaja
Suojauspäivitys ohjelmistolle Windows XP (KB923689)
Suojauspäivitys Windows Internet Explorer 7:lle (KB928090)
Suojauspäivitys Windows Internet Explorer 7:lle (KB929969)
Suojauspäivitys Windows Internet Explorer 7:lle (KB931768)
Suojauspäivitys Windows Internet Explorer 7:lle (KB933566)
Suojauspäivitys Windows Internet Explorer 7:lle (KB937143)
Suojauspäivitys Windows Internet Explorer 7:lle (KB938127)
Suojauspäivitys Windows Media Player 10:lle (KB917734)
Suojauspäivitys Windows Media Player 10:lle (KB936782)
Suojauspäivitys Windows Media Player 6.4:lle (KB925398)
Suojauspäivitys Windows Media Player 9:lle (KB911565)
Suojauspäivitys Windows Media Player 9:lle (KB917734)
Suojauspäivitys Windows Media Playerille (KB911564)
Suojauspäivitys Windows XP:lle (KB883939)
Suojauspäivitys Windows XP:lle (KB890046)
Suojauspäivitys Windows XP:lle (KB893756)
Suojauspäivitys Windows XP:lle (KB896358)
Suojauspäivitys Windows XP:lle (KB896422)
Suojauspäivitys Windows XP:lle (KB896423)
Suojauspäivitys Windows XP:lle (KB896424)
Suojauspäivitys Windows XP:lle (KB896428)
Suojauspäivitys Windows XP:lle (KB896688)
Suojauspäivitys Windows XP:lle (KB899587)
Suojauspäivitys Windows XP:lle (KB899588)
Suojauspäivitys Windows XP:lle (KB899591)
Suojauspäivitys Windows XP:lle (KB900725)
Suojauspäivitys Windows XP:lle (KB901017)
Suojauspäivitys Windows XP:lle (KB901214)
Suojauspäivitys Windows XP:lle (KB902400)
Suojauspäivitys Windows XP:lle (KB903235)
Suojauspäivitys Windows XP:lle (KB904706)
Suojauspäivitys Windows XP:lle (KB905414)
Suojauspäivitys Windows XP:lle (KB905749)
Suojauspäivitys Windows XP:lle (KB905915)
Suojauspäivitys Windows XP:lle (KB908519)
Suojauspäivitys Windows XP:lle (KB908531)
Suojauspäivitys Windows XP:lle (KB911562)
Suojauspäivitys Windows XP:lle (KB911567)
Suojauspäivitys Windows XP:lle (KB911927)
Suojauspäivitys Windows XP:lle (KB912812)
Suojauspäivitys Windows XP:lle (KB912919)
Suojauspäivitys Windows XP:lle (KB913446)
Suojauspäivitys Windows XP:lle (KB913580)
Suojauspäivitys Windows XP:lle (KB914388)
Suojauspäivitys Windows XP:lle (KB914389)
Suojauspäivitys Windows XP:lle (KB916281)
Suojauspäivitys Windows XP:lle (KB917159)
Suojauspäivitys Windows XP:lle (KB917344)
Suojauspäivitys Windows XP:lle (KB917422)
Suojauspäivitys Windows XP:lle (KB917953)
Suojauspäivitys Windows XP:lle (KB918118)
Suojauspäivitys Windows XP:lle (KB918439)
Suojauspäivitys Windows XP:lle (KB918899)
Suojauspäivitys Windows XP:lle (KB919007)
Suojauspäivitys Windows XP:lle (KB920213)
Suojauspäivitys Windows XP:lle (KB920214)
Suojauspäivitys Windows XP:lle (KB920670)
Suojauspäivitys Windows XP:lle (KB920683)
Suojauspäivitys Windows XP:lle (KB920685)
Suojauspäivitys Windows XP:lle (KB921398)
Suojauspäivitys Windows XP:lle (KB921503)
Suojauspäivitys Windows XP:lle (KB921883)
Suojauspäivitys Windows XP:lle (KB922616)
Suojauspäivitys Windows XP:lle (KB922760)
Suojauspäivitys Windows XP:lle (KB922819)
Suojauspäivitys Windows XP:lle (KB923191)
Suojauspäivitys Windows XP:lle (KB923414)
Suojauspäivitys Windows XP:lle (KB923694)
Suojauspäivitys Windows XP:lle (KB923980)
Suojauspäivitys Windows XP:lle (KB924191)
Suojauspäivitys Windows XP:lle (KB924270)
Suojauspäivitys Windows XP:lle (KB924496)
Suojauspäivitys Windows XP:lle (KB924667)
Suojauspäivitys Windows XP:lle (KB925486)
Suojauspäivitys Windows XP:lle (KB925902)
Suojauspäivitys Windows XP:lle (KB926255)
Suojauspäivitys Windows XP:lle (KB926436)
Suojauspäivitys Windows XP:lle (KB927779)
Suojauspäivitys Windows XP:lle (KB927802)
Suojauspäivitys Windows XP:lle (KB928255)
Suojauspäivitys Windows XP:lle (KB928843)
Suojauspäivitys Windows XP:lle (KB929123)
Suojauspäivitys Windows XP:lle (KB930178)
Suojauspäivitys Windows XP:lle (KB931261)
Suojauspäivitys Windows XP:lle (KB931784)
Suojauspäivitys Windows XP:lle (KB932168)
Suojauspäivitys Windows XP:lle (KB935839)
Suojauspäivitys Windows XP:lle (KB935840)
Suojauspäivitys Windows XP:lle (KB936021)
Suojauspäivitys Windows XP:lle (KB938829)
Windows Installer 3.1 (KB893803)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 7
Windows Live Messenger
Windows Media Format Runtime
Windows Media Player 10
Windows Media Player 10:n Hotfix-korjauspäivitys KB895316
Windows XP Hotfix - KB834707
Windows XP Hotfix - KB867282
Windows XP Hotfix - KB873333
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885250
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB885884
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB887742
Windows XP Hotfix - KB888113
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890047
Windows XP Hotfix - KB890175
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB890923
Windows XP Hotfix - KB891781
Windows XP Hotfix - KB893066
Windows XP Hotfix - KB893086
Windows XP Service Pack 2
WinPcap 3.1 beta3
WinRAR-pakkausohjelma
ZENcast Organizer
ZoneAlarm

 

Javan päivitys ja välimuistin tyhjennys:

1. Klikkaa Käynnistä -> Ohjauspaneeli ja tupla-klikkaa Lisää tai poista sovellus Ohjauspaneelissa.
2. Etsi listasta kaikki entiset Java versiosi. (J2SE Runtime Environment.... )
Niissä pitäisi olla seuraava kuva vieressä:

3. Valitse kaikki entiset Java versiosi ja valitse Poista.
4. Asenna uusin Java päivitys seuraavasta linkistä..
5. Käynnistä kone uudelleen asennuksen jälkeen:

http://java.sun.com/javase/downloads/index.jsp

Rullaa alas kohteeseen Java Runtime Environment (JRE) 6u2

Paina Download

Ruksaa Accept, ota offline installation, tallenna vaikka työpöydälle ja asenna se.

6. Käynnistyksen jälkeen, mene takaisin Ohjauspaneeliin ja avaa Java asetuksesi (Muita Ohjauspaneelin asetuksia -> Java kahvikuppi).

7. General Settings -osion alla, vedä liukusäädintä (Disk Space) pienemmälle, ja klikkaa Delete Files -nappia.

(Jotkut javapohjaiset ohjelmat saattavat tarvita enemmän levytilaa.
Jos huomaat säädön pienentämisen jälkeen koneessa hitautta, siirrä liukusäädintä isommalle).

8. Varmista että kaikki kaksi valintaa ovat rastitettuja:

*Applications and Applets

*Trace and Log Files

Ja paina OK -nappia

9. Klikkaa OK "Temporary Files Settings" -ikkunassasi.

10. Klikkaa OK jättääksesi Java asetusikkunasi.

=====================

Lataa Dr.Web CureIt työpöydälle:

[*]Tuplaklikkaa drweb-cureit.exe ja anna sen tehdä express scan
[*]Se skannaa käynnissä olevat ohjelmat ja jos jotain löytyy, klikkaa yes kun se kysyy haluatko poistaa sen. Tämä on vain lyhyt scan.
[*]Kun scan on valmis, Klikkaa Custom scan merkkaa asemat, jotka haluat scannata.
[*]Valitse kaikki asemat. Punainen piste osoittaa, mitkä asemat on valittu.
[*]Klikaa vihreää nuolta oikealla ja scan alkaa.
[*]Klikkaa Yes to all, jos kysytään haluatko poistaa/siirtää tiedoston.
[*]Kun scannaus on valmis
[*]Klikaa Select all ja Klikkaa Delete
[*]Klikaa File, save report list
[*]Tallenna työpödälle ja kopio lista tänne

 

sdcmon.dll c:\program files\sonera\internetavustaja\bin Probably DLOADER.Trojan Deleted.
FILE LICENSE BIN.exe C:\Documents and Settings\TS\Application Data\SAVE OPTION USER Trojan.Packed.149 Incurable.Moved.
backup-20070930-130953-125.dll C:\Documents and Settings\TS\Työpöytä\backups Adware.MegaSearch.origin Deleted.
Process.exe C:\Documents and Settings\TS\Työpöytä\SmitfraudFix\SmitfraudFix Tool.Prockill Deleted.
restart.exe C:\Documents and Settings\TS\Työpöytä\SmitfraudFix\SmitfraudFix Tool.ShutDown.11 Deleted.
staAA0.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staAA1.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staAA2.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staAA3.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staAAC.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staAAD.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Swizzor Deleted.
staBF8.exe.mwt C:\Documents and Settings\Vieras\Local Settings\Temp Trojan.Packed.142 Deleted.
upAYB[1].int.mwt C:\Documents and Settings\Vieras\Local Settings\Temporary Internet Files\Content.IE5\4HWBOVKR Trojan.Swizzor Deleted.
Bin Audio.exe.01.infected C:\NoLopBackups Trojan.Swizzor Deleted.
Camp Cake.exe.02.infected C:\NoLopBackups Trojan.Packed.142 Deleted.
Cityexit.exe.03.infected C:\NoLopBackups Trojan.Swizzor.origin Incurable.Moved.
Deaf Send.exe.04.infected C:\NoLopBackups Trojan.Swizzor.origin Incurable.Moved.
Drive Corn.exe.05.infected C:\NoLopBackups Trojan.Packed.142 Deleted.
Driveonline.exe.06.infected C:\NoLopBackups Trojan.Packed.142 Deleted.
Eachobj.exe.07.infected C:\NoLopBackups Trojan.Swizzor Deleted.
File License Bin.exe.0167.infected.mwt C:\NoLopBackups Trojan.Swizzor Deleted.
Iztbgivp.exe.0168.infected C:\NoLopBackups Trojan.Packed.142 Deleted.
Onelogo.exe.09.infected C:\NoLopBackups Trojan.Swizzor Deleted.
Stupid Blue.exe.010.infected C:\NoLopBackups Trojan.Swizzor Deleted.
Third Scr.exe.011.infected C:\NoLopBackups Trojan.Swizzor Deleted.
Thisnurb.exe.012.infected C:\NoLopBackups Trojan.Packed.142 Deleted.
Trayfrag.exe.013.infected C:\NoLopBackups Trojan.Swizzor Deleted.
Warn Name.exe.015.infected C:\NoLopBackups Trojan.Swizzor.origin Incurable.Moved.
MYBAR.DLL C:\Program Files\MyWay\myBar\1.bin Adware.MyWay Deleted.
sdcmon.dll C:\Program Files\Sonera\InternetAvustaja\bin Probably DLOADER.Trojan Will be deleted after reboot.
tgupdate.exe C:\Program Files\Sonera\InternetAvustaja\bin Probably DLOADER.Trojan Deleted.
A0133925.exe.mwt C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP931 Trojan.Swizzor Deleted.
A0135263.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP933 Adware.SaveNow Deleted.
A0135686.dll C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Adware.MegaSearch.origin Deleted.
A0135704.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135705.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Packed.142 Deleted.
A0135706.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor.origin Incurable.Moved.
A0135707.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor.origin Incurable.Moved.
A0135708.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Packed.142 Deleted.
A0135709.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Packed.142 Deleted.
A0135710.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135711.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135712.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135713.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135714.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Packed.142 Deleted.
A0135715.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135716.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor.origin Incurable.Moved.
A0135717.exe.mwt C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Swizzor Deleted.
A0135718.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Trojan.Packed.142 Deleted.
A0135746.dll C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP934 Adware.Minibug Deleted.
A0135999.exe C:\System Volume Information\_restore{0E63CA56-F6CF-46FA-96E6-0B78F70E57BF}\RP936 Trojan.Packed.149 Incurable.Moved.
Process.exe C:\WINDOWS\system32 Tool.Prockill Deleted.
mirc.exe D:\Program Files\mIRC\backup Program.mIRC.615 Deleted.

 

Lisää poista sovelutuksesa on
Messenger Plus! 3 & Sponsor
Messenger Plus! Live & Sponsor

jos on otettu tuolla sponssorilla niin syytä poistaa
onkos vielä työpöydällä ylimääräsiä ikoneita

=====================

1. Klikkaa käynnistä > Oma tietokone oikean puoleisella hiiren napilla
2. Valitse ominaisuudet
3. Valitse järjestelmän palauttaminen välilehti
4. Ruksi eteen ¤ poista järjestelmän palauttaminen kaikissa asemissa
5. Paina Käytä
6. Paina ok
7. Sammuta ja käynnistä
8. Ota ruksi pois ¤ poista järjestelmän palauttaminen kaikissa asemissa
9. Käytä ja OK

 

Tehty! Kiitos paljon!

Työpöytä näyttää aika täydeltä, siinä on kaikki ohjelmat mitä olen nyt ladannut ja raportteja jne. Mitä voi poistaa? Säilytänkö kaikki nyt lataamani ohjelmat koneella?

 

Poista

SmitfraudFix
NoLop

=================

Dr.Web CureIt aja vielä ohjeen mukaan ja poista sen jälkeen

=================

mites kone toimii?

 

Jätänkö nuo loput ohjelmat koneelle?

Kone tuntuu toimivan ihan hyvin, ei ole enää pop-uppeja ilmestynyt. Kiitos vaan kovasti avusta!

 

Juu jätä vain jos tuntuu että jotain on niin niillä voit scannata koneen päivitä ensin.