Selain kaatuilee ja hakeutuu oudoille sivuille (HijackLoki)

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by valinen, Dec 6, 2006.

Thread Status:
Not open for further replies.
  1. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    Tuollasen lokin pukkasi ja tosiaan selain kaatuilee jatkuvasti ja heittää useasti jollekin samalle mainossivulle. Kiitos avusta.

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\ZoneLabs\minilog.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ExtraFilm Kotona\Agent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\WINDOWS\easy.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\WINDOWS\easy.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Opera\Opera.exe
    D:\Juttuja\~uudet imut~\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fi/
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] C:\Program Files\ExtraFilm Kotona\Agent.exe
    O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [Spyware Nuker] C:\Program Files\Spyware Nuker 2004\swn2.exe /h
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM\..\Run: [easyadvertisement] C:\WINDOWS\easy.exe
    O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - Startup: Sid Registration.lnk = E:\ATR1.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{455F85C8-4A7A-40D9-B65B-35B3D6E58AF7}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5926C409-FFBD-49CA-A375-3E0D673995C7}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DE13A582-1C79-46C3-82E4-771F1F8A6A8D}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DE3BAA6F-45D0-4EEF-BE60-D8E6FA93411A}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: bonspells - {11853d5f-f894-4cc7-bbc3-fc7a9dcfd896} - C:\WINDOWS\System32\okkmtv.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\minilog.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe
     
    valinen, Dec 6, 2006
    #1
  2. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Fixaa nämä:

    O4 - HKCU\..\Run: [Spyware Begone] C:\freescan\freescan.exe -FastScan
    O17 - HKLM\System\CCS\Services\Tcpip\..\{455F85C8-4A7A-40D9-B65B-35B3D6E58AF7}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{5926C409-FFBD-49CA-A375-3E0D673995C7}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DE13A582-1C79-46C3-82E4-771F1F8A6A8D}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\..\{DE3BAA6F-45D0-4EEF-BE60-D8E6FA93411A}: NameServer = 85.255.114.28,85.255.112.99
    O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99
    O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.28 85.255.112.99


    Hae fixwareout jommastakummasta linkistä

    http://www.bleepingcomputer.com/files/lonny/Fixwareout.exe
    http://downloads.subratam.org/Fixwareout.exe

    [*]Tallenna se työpöydälle ja käynnistä se. Klikkaa Next, sitten Install ja varmistu,
    että Run fixit on valittuna ja klikkaa Finish.
    [*]Fixi alkaa; seuraa ohjeita.
    [*]Kun pyydetään käynnistää kone, niin tee se
    [*]Käynnistyminen voi kestää tavallista kauemmin, se on normaalia.

    Lataa SmitfraudFix (by S!Ri) työpöydällesi.

    Tuplaklikkaa tiedostoa SmitfraudFix.exe

    Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa).
    Postita tämän tekstitiedoston sisältö viestiketjuusi.

    **Jos työkalu ei käynnisty työpöydältä niin siirrä SmitfraudFix.exe suoraan järjestelmäaseman juureen (yleensä C:). Kokeile sitten käynnistää ohjelma uudestaan sieltä.

    Lähetä:

    - uusi HjT-loki
    - c:\fixwareout\report.txt
    - smitfraudfixin raportti

     
    -kemisti-, Dec 6, 2006
    #2
  3. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    Meniköhän oikein :p


    SmitFraudFix v2.128

    Scan done at 13:17:28,91, ke 06.12.2006
    Run from D:\Juttuja\~uudet imut~\SmitfraudFix
    OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» C:\


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


    »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32

    C:\WINDOWS\system32\okkmtv.dll FOUND !
    C:\WINDOWS\system32\srpcsrv32.dll FOUND !
    C:\WINDOWS\system32\txfdb32.dll FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ilkka vallineva


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\ilkka vallineva\Application Data


    »»»»»»»»»»»»»»»»»»»»»»»» Start Menu

    C:\DOCUME~1\ALLUSE~1\KYNNIS~1\Online Security Guide.url FOUND !
    C:\DOCUME~1\ALLUSE~1\KYNNIS~1\Security Troubleshooting.url FOUND !

    »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\ILKKAV~1\Suosikit


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop


    »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


    »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


    »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components

    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0]
    "Source"="C:\\WINDOWS\\Web\\desktop.html"
    "SubscribedURL"="C:\\WINDOWS\\Web\\desktop.html"


    ''''''''''''''''''''''''''''''''''''''''''''''''''



    Logfile of HijackThis v1.99.1
    Scan saved at 13:18:58, on 6.12.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\ZoneLabs\minilog.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ExtraFilm Kotona\Agent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\WINDOWS\easy.exe
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\WINDOWS\easy.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    C:\Program Files\Real\RealPlayer\RealPlay.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\WINDOWS\system32\cmd.exe
    C:\WINDOWS\NOTEPAD.EXE
    D:\Juttuja\~uudet imut~\HijackThis_v1.99.1.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] C:\Program Files\ExtraFilm Kotona\Agent.exe
    O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [Spyware Nuker] C:\Program Files\Spyware Nuker 2004\swn2.exe /h
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM\..\Run: [easyadvertisement] C:\WINDOWS\easy.exe
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - Startup: Sid Registration.lnk = E:\ATR1.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O21 - SSODL: bonspells - {11853d5f-f894-4cc7-bbc3-fc7a9dcfd896} - C:\WINDOWS\System32\okkmtv.dll
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\minilog.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe



    '''''''''''''''''''''''''''''''''''''''''''''''



    Fixwareout ver 1.003
    Last edited 8/11/2006
    Post this report in the forums please

    Reg Entries that were deleted
    ...

    Random Runs removed from HKLM
    ...

    PLEASE NOTE, There WILL be LEGITIMATE FILES LISTED. IF YOU ARE UNSURE OF WHAT IT IS LEAVE THEM ALONE.

    »»»»» Searching by size/names...

    »»»»»
    Search five digit cs, dm and jb files.
    This WILL/CAN also list Legit Files, Submit them at Virustotal

    Other suspects.
    Directory of C:\WINDOWS\system32

    »»»»» Misc files.

    »»»»» Checking for older varients covered by the Rem3 tool.





     
    valinen, Dec 6, 2006
    #3
  4. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Fixaa:

    O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
    O4 - HKLM\..\Run: [easyadvertisement] C:\WINDOWS\easy.exe
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99

    Printtaa ohjeet ulos tai tallenna nämä tekstitiedostoon.

    Lataa AVG Anti-Spyware 7.5 ja tallenna ohjelma työpöydällesi.
    [*]Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa.
    [*]Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää.
    [*]Käynnistä AVG Anti-Spyware.
    [*]Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta.
    [*]Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa.

    [*]Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti.
    [*]Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine".
    [*]Sitten "Reports" valikon alta:
    [*]Laita täppi kohtaan "Automatically generate report after every scan"
    [*]Ota täppi pois kohdasta"Only if threats were found"

    [*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
    [*]"Resident shield is", muuta tila active:sta inactive:ksi
    [*]Sulje ohjelma, ÄLÄ skannaa vielä.
    Käynnistä koneesi vikasietotilaan, Ohje!

    Poista:

    C:\WINDOWS\easy.exe

    Tyhjennä roskis

    HUOM! Älä käytä muita ohjelmia AVG skannauksen aikana, tämä saattaa häiritä skannausta.

    Kun vikasietotilassa, tuplaklikkaa tiedostoa SmitfraudFix.exe
    Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot.

    Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet.

    Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter".

    Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin.
    Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi.
    Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt.

    [*]Käynnistä AVG Anti-Spyware.
    [*]Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan".
    [*]Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa.

    Kun skannaus on valmis:
    TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions"
    [*]Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta.
    [*]Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions"
    [​IMG]
    [*]Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta.
    [*]Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle.
    [*]Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestiketjuusi.

    Lataa ja tallenna Blacklight työpöydällesi;

    Tupla-klikkaa blbeta.exe, hyväksy sopimus, klikkaa > Scan, sitten > Next

    Näet listan kaikesta mitä löytyi. Työpöydällesi myös ilmestyy loki jonka nimi on fsbl.xxxxxxx.log (xxxxxxx;n tilalla on luultavimmin numeroita).

    Kopioi ja liitä tämä loki seuraavaan vastaukseesi. Älä valitse "Rename" optiota vielä! Haluamme nähdä login ensin, koska hyviä tiedostoja saattaa olla mukana, kuten "wbemtest.exe".

    Lähetä:

    - uusi HjT-loki
    - blacklightin loki
    - avg anti-spywaren raportti
    - smitfraudfixin raportti
     
    Last edited: Dec 6, 2006
    -kemisti-, Dec 6, 2006
    #4
  5. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    Kun painan F8 ja saan sen valikon josta valita nuolinäppäimillä vikasietotila, ja vaikka kuinka nuolia painelen ei mitään tapahdu. Eli en voi valita vikasietotilaa ja kone käynnistyy normaalitilassa.
     
    valinen, Dec 6, 2006
    #5
  6. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    No ei siinä mitään, aja sitten AVG normaalitilassa.

    Buuttaa skannin jälkeen ja poista tämä:

    C:\WINDOWS\easy.exe

    Muuten toimi edellisten ohjeiden mukaan :)
     
    -kemisti-, Dec 6, 2006
    #6
  7. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    SmitFraudFix v2.128

    Scan done at 16:25:13,27, ke 06.12.2006
    Run from C:\Documents and Settings\ilkka vallineva\Ty”p”yt„\SmitfraudFix
    OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT
    The filesystem type is NTFS
    Fix run in normal mode

    »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler]
    "{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}"="bonspells"

    [HKEY_CLASSES_ROOT\CLSID\{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}\InProcServer32]
    @="C:\WINDOWS\System32\okkmtv.dll"

    [HKEY_LOCAL_MACHINE\Software\Classes\CLSID\{11853d5f-f894-4cc7-bbc3-fc7a9dcfd896}\InProcServer32]
    @="C:\WINDOWS\System32\okkmtv.dll"


    »»»»»»»»»»»»»»»»»»»»»»»» Killing process


    »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

    GenericRenosFix by S!Ri

    C:\WINDOWS\System32\okkmtv.dll -> Hoax.Win32.Renos.gen.i
    C:\WINDOWS\System32\okkmtv.dll -> Deleted


    »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

    C:\WINDOWS\system32\srpcsrv32.dll Deleted
    C:\WINDOWS\system32\txfdb32.dll Deleted
    C:\DOCUME~1\ALLUSE~1\KYNNIS~1\Online Security Guide.url Deleted
    C:\DOCUME~1\ALLUSE~1\KYNNIS~1\Security Troubleshooting.url Deleted

    »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


    »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
    !!!Attention, following keys are not inevitably infected!!!

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
    "system"=""


    »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

    Registry Cleaning done.

    »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix
    !!!Attention, following keys are not inevitably infected!!!

    SrchSTS.exe by S!Ri
    Search SharedTaskScheduler's .dll


    »»»»»»»»»»»»»»»»»»»»»»»» End

    ----------------------------------------------------------------



    ---------------------------------------------------------
    AVG Anti-Spyware - Scan Report
    ---------------------------------------------------------

    + Created at: 17:20:54 6.12.2006

    + Scan result:



    D:\Juttuja\Sekalaiset\ohjelmia jne\pacificpoker-1.exe -> Adware.Casino : Cleaned with backup (quarantined).
    C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup (quarantined).
    D:\Juttuja\Peli\Colin Mcrae 5\Colin McRae Rally 2005 crack-serial-keygen [p2p-11066].exe -> Dialer.Intexdial : Cleaned with backup (quarantined).
    C:\WINDOWS\system32\tmp.exe -> Downloader.Delf.aqf : Cleaned with backup (quarantined).
    C:\jotain paskaa\eied_s7.cab/eied_s7_c_29.exe -> Downloader.Mediket.bb : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{90242021-2F93-41EC-B0D8-BC6CA5E9F7AA}\RP675\A0184249.dll -> Downloader.WarSpy.c : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{90242021-2F93-41EC-B0D8-BC6CA5E9F7AA}\RP675\A0184250.dll -> Downloader.WarSpy.c : Cleaned with backup (quarantined).
    C:\System Volume Information\_restore{90242021-2F93-41EC-B0D8-BC6CA5E9F7AA}\RP675\A0179214.exe -> Hijacker.Delf.ea : Cleaned with backup (quarantined).
    D:\Juttuja\Sekalaiset\ohjelmia jne\Alcohol 120% v1.9.2.1705 Multilanguage + serial (OK)\rp_winzipv90_kg_fix.exe -> Hijacker.StartPage.tr : Cleaned with backup (quarantined).
    :mozilla.259:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.260:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.261:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.340:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
    :mozilla.165:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.166:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.167:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.179:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.181:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.182:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.249:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.255:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.270:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.271:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.272:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.273:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned.
    :mozilla.7:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.8:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Adtech : Cleaned.
    :mozilla.446:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.450:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Advertising : Cleaned.
    :mozilla.475:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned.
    :mozilla.479:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned.
    C:\Documents and Settings\ilkka vallineva\Cookies\ilkka vallineva@www.burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned.
    :mozilla.492:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.493:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned.
    C:\Documents and Settings\ilkka vallineva\Cookies\ilkka vallineva@casalemedia[1].txt -> TrackingCookie.Casalemedia : Cleaned.
    :mozilla.23:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.25:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.26:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.28:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.29:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.32:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.33:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.35:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.36:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.512:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.513:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.801:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.802:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
    :mozilla.838:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Com : Cleaned.
    :mozilla.59:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned.
    :mozilla.777:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
    :mozilla.778:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
    :mozilla.779:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Enhance : Cleaned.
    :mozilla.487:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.488:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.489:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.490:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.491:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned.
    :mozilla.676:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.677:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.678:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.679:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Falkag : Cleaned.
    :mozilla.428:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.429:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.430:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.431:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.432:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.433:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.434:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned.
    :mozilla.768:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Findwhat : Cleaned.
    :mozilla.780:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
    :mozilla.781:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Goclick : Cleaned.
    :mozilla.329:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.333:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.376:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.462:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.465:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.466:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.485:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.57:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.58:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned.
    :mozilla.589:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned.
    :mozilla.763:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
    :mozilla.764:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Linksynergy : Cleaned.
    :mozilla.15:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
    :mozilla.338:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned.
    :mozilla.38:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned.
    :mozilla.458:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.459:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.460:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.461:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned.
    :mozilla.42:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.43:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.44:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.45:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.46:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.47:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned.
    :mozilla.100:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.101:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.102:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.103:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.104:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.105:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.106:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.107:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.108:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.109:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.110:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.111:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.112:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.113:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.114:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.75:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.76:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.77:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.78:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.79:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.80:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.81:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.82:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.83:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.84:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.85:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.86:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.87:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.88:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.89:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.90:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.91:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.92:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.93:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.94:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.95:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.96:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.97:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.98:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.99:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
    :mozilla.363:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.364:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.365:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.366:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.367:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.368:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned.
    :mozilla.150:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.151:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.152:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.153:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.154:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.155:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.156:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.157:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.158:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.159:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.160:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.161:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Sextracker : Cleaned.
    :mozilla.421:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.422:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.423:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.425:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned.
    :mozilla.480:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned.
    :mozilla.55:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned.
    :mozilla.407:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Yadro : Cleaned.
    :mozilla.318:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.319:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.324:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned.
    :mozilla.476:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.477:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    :mozilla.478:C:\Documents and Settings\ilkka vallineva\Application Data\Mozilla\Firefox\Profiles\th4cl6za.default\cookies.txt -> TrackingCookie.Zedo : Cleaned.
    C:\Program Files\Microsoft AntiSpyware\Quarantine\DE722AD4-03B9-479D-9676-77ABA7\D6D6CBCE-01E9-4FBC-B54F-2A66A5 -> Trojan.TopAntiSpyware : Cleaned with backup (quarantined).


    ::Report end




     
    valinen, Dec 6, 2006
    #7
  8. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    12/06/06 17:24:29 [Info]: BlackLight Engine 1.0.47 initialized
    12/06/06 17:24:29 [Info]: OS: 5.1 build 2600 (Service Pack 1)
    12/06/06 17:24:30 [Note]: 7019 4
    12/06/06 17:24:30 [Note]: 7005 0
    12/06/06 17:24:39 [Note]: 7006 0
    12/06/06 17:24:39 [Note]: 7011 3976
    12/06/06 17:24:39 [Note]: 7026 0
    12/06/06 17:24:39 [Note]: 7026 0
    12/06/06 17:24:50 [Note]: FSRAW library version 1.7.1020

    --------------------------------------------------------------------


    Logfile of HijackThis v1.99.1
    Scan saved at 17:42:22, on 6.12.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\ZoneLabs\minilog.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ExtraFilm Kotona\Agent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    D:\Juttuja\~uudet imut~\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] C:\Program Files\ExtraFilm Kotona\Agent.exe
    O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [Spyware Nuker] C:\Program Files\Spyware Nuker 2004\swn2.exe /h
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - Startup: Sid Registration.lnk = E:\ATR1.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\minilog.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

    -------------------------------------------------------------------------


     
    valinen, Dec 6, 2006
    #8
  9. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Sammuta AVG anti-spywaren guard:

    Avaa AVG anti-spyware

    [*]Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa
    [*]"Resident shield is", muuta tila active:sta inactive:ksi

    Fixaa tämä:

    O17 - HKLM\System\CCS\Services\Tcpip\..\{9C68C805-44C4-414F-AD53-241E7A85B14E}: NameServer = 85.255.114.28 85.255.112.99

    Käynnistä uudelleen ja lähetä uusi HjT-loki.

    Jos tuo rivi ei lähde, tee näin:

    Mene Ohjauspaneeli -> Verkkoyhteydet. Sitten klikkaa hiiren oikealla yhteyskuvaketta -> ominaisuudet. Valitse TCP/IP ja sitten ominaisuudet. Valitse "hae IP-osoite automaattisesti" ja klikkaa ok

    Sitten käynnistä -> suorita
    Kirjoita cmd ja klikkaa ok
    Kirjoita ipconfig /flushdns , paina enter, kirjoita exit
    ja paina enter

    Jos ei toimi, mene käynnistä -> apuohjelmat -> komentorivi ja kirjoita ipconfig /flushdns sinne ja paina enter. Kirjoita exit ja enter

    Käynnistä uudestaan ja lähetä uusi HjT-loki.
     
    -kemisti-, Dec 6, 2006
    #9
  10. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    Logfile of HijackThis v1.99.1
    Scan saved at 17:58:30, on 6.12.2006
    Platform: Windows XP SP1 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\Program Files\AVPersonal\AVGUARD.EXE
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\Program Files\AVPersonal\AVWUPSRV.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\ZoneLabs\vsmon.exe
    C:\WINDOWS\system32\ZoneLabs\minilog.exe
    C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\AVPersonal\AVGNT.EXE
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\Winamp\winampa.exe
    C:\Program Files\ExtraFilm Kotona\Agent.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
    C:\Program Files\AGEIA Technologies\TrayIcon.exe
    C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
    C:\Program Files\iPod\bin\iPodService.exe
    C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
    C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
    C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\Program Files\Opera\Opera.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
    D:\Juttuja\~uudet imut~\HijackThis_v1.99.1.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\MSN Toolbar\01.02.5000.1021\fi\msntb.dll
    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
    O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
    O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
    O4 - HKLM\..\Run: [ExtraFilmHemmaAgent] C:\Program Files\ExtraFilm Kotona\Agent.exe
    O4 - HKLM\..\Run: [NetLimiter] C:\Program Files\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [Spyware Nuker] C:\Program Files\Spyware Nuker 2004\swn2.exe /h
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
    O4 - HKLM\..\Run: [AGEIA PhysX SysTray] C:\Program Files\AGEIA Technologies\TrayIcon.exe
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
    O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -onlytray
    O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
    O4 - HKCU\..\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
    O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent.exe" --force_start_minimized
    O4 - Startup: Sid Registration.lnk = E:\ATR1.exe
    O4 - Global Startup: Acrobat Assistant.lnk = C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O4 - Global Startup: ZoneAlarm Pro.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zapro.exe
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab47946.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - C:\Program Files\AVPersonal\AVGUARD.EXE
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - C:\Program Files\AVPersonal\AVWUPSRV.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Unknown owner - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe (file missing)
    O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: TrueVector Basic Logging Client (minilog) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\minilog.exe
    O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

     
    valinen, Dec 6, 2006
    #10
  11. -kemisti-

    -kemisti- Active member

    Joined:
    Jun 6, 2005
    Messages:
    6,305
    Likes Received:
    0
    Trophy Points:
    96
    Päivitä SP2, muuten on ok. Vielä ongelmia?
     
    -kemisti-, Dec 6, 2006
    #11
  12. valinen

    valinen Member

    Joined:
    Dec 6, 2006
    Messages:
    11
    Likes Received:
    0
    Trophy Points:
    11
    Ei ongelmia, toimii kun junan vessa.
    Nöyrin kiitos.
     
    valinen, Dec 6, 2006
    #12
Thread Status:
Not open for further replies.

Share This Page