Eli koneessani riehuu tällä hetkellä inhoittava Virtumonde joka tuli koneesesen 29 kesäkuuta. Troijan downoalderiakin on löytynyt. F-securen sivun ohjeista ei ollut apua vaikka F-secure nämä möttiäiset löytää niin eipä se tee mitään. Pop-up ikkunoita tulee IE:n kautta (en ole käyttänyt IE:tä moneen vuoteen) ja IE:n aloitus sivu on kaapattu about:blank ja tätä kautta hyppää spyware sivulle. Jos olen oikeassa niin tuo öttiäinen lymyilee Windowsin reksiterissä. Toivon minua taitavampien ihmisten neuvoja (toivon helppoa opastusta, koska tämä on ensimmäinen kerta kun näin sitkeä Spyware ei poistu). Katselin edellisiä viestejä ja totta puhuen en ymmärtänyt kaikkea. Annan teille nyt Hijack lokin ja toivon, että autatte minua näiden öttiäisten poistossa. Kiitän jo etukäteen apujanne, kiitos (Viesti sisältää jonkin verran kirjoitus virheitä, toivon että se ei häiritse teitä kovin paljon) Logfile of HijackThis v1.99.1 Scan saved at 20:33:24, on 1.7.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\VMware\VMware Player\vmware-authd.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe C:\WINDOWS\system32\vmnat.exe C:\PROGRA~1\UpsPilot\Winpower.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe C:\PROGRA~1\UpsPilot\monitor.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\PROGRA~1\UpsPilot\wpRMI.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\WINDOWS\system32\dcomcfg.exe C:\WINDOWS\system32\atmclk.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\QuickTime\qttask.exe C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\Program Files\Microsoft Office\Office\OSA.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Vladimir\Työpöytä\HijackThis_v1.99.1.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://elisa.net/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} - C:\WINDOWS\system32\hp100.tmp O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O2 - BHO: (no name) - {BEEAE5F7-5AD9-4AA0-AD2D-F357354E9051} - C:\WINDOWS\system32\gebyv.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\RunServices: [Winpower] C:\Program Files\UpsPilot\Winpower.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Tuki - {46632A3E-D75F-4BBA-AA68-C0053690DC67} - http://tuki.elisa.net/ (file missing) (HKCU) O9 - Extra button: Palvelut - {F39F7CA3-7F4A-4E65-B389-BEAE22554591} - http://service.kolumbus.fi/ (file missing) (HKCU) O9 - Extra button: SMS-viesti - {F8208EEC-6866-443A-A391-2AE3DAC942F3} - http://sms.kolumbus.fi/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/ O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\system32\gebyv.dll (file missing) O20 - Winlogon Notify: winwea32 - winwea32.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Winpower - ZeroG Software - C:\PROGRA~1\UpsPilot\Winpower.exe O23 - Service: Winpowermanager - ZeroG Software - C:\PROGRA~1\UpsPilot\manager.exe O23 - Service: Winpowermonitor - ZeroG Software - C:\PROGRA~1\UpsPilot\monitor.exe O23 - Service: WinpowerRMI - ZeroG Software - C:\PROGRA~1\UpsPilot\wpRMI.exe O23 - Service: Collaboration Runtime (xmppd-jse8) - Unknown owner - C:\Program Files\Sun\jstudio_ent8\CollabRuntime\bin\xmppd-jse8.exe (file missing)
Aloitetaan tällä: Lataa SmitfraudFix (c) S!Ri http://siri.urz.free.fr/Fix/SmitfraudFix.zip Pura sisältö (kansio nimeltä SmitfraudFix) työpöydällesi: Avaa SmitfraudFix-kansio ja tuplaklikkaa smitfraudfix.cmd Valitse optio #1 - Search kirjoittamalla 1 ja painamalla "Enter"; tekstitiedosto avautuu, joka listaa tarttuneet tiedostot (jos olemassa). Postita tämän tekstitiedoston sisältö viestiketjuusi.
Kiitos nopeasta vastauksestasi! SmitFraudFix v2.65 Scan done at 21:06:07,85, la 01.07.2006 Run from C:\Documents and Settings\Vladimir\Ty”p”yt„\SmitfraudFix OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT Fix ran in normal mode »»»»»»»»»»»»»»»»»»»»»»»» C:\ »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web »»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32 C:\WINDOWS\system32\atmclk.exe FOUND ! C:\WINDOWS\system32\dcomcfg.exe FOUND ! C:\WINDOWS\system32\hp???.tmp FOUND ! C:\WINDOWS\system32\hp????.tmp FOUND ! C:\WINDOWS\system32\ld????.tmp FOUND ! C:\WINDOWS\system32\ot.ico FOUND ! C:\WINDOWS\system32\simpole.tlb FOUND ! C:\WINDOWS\system32\stdole3.tlb FOUND ! C:\WINDOWS\system32\ts.ico FOUND ! C:\WINDOWS\system32\1024\ FOUND ! »»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Vladimir\Application Data »»»»»»»»»»»»»»»»»»»»»»»» Start Menu »»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Vladimir\Suosikit »»»»»»»»»»»»»»»»»»»»»»»» Desktop »»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files »»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys »»»»»»»»»»»»»»»»»»»»»»»» Desktop Components [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Desktop\Components\0] "Source"="About:Home" "SubscribedURL"="About:Home" "FriendlyName"="Nykyinen kotisivu" »»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{7916f057-223f-4612-ac84-e882cbe043d4}"="bals" [HKEY_CLASSES_ROOT\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32] @="C:\WINDOWS\system32\hvcycg.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32] @="C:\WINDOWS\system32\hvcycg.dll" »»»»»»»»»»»»»»»»»»»»»»»» Scanning wininet.dll infection »»»»»»»»»»»»»»»»»»»»»»»» End
Lainattu http://keskustelu.afterdawn.com/thread_view.cfm/360199 "Printtaa ohjeet ulos. Käynnistä koneesi vikasietotilaan ja valitse tavallinen käyttäjätilisi. Kun vikasietotilassa, avaa SmitfraudFix-kansio ja tuplaklikkaa smitfraudfix.cmd Valitse optio #2 - Clean kirjoittamalla 2 ja painamalla "Enter" poistaaksesi tarttuneet tiedostot. Sinulta kysytään: "Registry cleaning - Do you want to clean the registry ?"; vastaa "Yes" kirjoittamalla Y ja paina "Enter" poistaaksesi työpöydän taustakuvan ja puhdistaaksesi tarttuneet rekisteriavaimet. Työkalu tarkistaa jos wininet.dll on tarttunut. Sinua saatetaan pyytää korvaamaan tarttunut .dll (jos löytyy); vastaa "Yes" kirjoittamalla Y ja painamalla "Enter". Työkalun saattaa tarvita käynnistää kone uudelleen; jos ei tee niin, käynnistä normaaliin Windowsiin. Tekstitiedosto ilmestyy, puhdistusprosessin jäljiltä; kopioi & liitä tämän raportin tulokset vastaukseesi. Raportti löytyy paikalliselta levyltäsi, useimmiten C:\rapport.txt. Lähetä sen sisältö ja uusi HjT-loki tänne." Suoritanko siis seuraavan toimenpiteen?
No nyt tein tuon edellisessä viestissä mainitun toimenpiteen ja tässä loki (en kai vain pahentanut asiaa? Pyydän, että vastaatte nopeasti, kiitos) SmitFraudFix v2.65 Scan done at 1:06:46,54, su 02.07.2006 Run from C:\Documents and Settings\Vladimir\Ty”p”yt„\SmitfraudFix OS: Microsoft Windows XP [versio 5.1.2600] - Windows_NT Fix ran in safe mode »»»»»»»»»»»»»»»»»»»»»»»» Before SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{7916f057-223f-4612-ac84-e882cbe043d4}"="bals" [HKEY_CLASSES_ROOT\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32] @="C:\WINDOWS\system32\hvcycg.dll" [HKEY_CURRENT_USER\Software\Classes\CLSID\{7916f057-223f-4612-ac84-e882cbe043d4}\InProcServer32] @="C:\WINDOWS\system32\hvcycg.dll" »»»»»»»»»»»»»»»»»»»»»»»» Killing process »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix GenericRenosFix by S!Ri C:\WINDOWS\system32\hvcycg.dll -> Missing File »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files C:\WINDOWS\system32\atmclk.exe Deleted C:\WINDOWS\system32\dcomcfg.exe Deleted C:\WINDOWS\system32\hp???.tmp Deleted C:\WINDOWS\system32\ld????.tmp Deleted C:\WINDOWS\system32\ot.ico Deleted C:\WINDOWS\system32\simpole.tlb Deleted C:\WINDOWS\system32\stdole3.tlb Deleted C:\WINDOWS\system32\ts.ico Deleted C:\WINDOWS\system32\1024\ Deleted »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning Registry Cleaning done. »»»»»»»»»»»»»»»»»»»»»»»» After SmitFraudFix !!!Attention, following keys are not inevitably infected!!! SrchSTS.exe by S!Ri Search SharedTaskScheduler's .dll »»»»»»»»»»»»»»»»»»»»»»»» End _____________________________________________________________________ Ja tässä vielä Hijack log tämän toimenpiteen jälkeen Logfile of HijackThis v1.99.1 Scan saved at 1:21:54, on 2.7.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\system32\GSICON.EXE C:\WINDOWS\system32\dslagent.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE C:\Program Files\Microsoft IntelliType Pro\type32.exe C:\Program Files\Microsoft IntelliPoint\point32.exe C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\ctfmon.exe C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe C:\WINDOWS\system32\CTsvcCDA.EXE C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe C:\Program Files\VMware\VMware Player\vmware-authd.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE C:\Program Files\Microsoft Office\Office\OSA.EXE C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe C:\WINDOWS\system32\vmnat.exe C:\PROGRA~1\UpsPilot\Winpower.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe C:\PROGRA~1\UpsPilot\monitor.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe C:\PROGRA~1\UpsPilot\wpRMI.exe C:\Program Files\UpsPilot\jre\bin\javaw.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\Vladimir\Työpöytä\HijackThis_v1.99.1.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O2 - BHO: (no name) - {BEEAE5F7-5AD9-4AA0-AD2D-F357354E9051} - C:\WINDOWS\system32\gebyv.dll (file missing) O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\RunServices: [Winpower] C:\Program Files\UpsPilot\Winpower.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Elisa Tietoturvapalvelu.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\Program\fspex.exe O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Tuki - {46632A3E-D75F-4BBA-AA68-C0053690DC67} - http://tuki.elisa.net/ (file missing) (HKCU) O9 - Extra button: Palvelut - {F39F7CA3-7F4A-4E65-B389-BEAE22554591} - http://service.kolumbus.fi/ (file missing) (HKCU) O9 - Extra button: SMS-viesti - {F8208EEC-6866-443A-A391-2AE3DAC942F3} - http://sms.kolumbus.fi/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/ O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\system32\gebyv.dll (file missing) O20 - Winlogon Notify: winwea32 - winwea32.dll (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Winpower - ZeroG Software - C:\PROGRA~1\UpsPilot\Winpower.exe O23 - Service: Winpowermanager - ZeroG Software - C:\PROGRA~1\UpsPilot\manager.exe O23 - Service: Winpowermonitor - ZeroG Software - C:\PROGRA~1\UpsPilot\monitor.exe O23 - Service: WinpowerRMI - ZeroG Software - C:\PROGRA~1\UpsPilot\wpRMI.exe O23 - Service: Collaboration Runtime (xmppd-jse8) - Unknown owner - C:\Program Files\Sun\jstudio_ent8\CollabRuntime\bin\xmppd-jse8.exe (file missing)
Aiemmin en ole pystyny vastaamaan valitettavasti Fixaa nuo (do a system scan only, merkkaa ja paina fix checked): O2 - BHO: CVirtualDNSObj Object - {86C510E9-97EF-4749-914F-0280247BE3A6} - C:\WINDOWS\VirtualDNS.dll O2 - BHO: (no name) - {BEEAE5F7-5AD9-4AA0-AD2D-F357354E9051} - C:\WINDOWS\system32\gebyv.dll (file missing) O20 - Winlogon Notify: gebyv - C:\WINDOWS\system32\gebyv.dll (file missing) O20 - Winlogon Notify: winwea32 - winwea32.dll (file missing) Poista: C:\WINDOWS\VirtualDNS.dll Käynnistä uudelleen. Hae,asenna ja päivitä ewido -> http://keskustelu.afterdawn.com/thread_view.cfm/269186 Käynnistä vikasietotilaan (F8 käynnistyksen yhteydessä) Skannaa ewidolla, anna poistaa mitä löytää, paitsi älä anna poistaa mitään F-secureen liittyvää ja tallenna raportti. Käynnistä uudelleen ja lähetä ewidon raportti ja uusi HjT-loki.
Tein tuon fixaamisen mutta en löydä C:\WINDOWS\VirtualDNS.dll Olen selannut windows kansion läpikotaisin ja olen käyttänyt jopa etsi toimintoa. Mutta mitään ei löydy
Laita piilotiedostot näkyviin -> http://keskustelu.afterdawn.com/thread_view.cfm/248944 ja yritä uudestaan. Sitä ei välttämättä tarvitse olla enää.
Piilotiedostot on näkyvissä mutta silti ei löydy. Tuossa raportti --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:11:19 2.7.2006 + Scan result: C:\Program Files\Elisa Tietoturvapalvelu\FWES\program\fsdfwd.exe -> Adware.Gator : No action taken. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU -> Adware.SaveNow : No action taken. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : No action taken. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : No action taken. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Uninstall.lnk -> Adware.SaveNow : No action taken. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\WhenU.com Website.url -> Adware.SaveNow : No action taken. C:\WINDOWS\system32\rqrstqp.dll -> Adware.Virtumonde : No action taken. C:\Documents and Settings\Vladimir\Työpöytä\Jurin\backups\backup-20060702-153443-758.dll -> Adware.Webdir : No action taken. C:\Documents and Settings\Vladimir\Local Settings\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\Cache\2E9C759Cd01 -> Dropper.Microjoin.bx : No action taken. :mozilla.724:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.81:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.82:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.83:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.84:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.85:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.86:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.87:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.88:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. :mozilla.89:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : No action taken. C:\Documents and Settings\Vladimir\Cookies\vladimir@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : No action taken. C:\Documents and Settings\Vladimir\Cookies\vladimir@pinnaclesystems.122.2o7[1].txt -> TrackingCookie.2o7 : No action taken. :mozilla.467:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.468:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adocean : No action taken. :mozilla.32:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.35:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adtech : No action taken. :mozilla.192:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.193:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.194:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.195:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.196:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : No action taken. :mozilla.197:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Atdmt : No action taken. :mozilla.476:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bfast : No action taken. :mozilla.230:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bluestreak : No action taken. :mozilla.313:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken. :mozilla.314:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken. :mozilla.315:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : No action taken. :mozilla.186:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Burstnet : No action taken. :mozilla.187:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Burstnet : No action taken. :mozilla.285:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.286:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.287:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.288:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.289:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.290:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : No action taken. :mozilla.256:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Clickzs : No action taken. :mozilla.257:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Clickzs : No action taken. :mozilla.479:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Com : No action taken. :mozilla.740:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Coremetrics : No action taken. :mozilla.686:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Cqcounter : No action taken. :mozilla.38:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Doubleclick : No action taken. :mozilla.494:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : No action taken. :mozilla.495:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : No action taken. :mozilla.496:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : No action taken. :mozilla.246:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.250:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.258:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.259:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.260:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.261:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.262:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : No action taken. :mozilla.291:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.292:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.293:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.294:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.295:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : No action taken. :mozilla.162:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.389:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.645:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.701:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : No action taken. :mozilla.573:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.574:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.575:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.615:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.651:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.653:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.709:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.716:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : No action taken. :mozilla.758:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hotlog : No action taken. :mozilla.717:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Ivwbox : No action taken. :mozilla.448:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Mainentrypoint : No action taken. :mozilla.431:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Masterstats : No action taken. :mozilla.486:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Mediaplex : No action taken. :mozilla.266:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Paycounter : No action taken. :mozilla.146:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken. :mozilla.147:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken. :mozilla.148:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken. :mozilla.149:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : No action taken. :mozilla.224:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.225:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.226:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : No action taken. :mozilla.154:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Realtracker : No action taken. :mozilla.596:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.597:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.598:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.599:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.600:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : No action taken. :mozilla.557:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Revenue : No action taken. :mozilla.558:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Revenue : No action taken. :mozilla.399:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.400:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.401:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.402:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.403:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.404:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.405:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.406:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.407:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.408:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.409:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.410:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.411:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.412:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.413:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.414:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.415:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.416:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.417:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.418:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.419:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.420:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.421:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.422:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.423:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.424:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : No action taken. :mozilla.267:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.268:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.269:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.270:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.271:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.272:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.273:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.274:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.275:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : No action taken. :mozilla.757:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Spylog : No action taken. :mozilla.199:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.200:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.201:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.202:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.203:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.204:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : No action taken. :mozilla.457:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tacoda : No action taken. :mozilla.458:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tacoda : No action taken. :mozilla.54:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.55:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.56:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.57:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.58:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.59:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : No action taken. :mozilla.71:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken. :mozilla.72:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tribalfusion : No action taken. :mozilla.754:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : No action taken. :mozilla.755:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : No action taken. :mozilla.756:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : No action taken. :mozilla.129:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Webtrendslive : No action taken. :mozilla.178:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yadro : No action taken. :mozilla.33:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.34:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yieldmanager : No action taken. :mozilla.219:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : No action taken. :mozilla.221:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : No action taken. :mozilla.222:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : No action taken. ::Report end Ja tässä toinen puhdistuksen jälkeen --------------------------------------------------------- ewido anti-spyware - Scan Report --------------------------------------------------------- + Created at: 16:12:50 2.7.2006 + Scan result: C:\Program Files\Elisa Tietoturvapalvelu\FWES\program\fsdfwd.exe -> Adware.Gator : Cleaned. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU -> Adware.SaveNow : Cleaned. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU Save.url -> Adware.SaveNow : Cleaned. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Learn More About WhenU SaveNow.url -> Adware.SaveNow : Cleaned. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\Uninstall.lnk -> Adware.SaveNow : Cleaned. C:\Documents and Settings\Vladimir\Käynnistä-valikko\Ohjelmat\WhenU\WhenU.com Website.url -> Adware.SaveNow : Cleaned. C:\WINDOWS\system32\rqrstqp.dll -> Adware.Virtumonde : Cleaned. C:\Documents and Settings\Vladimir\Työpöytä\Jurin\backups\backup-20060702-153443-758.dll -> Adware.Webdir : Cleaned. C:\Documents and Settings\Vladimir\Local Settings\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\Cache\2E9C759Cd01 -> Dropper.Microjoin.bx : Cleaned. :mozilla.724:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.81:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.82:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.83:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.84:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.85:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.86:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.87:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.88:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.89:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Vladimir\Cookies\vladimir@microsofteup.112.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\Vladimir\Cookies\vladimir@pinnaclesystems.122.2o7[1].txt -> TrackingCookie.2o7 : Cleaned. :mozilla.467:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.468:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adocean : Cleaned. :mozilla.32:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.35:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.192:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.193:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.194:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.195:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.196:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.197:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.476:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bfast : Cleaned. :mozilla.230:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bluestreak : Cleaned. :mozilla.313:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned. :mozilla.314:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned. :mozilla.315:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Bridgetrack : Cleaned. :mozilla.186:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.187:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.285:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.286:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.287:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.288:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.289:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.290:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.256:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.257:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned. :mozilla.479:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Com : Cleaned. :mozilla.740:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned. :mozilla.686:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned. :mozilla.38:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.494:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.495:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.496:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned. :mozilla.246:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.250:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.258:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.259:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.260:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.261:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.262:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Falkag : Cleaned. :mozilla.291:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.292:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.293:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.294:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.295:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.162:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.389:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.645:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.701:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.573:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.574:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.575:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.615:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.651:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.653:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.709:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.716:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.758:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned. :mozilla.717:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. :mozilla.448:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Mainentrypoint : Cleaned. :mozilla.431:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned. :mozilla.486:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. :mozilla.266:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned. :mozilla.146:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.147:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.148:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.149:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned. :mozilla.224:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.225:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.226:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.154:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Realtracker : Cleaned. :mozilla.596:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.597:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.598:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.599:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.600:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Reliablestats : Cleaned. :mozilla.557:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.558:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Revenue : Cleaned. :mozilla.399:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.400:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.401:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.402:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.403:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.404:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.405:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.406:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.407:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.408:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.409:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.410:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.411:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.412:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.413:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.414:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.415:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.416:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.417:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.418:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.419:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.420:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.421:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.422:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.423:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.424:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned. :mozilla.267:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.268:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.269:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.270:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.271:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.272:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.273:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.274:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.275:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned. :mozilla.757:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Spylog : Cleaned. :mozilla.199:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.200:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.201:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.202:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.203:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.204:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.457:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.458:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned. :mozilla.54:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.55:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.56:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.57:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.58:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.59:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.71:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.72:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.754:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.755:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.756:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Weborama : Cleaned. :mozilla.129:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.178:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yadro : Cleaned. :mozilla.33:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.34:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.219:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.221:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.222:C:\Documents and Settings\Vladimir\Application Data\Mozilla\Firefox\Profiles\y5cspnmx.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end Sekä Hijack logi Logfile of HijackThis v1.99.1 Scan saved at 16:13:16, on 2.7.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Vladimir\Työpöytä\Jurin\HijackThis_v1.99.1.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer - Toimittaja Elisa Internet R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.fi;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\fi\msntb.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe" O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot O4 - HKLM\..\Run: [News Service] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\ispnews.exe" O4 - HKLM\..\Run: [type32] "C:\Program Files\Microsoft IntelliType Pro\type32.exe" O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\point32.exe" O4 - HKLM\..\Run: [OpwareSE2] "C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg O4 - HKLM\..\RunServices: [Winpower] C:\Program Files\UpsPilot\Winpower.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CamTray.exe O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe /R O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - Startup: Microsoft Office Pikahaku.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE O4 - Startup: Officen käynnistys.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = ? O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll O9 - Extra button: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: @C:\Program Files\Messenger\Msgslang.dll,-61144 - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra button: Tuki - {46632A3E-D75F-4BBA-AA68-C0053690DC67} - http://tuki.elisa.net/ (file missing) (HKCU) O9 - Extra button: Palvelut - {F39F7CA3-7F4A-4E65-B389-BEAE22554591} - http://service.kolumbus.fi/ (file missing) (HKCU) O9 - Extra button: SMS-viesti - {F8208EEC-6866-443A-A391-2AE3DAC942F3} - http://sms.kolumbus.fi/ (file missing) (HKCU) O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/ O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Elisa Tietoturvapalvelu (BackWeb Plug-in - 4119343) - BackWeb Technologies Inc. - C:\PROGRA~1\ELISAT~1\backweb\4119343\Program\SERVIC~1.EXE O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.EXE O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - C:\Program Files\ewido anti-spyware 4.0\guard.exe O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4119343\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - Unknown owner - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe (file missing) O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\Norman\Nvc\BIN\nipsvc.exe (file missing) O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:\Program Files\VMware\VMware Player\vmware-authd.exe O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:\WINDOWS\system32\vmnetdhcp.exe O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe O23 - Service: VMware NAT Service - VMware, Inc. - C:\WINDOWS\system32\vmnat.exe O23 - Service: Winpower - ZeroG Software - C:\PROGRA~1\UpsPilot\Winpower.exe O23 - Service: Winpowermanager - ZeroG Software - C:\PROGRA~1\UpsPilot\manager.exe O23 - Service: Winpowermonitor - ZeroG Software - C:\PROGRA~1\UpsPilot\monitor.exe O23 - Service: WinpowerRMI - ZeroG Software - C:\PROGRA~1\UpsPilot\wpRMI.exe O23 - Service: Collaboration Runtime (xmppd-jse8) - Unknown owner - C:\Program Files\Sun\jstudio_ent8\CollabRuntime\bin\xmppd-jse8.exe (file missing) Taisin vahingossa deletoida jotain F-secureen liittyvää mutta en tiedä , mitä. F-secure ei käynnistynyt ja tullut alapalkkiin kuten yleensä. Joten asennanko F-securen uudestaan ja vedän modeemin johdot poikkee vai riittääkö jos korjaan pari tiedostoa vain?
Juu, pakko tehdä niin koska tästä ei ole varmuuskopiota näköjään: C:\Program Files\Elisa Tietoturvapalvelu\FWES\program\fsdfwd.exe -> Adware.Gator : Cleaned.
