Juu koneellani on tällainen ohjelma joka ei kuitenkaan spywarelta näytä. Ohjelma asentaa aina itsensä uudestaan kun sen on poistanut ja näyttää jotain virus alert ruutua koko ajan. Mikä avuksi?
Näyttäisi olevan feikki antispyware ohjelma tuo: http://www.pcdoctor-guide.com/wordpress/?p=2633 Tuolla oli myös ohjeet englanniksi sen poistoon.
Juu kiitos. Voisikohan joku vilkaista vielä hjt-lokin kun tuntuu olevan muutakin roinaa koneella. Logfile of HijackThis v1.99.1 Scan saved at 9:11:06, on 30.3.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTSvcCDA.EXE C:\Norman\NVC\BIN\Zanda.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wdfmgr.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\NORMAN\Nvc\BIN\NJEEVES.EXE C:\NORMAN\Nvc\BIN\nipsvc.exe C:\NORMAN\Nvc\BIN\NVCSCHED.EXE C:\NORMAN\Nvc\BIN\nvcoas.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\NORMAN\Nvc\BIN\ZLH.EXE C:\Program Files\MessengerPlus! 3\MsgPlus.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\Mouse Optical\mouse_2k.exe C:\PROGRA~1\MUSICM~1\MUSICM~2\MMDiag.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\NORMAN\Nvc\BIN\NYMSE.EXE C:\NORMAN\Nvc\BIN\NIP.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\NORMAN\Nvc\BIN\cclaw.exe C:\program files\valve\steam\steam.exe C:\Program Files\Musicmatch\Musicmatch Jukebox\mim.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\Program Files\Wireless LAN Utility\SISCFG.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hjt\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit R3 - URLSearchHook: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O2 - BHO: Windows Resources - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - C:\WINDOWS\winres.dll O2 - BHO: (no name) - {400E0B76-4F0F-F865-8E46-7E3C1A652E12} - C:\DOCUME~1\ASIAKAS\APPLIC~1\AXISTH~1\Surf vga.exe O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file) O3 - Toolbar: SweetIM For Internet Explorer - {BC4FFE41-DE9F-46fa-B455-AAD49B9F9938} - C:\Program Files\Macrogaming\SweetIMBarForIE\toolbar.dll (file missing) O4 - HKLM\..\Run: [Wipe Memo File Hold] C:\Documents and Settings\All Users\Application Data\BodySoftwareWipeMemo\buildhope.exe O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [MimBoot] C:\PROGRA~1\MUSICM~1\MUSICM~2\mimboot.exe O4 - HKLM\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Mouse Optical\mouse_2k.exe O4 - HKLM\..\Run: [ATIPTA] "C:\ATI-CPanel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [MessengerPlus3] "C:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - AppInit_DLLs: MsgPlusLoader.dll O20 - Winlogon Notify: winrkp32 - C:\WINDOWS\SYSTEM32\winrkp32.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\NVC\BIN\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
Niin ja voisikohan joku antaa suomenkieliset ohjeet tuon spyware quaken poistoon kun englannin kielessä en niin pro ole.
Siellä on kyllä muutakin kun se spywarequake Poista lisää/poista sovellus-kohdasta (ohjauspaneeli): MessengerPlus! 3 (asennettu sponsoriohjelmalla, voit asentaa sen uudestaan tämän jälkeen ilman sitä) Lataa tuosta smitrem http://noahdfear.geekstogo.com/click counter/click.php?id=1 ©noahdfear, ja tallenna se työpöydällesi. Tupla-klikkaa tiedostoa purkaaksesi sen omaan kansioonsa. == Lataa Ewido Anti-malware täältä: http://www.ewido.net/en/download Lue ohjeet -> http://keskustelu.afterdawn.com/thread_view.cfm/269186 ÄLÄ aja skanneria vielä, ainoastaan päivitä ja asenna ja pistä asetukset. Älä myöskään asenna Ewidon vartijaa. == Lataa ATF Cleaner http://www.atribune.org/ccount/click.php?id=1 Cleaner by Atribune. Tämä ohjelma on vain XP ja 2000 käyttiksille. ÄLÄ aja sitä vielä. == Lataa Roguescanfix http://www.martijnc.be/tools/roguescanfix.exe ja tallenna se työpöydällesi: [*]Tupla-klikkaa roguescanfix.exe filua asentaaksesi sen. [*]Avaa roguescanfix kansio, ja tupla-klikkaa run.bat. [*]Työpöytäsi ja pikakuvakkeesi katoavat ja ilmaantuvat uudestaan, tämä on normaalia. [*]Odota viestiä joka sanoo "Completed script execution", ja klikkaa OK. [*]Klikkaa "Exit" sulkeaksesi BFU:n. [*]Klikkaa "OK" aloittaaksesi SpywareQuake/Spyfalcon poistajan, sen jälkeen klikkaa "uninstall". HUOMAA: Jos palomuurisi antaa minkään sortin varoituksia tähän skriptiin tai työkaluun, hyväksy ne koska kieltämällä korjaus ei toimisi! == Hae findlop -> http://metallica.geekstogo.com/findlop.zip Pura ja tuplaklikkaa findlop.bat Logi löytyy tuolta C:\findlop.txt == Käynnistä koneesi vikasietotilaan naputtamalla F8 näppäintä käynnistyksen yhteydessä. == Fixaa HjT:llä (do a system scan only, merkkaa ja paina fix checked): O2 - BHO: Windows Resources - {2D38A51A-23C9-48a1-A33C-48675AA2B494} - C:\WINDOWS\winres.dll O2 - BHO: (no name) - {400E0B76-4F0F-F865-8E46-7E3C1A652E12} - C:\DOCUME~1\ASIAKAS\APPLIC~1\AXISTH~1\Surf vga.exe O2 - BHO: (no name) - {4da4616d-7e6e-4fd9-a2d5-b6c535733e22} - (no file) O4 - HKLM\..\Run: [Wipe Memo File Hold] C:\Documents and Settings\All Users\Application Data\BodySoftwareWipeMemo\buildhope.exe O20 - Winlogon Notify: winrkp32 - C:\WINDOWS\SYSTEM32\winrkp32.dll == Poista, jos löytyy: C:\WINDOWS\winres.dll C:\DOCUME~1\ASIAKAS\APPLIC~1\AXISTH~1 C:\Documents and Settings\All Users\Application Data\BodySoftwareWipeMemo C:\WINDOWS\SYSTEM32\winrkp32.dll C:\Program Files\MessengerPlus! 3 == Aja ATF Cleaner: Tupla-klikkaa ATF-Cleaner.exe ajaaksesi ohjelman. Mainin alapuolelta valitse: Select All Klikkaa Empty Selected nappia. Jos käytät Firefoxia selaimenasi Klikkaa Firefox välilehteä yläpuolella ja klikkaa: Select All Klikkaa Empty Selected nappia. HUOMAA: Jos haluat pitää tallennetut salasanasi, klikkaa No varoitukseen. Jos käytät Operaa selaimenasiKlikkaa Opera välilehteä yläpuolelta ja valitse: Select All Klikkaa Empty Selected nappia. HUOMAA: Jos haluat pitää tallennetut salasanasi, klikkaa No varoitukseen. Klikkaa Exit päävalikossa sulkeaksesi ohjelman. == Avaa smitRem kansio, ja tupla-klikkaa RunThis.bat filua ajaaksesi työkalun. Seuraa ohjeita. Odota kunnes työkalu on valmis ja levyn puhdistus kunnossa. Työkalu luo seuraavan lokin: smitfiles.txt paikalliselle levyllesi, kuten C: tai sille mille käyttöjärjestelmäsi on asennettu. Postita tämä loki muiden lokien mukana seuraavaan vastaukseesi. == Aja Ewido: [*]Klikkaa scanner [*]Klikkaa Complete System Scan ja skannaus alkaa. [*]Kun skannaus on kesken sinua pyydetään puhdistamaan filuja, klikkaa OK [*]Kun se pyytää sinua puhdistamaan ensimmäisen filun, rastita vasemmassa alakulmassa boksin joka sanoo "Perform action on all infections" sitten valitse Clean ja klikkaa OK. [*]Kun skanneri on valmis, Save report tulee näkyville. [*]Klikkaa sitä. [*]Tallenna report .txt file työpöydällesi. Sulje Ewido Anti-malware. == Seuraavaksi, klikkaa työpöydällä oikealla hiiren nappulalla -> ominaisuudet -> työpöytä -> mukauta työpöytää -> web-välilehti. Katso, jos siellä on jotain security-välilehti, ota rasti pois tämän kohdalta. == Käynnistä uudelleen normaaliin Windowsiin, postita takaisin seuraavilla tiedoilla: Ewido Log C:\SmitFiles.txt-login kaikki sisältö C:\findlop.txt-sisältö Tuore HijackThis logi
Kiitos avusta. Tässä tulee nyt nämä lokit: --------------------------------------------------------- ewido anti-malware - Scan report --------------------------------------------------------- + Created on: 15:18:56, 30.3.2006 + Report-Checksum: E73D2D19 + Scan result: HKLM\SOFTWARE\Classes\WinRes.WindowsResources -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\WinRes.WindowsResources\CLSID -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\WinRes.WindowsResources\CurVer -> Adware.CoolWebSearch : Cleaned with backup HKLM\SOFTWARE\Classes\WinRes.WindowsResources.1 -> Adware.CoolWebSearch : Cleaned with backup HKU\S-1-5-21-1960408961-839522115-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3FDE0CB5-619F-4227-8961-F2D7ED15B88E} -> Adware.CramToolbar : Cleaned with backup HKU\S-1-5-21-1960408961-839522115-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4DA4616D-7E6E-4FD9-A2D5-B6C535733E22} -> Adware.Generic : Cleaned with backup HKU\S-1-5-21-1960408961-839522115-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5345A7A1-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup HKU\S-1-5-21-1960408961-839522115-725345543-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5345A7A9-805A-4923-B505-86B2FEBA3FE0} -> Adware.Generic : Cleaned with backup [748] C:\WINDOWS\system32\winrkp32.dll -> Downloader.Small.cml : Cleaned with backup C:\Documents and Settings\All Users\Tiedostot\Norton.Internet.Security.Pro.2005.Incl.Keygen-SSG.rar/kgnis.exe -> Dropper.Delf.fd : Error during cleaning :mozilla.6:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.7:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.8:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.9:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.10:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.11:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.19:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-1.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.6:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.7:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Com : Cleaned with backup :mozilla.53:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.54:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.55:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Targetnet : Cleaned with backup :mozilla.57:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Targetnet : Cleaned with backup :mozilla.58:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Targetnet : Cleaned with backup :mozilla.60:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.61:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.62:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.63:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.64:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.65:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.66:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.67:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.68:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.69:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.70:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.71:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.72:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.73:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.74:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Casalemedia : Cleaned with backup :mozilla.86:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.87:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.98:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.100:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.101:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.103:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.105:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.106:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.107:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.108:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Yieldmanager : Cleaned with backup :mozilla.110:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adbrite : Cleaned with backup :mozilla.111:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.112:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.120:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.154:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.155:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.158:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.174:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.175:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.176:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.177:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.178:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.179:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.180:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.181:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.184:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Falkag : Cleaned with backup :mozilla.191:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.192:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.247realmedia : Cleaned with backup :mozilla.193:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.194:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.195:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.196:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Euroclick : Cleaned with backup :mozilla.218:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexlist : Cleaned with backup :mozilla.219:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexlist : Cleaned with backup :mozilla.224:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.225:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.226:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.227:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Sexcounter : Cleaned with backup :mozilla.231:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.232:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Onestat : Cleaned with backup :mozilla.245:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.246:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.251:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Hitslink : Cleaned with backup :mozilla.252:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Hitslink : Cleaned with backup :mozilla.253:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Hitslink : Cleaned with backup :mozilla.254:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Hitslink : Cleaned with backup :mozilla.257:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.258:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Statcounter : Cleaned with backup :mozilla.259:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Masterstats : Cleaned with backup :mozilla.267:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.268:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.269:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.270:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.271:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.272:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trafficmp : Cleaned with backup :mozilla.278:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.292:C:\Documents and Settings\ASIAKAS\Application Data\Mozilla\Firefox\Profiles\ao0evp70.Teme's\cookies-2.txt -> TrackingCookie.Trakkerd : Cleaned with backup :mozilla.23:C:\Documents and Settings\Pia & Jouni\Application Data\Mozilla\Firefox\Profiles\bmn7ks9h.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.24:C:\Documents and Settings\Pia & Jouni\Application Data\Mozilla\Firefox\Profiles\bmn7ks9h.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.25:C:\Documents and Settings\Pia & Jouni\Application Data\Mozilla\Firefox\Profiles\bmn7ks9h.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup C:\Documents and Settings\Pia & Jouni\Cookies\pia & jouni@images.lop[2].txt -> TrackingCookie.Lop : Cleaned with backup C:\Documents and Settings\Pia & Jouni\Käynnistä-valikko\Ohjelmat\Adobe\run.exe -> Downloader.IstBar.is : Cleaned with backup C:\Documents and Settings\Pia & Jouni\Local Settings\Temporary Internet Files\Content.IE5\RH1JKK69\istdownload[1].exe -> Downloader.IstBar.lq : Cleaned with backup :mozilla.12:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup :mozilla.65:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.66:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.67:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.68:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.69:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup :mozilla.82:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.87:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.88:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.101:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup :mozilla.102:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup :mozilla.105:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup :mozilla.108:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.116:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup :mozilla.117:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup :mozilla.119:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.120:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup :mozilla.121:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Ru4 : Cleaned with backup :mozilla.122:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup :mozilla.124:C:\Documents and Settings\Tepanderi\Application Data\Mozilla\Firefox\Profiles\yn4tt3w2.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Documents and Settings\Tepanderi\Cookies\tepanderi@ad.yieldmanager[1].txt -> TrackingCookie.Yieldmanager : Cleaned with backup C:\Program Files\Adobe\Adobe Photoshop CS2\run.exe -> Downloader.IstBar.is : Cleaned with backup C:\RECYCLER\S-1-5-21-1960408961-839522115-725345543-1007\Dc33.exe -> Downloader.IstBar.is : Cleaned with backup :mozilla.8:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup -> : Error during cleaning :mozilla.19:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.20:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.21:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup :mozilla.41:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.42:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.43:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup :mozilla.47:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup :mozilla.48:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.49:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.50:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup :mozilla.51:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup :mozilla.52:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup :mozilla.61:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.62:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup :mozilla.71:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.72:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.73:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.74:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.75:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.76:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.77:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.78:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.79:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.80:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.81:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.82:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.83:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.84:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.85:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.86:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.87:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.88:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.89:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.90:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.91:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.92:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.93:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.94:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.95:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.96:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.97:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.98:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.99:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.100:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.101:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.102:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.103:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.104:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.105:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.106:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.107:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.108:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.109:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.110:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.111:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.112:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.113:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.114:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.115:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.116:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup :mozilla.120:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.121:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup :mozilla.125:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.126:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.127:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.128:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup :mozilla.129:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup :mozilla.142:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup :mozilla.143:C:\vanhat tiedot\Documents and Settings\Teppo\Application Data\Mozilla\Firefox\Profiles\wb2o2fbv.default\cookies.txt -> TrackingCookie.Adserver : Cleaned with backup C:\WINDOWS\system32\winrkp32.dll -> Downloader.Small.cml : Cleaned with backup ::Report End == smitRem © log file version 2.8 by noahdfear Microsoft Windows XP [versio 5.1.2600] Running from C:\Documents and Settings\ASIAKAS\Ty”p”yt„\smitRem ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Pre-run SharedTask Export (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ checking for ShudderLTD key ShudderLTD key not present! checking for PSGuard.com key PSGuard.com key not present! checking for WinHound.com key WinHound.com key not present! spyaxe uninstaller NOT present Winhound uninstaller NOT present SpywareStrike uninstaller NOT present ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Existing Pre-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ mssearchnet.exe nvctrl.exe hp***.tmp logfiles ~~~ Icons in System32 ~~~ ot.ico ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Command Line Process Viewer/Killer/Suspender for Windows NT/2000/XP V2.03 Copyright(C) 2002-2003 Craig.Peacock@beyondlogic.org Killing PID 1524 'explorer.exe' Killing PID 1524 'explorer.exe' Starting registry repairs Registry repairs complete ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SharedTask Export after registry fix (GetSTS.exe) SharedTaskScheduler exporter by Lawrence Abrams (Grinler) Copyright(C) 2006 BleepingComputer.com Registry Pseudo-Format Mode (Not a valid reg file): [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler] "{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader" "{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{438755C2-A8BA-11D1-B96B-00A0C90312E1}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8C7461EF-2B13-11d2-BE35-3078302C2030}\InProcServer32] @="%SystemRoot%\system32\browseui.dll" ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Deleting files ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Remaining Post-run Files ~~~ Program Files ~~~ ~~~ Shortcuts ~~~ ~~~ Favorites ~~~ ~~~ system32 folder ~~~ ~~~ Icons in System32 ~~~ ~~~ Windows directory ~~~ ~~~ Drive root ~~~ ~~~ Miscellaneous Files/folders ~~~ ~~~ Wininet.dll ~~~ CLEAN! == Findlop [TRACE] Enumerating jobs and queues [TRACE] Activating job 'A857BB4B91D031D3.job' [TRACE] Printing all job properties ApplicationName: 'c:\docume~1\-tepi-\applic~1\4drv~1\Storetrayburn.exe' Parameters: '' WorkingDirectory: '' Comment: '' Creator: '-Tepi-' Priority: NORMAL MaxRunTime: 259200000 (3d 0:00:00) IdleWait: 10 IdleDeadline: 60 MostRecentRun: 10/17/2005 15:00:00 NextRun: 03/30/2006 11:00:00 StartError: 0x80070534 ExitCode: 0x40010004 Status: SCHED_S_TASK_READY ScheduledWorkItem Flags: DeleteWhenDone = 0 Suspend = 0 StartOnlyIfIdle = 0 KillOnIdleEnd = 0 RestartOnIdleResume = 0 DontStartIfOnBatteries = 0 KillIfGoingOnBatteries = 0 RunOnlyIfLoggedOn = 1 SystemRequired = 0 Hidden = 1 TaskFlags: 0 1 Trigger Trigger 0: Type: Daily DaysInterval: 1 StartDate: 10/07/1999 EndDate: 00/00/0000 StartTime: 00:00 MinutesDuration: 1440 MinutesInterval: 60 Flags: HasEndDate = 0 KillAtDuration = 0 Disabled = 0 [TRACE] Activating job 'A91235A9910DAB4D.job' [TRACE] Printing all job properties ApplicationName: 'c:\docume~1\asiakas\applic~1\4drv~1\Storetrayburn.exe' Parameters: '' WorkingDirectory: '' Comment: '' Creator: 'ASIAKAS' Priority: NORMAL MaxRunTime: 259200000 (3d 0:00:00) IdleWait: 10 IdleDeadline: 60 MostRecentRun: 00/00/0000 0:00:00 NextRun: 03/30/2006 11:00:00 StartError: SCHED_S_TASK_HAS_NOT_RUN ExitCode: 0 Status: SCHED_S_TASK_HAS_NOT_RUN ScheduledWorkItem Flags: DeleteWhenDone = 0 Suspend = 0 StartOnlyIfIdle = 0 KillOnIdleEnd = 0 RestartOnIdleResume = 0 DontStartIfOnBatteries = 0 KillIfGoingOnBatteries = 0 RunOnlyIfLoggedOn = 1 SystemRequired = 0 Hidden = 1 TaskFlags: 0 1 Trigger Trigger 0: Type: Daily DaysInterval: 1 StartDate: 02/16/2000 EndDate: 00/00/0000 StartTime: 00:00 MinutesDuration: 1440 MinutesInterval: 60 Flags: HasEndDate = 0 KillAtDuration = 0 Disabled = 0 [TRACE] Activating job 'HP Usg Daily.job' [TRACE] Printing all job properties ApplicationName: 'c:\Program Files\Hewlett-Packard\{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}\pexpress\hphped05.exe' Parameters: '' WorkingDirectory: '' Comment: '' Creator: 'ASIAKAS' Priority: NORMAL MaxRunTime: 259200000 (3d 0:00:00) IdleWait: 10 IdleDeadline: 60 MostRecentRun: 03/28/2006 18:49:00 NextRun: 03/30/2006 10:49:00 StartError: S_OK ExitCode: 0 Status: SCHED_S_TASK_READY ScheduledWorkItem Flags: DeleteWhenDone = 1 Suspend = 0 StartOnlyIfIdle = 0 KillOnIdleEnd = 0 RestartOnIdleResume = 0 DontStartIfOnBatteries = 0 KillIfGoingOnBatteries = 0 RunOnlyIfLoggedOn = 0 SystemRequired = 0 Hidden = 0 TaskFlags: 0 1 Trigger Trigger 0: Type: Daily DaysInterval: 1 StartDate: 08/20/2005 EndDate: 00/00/0000 StartTime: 14:49 MinutesDuration: 1440 MinutesInterval: 240 Flags: HasEndDate = 0 KillAtDuration = 0 Disabled = 0 [TRACE] Activating job 'MP Scheduled Scan.job' [TRACE] Printing all job properties ApplicationName: 'C:\Program Files\Windows Defender\MpCmdRun.exe' Parameters: 'Scan -ScanType config -Privileges restricted' WorkingDirectory: '' Comment: 'Scheduled Scan' Creator: 'SYSTEM' Priority: NORMAL MaxRunTime: 259200000 (3d 0:00:00) IdleWait: 10 IdleDeadline: 60 MostRecentRun: 00/00/0000 0:00:00 NextRun: 03/31/2006 2:20:00 StartError: SCHED_S_TASK_HAS_NOT_RUN ExitCode: 0 Status: SCHED_S_TASK_HAS_NOT_RUN ScheduledWorkItem Flags: DeleteWhenDone = 0 Suspend = 0 StartOnlyIfIdle = 0 KillOnIdleEnd = 0 RestartOnIdleResume = 0 DontStartIfOnBatteries = 1 KillIfGoingOnBatteries = 0 RunOnlyIfLoggedOn = 0 SystemRequired = 0 Hidden = 1 TaskFlags: 0 1 Trigger Trigger 0: Type: Daily DaysInterval: 1 StartDate: 03/30/2006 EndDate: 00/00/0000 StartTime: 02:20 MinutesDuration: 0 MinutesInterval: 0 Flags: HasEndDate = 0 KillAtDuration = 0 Disabled = 0 == Logfile of HijackThis v1.99.1 Scan saved at 15:36:08, on 30.3.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Norman\NVC\BIN\Zanda.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\WINDOWS\system32\svchost.exe C:\NORMAN\Nvc\BIN\ZLH.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\NORMAN\Nvc\BIN\NYMSE.EXE C:\NORMAN\Nvc\BIN\NIP.EXE C:\Program Files\Creative\Mouse Optical\mouse_2k.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\program files\valve\steam\steam.exe C:\WINDOWS\system32\UAService7.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\Program Files\Wireless LAN Utility\SISCFG.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\NORMAN\Nvc\BIN\NJEEVES.EXE C:\NORMAN\Nvc\BIN\nipsvc.exe C:\NORMAN\Nvc\BIN\NVCSCHED.EXE C:\NORMAN\Nvc\BIN\nvcoas.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\alg.exe C:\NORMAN\Nvc\BIN\cclaw.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hjt\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Mouse Optical\mouse_2k.exe O4 - HKLM\..\Run: [ATIPTA] "C:\ATI-CPanel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU\..\Run: [eggsdoes] C:\DOCUME~1\ASIAKAS\APPLIC~1\4DRV~1\corn acid tick.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O20 - Winlogon Notify: winrkp32 - winrkp32.dll (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\NVC\BIN\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe == Siinä hetkeksi luettavaa
Juu, niin on Fixaa nämä HjT:llä (do a system scan only, merkkaa ja paina fix checked): O4 - HKCU\..\Run: [eggsdoes] C:\DOCUME~1\ASIAKAS\APPLIC~1\4DRV~1\corn acid tick.exe O20 - Winlogon Notify: winrkp32 - winrkp32.dll (file missing) Poista, jos löytyy c:\docume~1\asiakas\applic~1\4drv~1 c:\docume~1\-tepi-\applic~1\4drv~1 Hae KillBox http://www.bleepingcomputer.com/files/spyware/KillBox.zip Pura,avaa ja täppi kohtaan Delete on Reboot Sitte kopioi molemmat rivit tosta alapuolelta yhellä kertaa C:\WINDOWS\Tasks\A857BB4B91D031D3.job C:\WINDOWS\Tasks\A91235A9910DAB4D.job Sitten KillBoxissa ylhäältä File > Paste from Clipboard Valitse "All Files".Sen jälkeen paina Delete (punainen, jossa on valkonen X) Vastaa myöntävästi kysymyksiin ja jos kone ei itestään käynnisty uudestaan,niin käynnistä se. Lähetä sen jälkeen uus Hijack-logi.
Tässähän tämä: == Logfile of HijackThis v1.99.1 Scan saved at 16:00:28, on 30.3.2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTSvcCDA.EXE C:\Program Files\ewido anti-malware\ewidoctrl.exe C:\Program Files\ewido anti-malware\ewidoguard.exe C:\Norman\NVC\BIN\Zanda.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\NORMAN\Nvc\BIN\ZLH.EXE C:\Program Files\D-Tools\daemon.exe C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\Mouse Optical\mouse_2k.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\WINDOWS\system32\svchost.exe C:\NORMAN\Nvc\BIN\NYMSE.EXE C:\NORMAN\Nvc\BIN\NIP.EXE C:\WINDOWS\system32\wdfmgr.exe C:\Program Files\Windows Defender\MSASCui.exe C:\WINDOWS\system32\UAService7.exe C:\Program Files\Winamp\winampa.exe C:\WINDOWS\system32\MsPMSPSv.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe C:\Program Files\HP\hpcoretech\hpcmpmgr.exe C:\program files\valve\steam\steam.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\NORMAN\Nvc\BIN\nvcoas.exe C:\WINDOWS\system32\wscntfy.exe C:\NORMAN\Nvc\BIN\NJEEVES.EXE C:\NORMAN\Nvc\BIN\NVCSCHED.EXE C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe C:\NORMAN\Nvc\BIN\nipsvc.exe C:\Program Files\Wireless LAN Utility\SiWake.exe C:\WINDOWS\System32\alg.exe C:\NORMAN\Nvc\BIN\cclaw.exe C:\Program Files\Wireless LAN Utility\SISCFG.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\hjt\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://g.msn.fi/0SEFIFI/SAOS01?FORM=TOOLBR R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [Norman ZANDA] C:\NORMAN\Nvc\BIN\ZLH.EXE /LOAD /SPLASH O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CreativeMouse ] C:\Program Files\Creative\Mouse Optical\mouse_2k.exe O4 - HKLM\..\Run: [ATIPTA] "C:\ATI-CPanel\atiptaxx.exe" O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [HP Software Update] "c:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent O4 - HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Global Startup: SiWake.lnk = C:\Program Files\Wireless LAN Utility\SiWake.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab O16 - DPF: {5BDBD95C-1E7F-4FB1-8497-20AF879F8B68} (FileSharingCtrl Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/FileSharing/fi/filesharingctrl.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab32846.cab O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Autodesk Licensing Service - Autodesk, Inc. - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTSvcCDA.EXE O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: Norman API-hooking helper (NipSvc) - Unknown owner - C:\NORMAN\Nvc\BIN\nipsvc.exe O23 - Service: Norman NJeeves - Unknown owner - C:\NORMAN\Nvc\BIN\NJEEVES.EXE O23 - Service: Norman ZANDA - Unknown owner - C:\Norman\NVC\BIN\Zanda.exe O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\NORMAN\Nvc\BIN\nvcoas.exe O23 - Service: Norman Virus Control Scheduler (NVCScheduler) - Norman Data Defense Systems - C:\NORMAN\Nvc\BIN\NVCSCHED.EXE O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe ==
Nyt on kunnossa Tässä ohje kuinka asentaa tuo meseplus ilman sitä sponsoriohjelmaa -> http://keskustelu.afterdawn.com/thread_view.cfm/280957
