Virus system memoryssä... backdoor.trojan tiedosto: winowl32.dll

Discussion in 'Virukset ja haittaohjelmat' started by jami87, Apr 26, 2006.

  1. jami87

    jami87 Member

    Joined:
    Jul 18, 2005
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    Joo tarkastelin tuossa koneelta normaalisti virukset ja spyware doctor huomasi troijalaisen... poistettua kaikki roskat niin tohtori sanoi että kone täytyy käynnistää uudestaan koska yksi roska on poistettu system memorystä... noh boottauksen jälkeen tarkistus niin siellä se oli vieläki ja ei auttanu mitään... nyt olen töissä joten logeja en pysty antamaan tällä hetkellä... jos joku keksii vastauksen ongelmaan miten saa poies niin kiitos...
     
    jami87, Apr 26, 2006
    #1
  2. blade81

    blade81 Active member

    Joined:
    Jul 28, 2003
    Messages:
    1,287
    Likes Received:
    0
    Trophy Points:
    66
    Laita lokia, kun pääset töistä. Katsotaan sitten.
     
    blade81, Apr 26, 2006
    #2
  3. jami87

    jami87 Member

    Joined:
    Jul 18, 2005
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    tässä tämä logi... eli nyt tiedän troijalaisen nimenkin mikä kiusaa...


    Logfile of HijackThis v1.99.1
    Scan saved at 17:47:24, on 27.4.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    F:\ohjelmat\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    F:\ohjelmat\NetLimiter\NetLimiter.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    F:\ohjelmat\Spyware Doctor\swdoctor.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Icecast2 Win32\icecastService.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    F:\ohjelmat\Spyware Doctor\sdhelp.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hjt\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Ohjelmat\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [WinampAgent] F:\ohjelmat\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [NetLimiter] F:\ohjelmat\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "f:\pelit2\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "F:\Ohjelmat\Spyware Doctor\swdoctor.exe" /Q
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143656080593
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143656330078
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WB - F:\ohjelmat\AlienGUIse\fastload.dll
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\ohjelmat\Spyware Doctor\sdhelp.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe

     
    jami87, Apr 27, 2006
    #3
  4. blade81

    blade81 Active member

    Joined:
    Jul 28, 2003
    Messages:
    1,287
    Likes Received:
    0
    Trophy Points:
    66
    Käynnistä hjt, klikkaa do a system scan only, merkkaa:
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchURL = prosearching.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page_bak = prosearching.com
    O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)

    Sulje muut ikkunat ja klikkaa fix checked.

    Hae Ewido ja päivitä ohjeiden mukaan (http://keskustelu.afterdawn.com/thread_view.cfm/269186). Käynnistä vikasietotilaan ja tee full scan Ewidolla. Tallenna loki.

    Käynnistä normaalitilaan ja lähetä uusi hjt-loki ja Ewidon loki.
     
    blade81, Apr 27, 2006
    #4
  5. jami87

    jami87 Member

    Joined:
    Jul 18, 2005
    Messages:
    32
    Likes Received:
    0
    Trophy Points:
    16
    No niin kaikki nuo tehty...

    Logfile of HijackThis v1.99.1
    Scan saved at 19:21:07, on 27.4.2006
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\csrss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    F:\ohjelmat\Winamp\winampa.exe
    C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    F:\ohjelmat\NetLimiter\NetLimiter.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    F:\Ohjelmat\Spyware Doctor\swdoctor.exe
    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    F:\ohjelmat\ewido anti-malware\ewidoctrl.exe
    C:\Program Files\Icecast2 Win32\icecastService.exe
    C:\Program Files\Norton Internet Security\ISSVC.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    F:\ohjelmat\Spyware Doctor\sdhelp.exe
    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    C:\WINDOWS\System32\wdfmgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    C:\WINDOWS\System32\wbem\wmiprvse.exe
    C:\WINDOWS\System32\alg.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hjt\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
    O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - F:\Ohjelmat\SPYWAR~1\tools\iesdsg.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
    O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
    O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
    O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
    O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
    O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
    O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
    O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe
    O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
    O4 - HKLM\..\Run: [IMONTRAY] C:\Program Files\Intel\Intel(R) Active Monitor\imontray.exe
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [WinampAgent] F:\ohjelmat\Winamp\winampa.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
    O4 - HKLM\..\Run: [BootSkin Startup Jobs] "C:\Program Files\Stardock\WinCustomize\BootSkin\BootSkin.exe" /StartupJobs
    O4 - HKLM\..\Run: [NetLimiter] F:\ohjelmat\NetLimiter\NetLimiter.exe /s
    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Steam] "f:\pelit2\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Spyware Doctor] "F:\Ohjelmat\Spyware Doctor\swdoctor.exe" /Q
    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
    O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: Vie Microsoft E&xceliin - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
    O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - F:\Ohjelmat\SPYWAR~1\tools\iesdpb.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1143656080593
    O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1143656330078
    O16 - DPF: {88D969C0-F192-11D4-A65F-0040963251E5} (XML DOM Document 4.0) - file://C:\TempEI4\EI40_\msxml4.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - Winlogon Notify: WB - F:\ohjelmat\AlienGUIse\fastload.dll
    O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: ewido security suite control - ewido networks - F:\ohjelmat\ewido anti-malware\ewidoctrl.exe
    O23 - Service: Icecast Media Server (Icecast) - Unknown owner - C:\Program Files\Icecast2 Win32\icecastService.exe" "C:\Program Files\Icecast2 Win32 (file missing)
    O23 - Service: Intel(R) Active Monitor (imonNT) - Intel Corp. - C:\Program Files\Intel\Intel(R) Active Monitor\imonnt.exe
    O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Internet Security\ISSVC.exe
    O23 - Service: Norton AntiVirus Auto-Protect -palvelu (navapsvc) - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
    O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton Internet Security\Norton AntiVirus\SAVScan.exe
    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
    O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - F:\ohjelmat\Spyware Doctor\sdhelp.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
    O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe





    ja tässä on sitten tämä ewido logi

    ---------------------------------------------------------
    ewido anti-malware - Scan report
    ---------------------------------------------------------

    + Created on: 19:15:05, 27.4.2006
    + Report-Checksum: 627184C2

    + Scan result:

    [260] C:\WINDOWS\system32\winowl32.dll -> Trojan.Agent.qt : Cleaned with backup
    :mozilla.23:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.24:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.25:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.26:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.27:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned with backup
    :mozilla.29:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.32:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.33:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.34:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.35:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.36:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.58:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.64:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.65:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.66:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.67:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.68:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.69:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.70:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.71:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.72:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.73:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.74:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.75:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.76:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.77:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.78:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.79:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.80:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.81:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.82:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.83:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.84:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.85:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.86:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.87:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.88:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.163:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.164:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adtech : Cleaned with backup
    :mozilla.169:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.170:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned with backup
    :mozilla.171:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
    :mozilla.172:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
    :mozilla.173:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned with backup
    :mozilla.191:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned with backup
    :mozilla.209:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.210:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.211:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.212:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.213:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Advertising : Cleaned with backup
    :mozilla.216:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.217:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned with backup
    :mozilla.233:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
    :mozilla.237:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
    :mozilla.238:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
    :mozilla.240:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned with backup
    :mozilla.253:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.254:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned with backup
    :mozilla.280:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Coremetrics : Cleaned with backup
    :mozilla.287:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Etracker : Cleaned with backup
    :mozilla.312:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.313:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.314:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.316:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.317:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.319:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.320:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.321:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.322:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned with backup
    :mozilla.327:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned with backup
    :mozilla.342:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned with backup
    :mozilla.355:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hotlog : Cleaned with backup
    :mozilla.356:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Spylog : Cleaned with backup
    :mozilla.364:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.365:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.366:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned with backup
    :mozilla.369:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.370:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.371:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.372:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.373:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.374:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.375:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned with backup
    :mozilla.377:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
    :mozilla.378:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
    :mozilla.379:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.380:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.381:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.382:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.383:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.384:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.392:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.393:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.394:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Tacoda : Cleaned with backup
    :mozilla.403:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.422:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.423:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.424:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.429:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.437:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.445:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.446:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstnet : Cleaned with backup
    :mozilla.454:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.455:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.456:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Zedo : Cleaned with backup
    :mozilla.474:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Revenue : Cleaned with backup
    :mozilla.502:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
    :mozilla.503:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Qksrv : Cleaned with backup
    :mozilla.504:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.2o7 : Cleaned with backup
    :mozilla.520:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Com : Cleaned with backup
    :mozilla.530:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.531:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.545:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
    :mozilla.546:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sitestat : Cleaned with backup
    :mozilla.577:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.578:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.579:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Falkag : Cleaned with backup
    :mozilla.580:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned with backup
    :mozilla.596:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Paycounter : Cleaned with backup
    :mozilla.601:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
    :mozilla.602:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned with backup
    :mozilla.603:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
    :mozilla.604:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Valueclick : Cleaned with backup
    :mozilla.650:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.651:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.653:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.658:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.659:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.669:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
    :mozilla.671:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Yadro : Cleaned with backup
    :mozilla.691:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.692:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.693:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.694:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.695:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.696:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.697:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.698:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.699:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.700:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned with backup
    :mozilla.709:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.710:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Euroclick : Cleaned with backup
    :mozilla.713:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.719:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned with backup
    :mozilla.734:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.735:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Overture : Cleaned with backup
    :mozilla.759:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Enhance : Cleaned with backup
    :mozilla.767:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned with backup
    :mozilla.774:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.775:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Onestat : Cleaned with backup
    :mozilla.807:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.808:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.809:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Pointroll : Cleaned with backup
    :mozilla.821:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Bfast : Cleaned with backup
    :mozilla.823:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Targetnet : Cleaned with backup
    :mozilla.843:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Burstbeacon : Cleaned with backup
    :mozilla.857:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.863:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Sexlist : Cleaned with backup
    :mozilla.874:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.877:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.878:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.879:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.880:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.881:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned with backup
    :mozilla.889:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned with backup
    :mozilla.894:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    :mozilla.905:C:\Documents and Settings\Räsänen\Application Data\Mozilla\Firefox\Profiles\r2pt0aty.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned with backup
    C:\Documents and Settings\Räsänen\Cookies\räsänen@atdmt[1].txt -> TrackingCookie.Atdmt : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temp\Cookies\räsänen@doubleclick[1].txt -> TrackingCookie.Doubleclick : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temp\winB7.tmp.exe -> Trojan.Dialer.oy : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temp\winC3.tmp.exe -> Downloader.IstBar.eq : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\4DIL4WKV\YazzleActiveX[1].cab/YazzleActiveX.ocx -> Adware.MediaTickets : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\782Z6ST8\mulbin1[1].exe -> Trojan.Dialer.oy : Cleaned with backup
    C:\Documents and Settings\Räsänen\Local Settings\Temporary Internet Files\Content.IE5\R4RBK24U\wizp32[1].exe -> Downloader.IstBar.eq : Cleaned with backup
    C:\Program Files\DAEMON Tools\SetupDTSB.exe -> Adware.SaveNow : Cleaned with backup
    C:\Program Files\themexp\Themexp.org File\NNWDAB638.EXE -> Adware.NewDotNet : Cleaned with backup
    C:\WINDOWS\NDNuninstall6_38.exe -> Adware.NewDotNet : Cleaned with backup
    C:\WINDOWS\NDNuninstall7_22.exe -> Adware.NewDotNet : Cleaned with backup
    C:\WINDOWS\system32\winowl32.dll -> Trojan.Agent.qt : Cleaned with backup


    ::Report End

     
    jami87, Apr 27, 2006
    #5
  6. blade81

    blade81 Active member

    Joined:
    Jul 28, 2003
    Messages:
    1,287
    Likes Received:
    0
    Trophy Points:
    66
    Hjt:llä vielä fixi tälle:
    O20 - Winlogon Notify: winowl32 - winowl32.dll (file missing)

    Etsi ja poista, jos löytyy winowl32.dll (Ewidon pitäisi olla poistanut, mutta varmistetaan vielä).

    Kannattaa muuten asentaa hosts filu. Muuttuu surffailu kerralla turvallisemmaksi. Tässä ohjetta -> http://keskustelu.afterdawn.com/thread_view.cfm/320373
     
    blade81, Apr 27, 2006
    #6

Share This Page