Vuosipuhdistusta vailla...

Discussion in 'Virukset ja haittaohjelmat - HijackThis -logit' started by J1N, Oct 8, 2009.

  1. J1N

    J1N Member

    Joined:
    Jan 26, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    Tossa olis teille oi viisaat listaa:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 19:14:45, on 8.10.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\VDOTool\TBPanel.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    L:\Asennus\MagicDisc\MagicDisc.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
    C:\WINDOWS\explorer.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S12F.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MagicDisc.lnk = L:\Asennus\MagicDisc\MagicDisc.exe
    O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
    O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 10156 bytes
     
    J1N, Oct 8, 2009
    #1
  2. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Ei paha !!!

    Selaimen ToolBaareja on huomattavan paljon.

    ----------------------------

    Mene Windowsin ControlPaneliin (Ohjauspaneli) ja sieltä Lisää / Poista sovellus
    Vistassa Ohjelmat ja toiminnot
    Etsi ja poista ohjelma jonka nimessä on:

    Ei päivityksiä yli vuoteen.
    AVG Anti-Spyware 7.5

    -----------------------------------------------------------------------

    Lataus ja siivous ohjeet: TÄÄLLÄ

    ----------------------------------------------------------

    Lataa levyn eheytys: DiskDefrag Työpöydälle ja käynnistä install.
    Käynnistä työpöydältä AusLogics Disk Defrag ohjelma. Valitse C:\ jos se on
    käyttöjärjestelmä asennus asema. ==> NEXT

    ----------------------------------------------------------------

    Lataa Atribunen ATF Cleaner

    Tupla-klikkaa ATF-Cleaner.exe käynnistääksesi ohjelman. Main:n alla valitse: Select All
    Klikkaa Empty Selected valintaa.

    Jos käytät FireFoxia selaimenasi Klikkaa Firefox yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.

    Jos käytät Operaa selaimenasi Klikkaa Opera yläpuolelta ja valitse: Select All
    Klikkaa Empty Selected valintaa taas.
    HUOMIO: Jos haluaisit pitää tallennetut salasanasi, klikkaa No kun se sitä kysyy.

    Klikkaa Exit päävalikosta sulkeaksesi ohjelman.

    ----------------------------------------------

    Skannaa koneesi Kaspersky Online Skannerilla

    * Lue läpi vaatimukset ja yksityisyyssäännökset ja klikkaa Accept.
    * Skannerin ja virustietokannan lataus alkaa. Sinulta kysytään sallitko Kasperskyltä tulevan ohjelman asentamisen. Klikkaa Aja/Run.
    * Kun lataus on valmis, klikkaa Settings.
    * Varmistu, että seuraavat kohdat on valittu. Jos ne eivät ole, valitse ne ja klikkaa Save: Spyware, Adware, Dialers, and other potentially dangerous programs
    Archives
    Mail databases

    * Klikkaa Oma Tietokone, My Computer Scan-kohdan alapuolelta.
    * Kun tarkistus on valmis, tulokset näytetään. Klikkaa View Scan Report.
    * Näet listan saastuneista kohteista. Klikkaa Save Report As....
    * Tallenna tiedosto työpöydällesi. Muuta Tiedostotyyppi/Files of type muotoon Tekstitiedosto/Text file(.txt) ennen kuin klikkaat Save.

    * Kopioi ja liitä tiedoston sisältö seuraavaan vastaukseesi
    * uuden HijackThis-lokin kera

    ---------------------------------------------------------------------------------------------

    Poista ne rivit jotka ovat vielä jäljellä:

    Sammuta selain ja muut ohjelmat Fixin ajaksi. (ei virustorjuntaa)
    Käynnistä HijackThis:ja Scan ja ruksaa seuraavat punaisella listatut tiedostot
    (HJT sammuttaa ohjelman ei poista)

    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
    O4 - HKLM\..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /install
    O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe

    sekä sammuta ne.(fix Chekked) napista.

    Tyhjennä roskakori ja käynnistä koneesi uudelleen.

    Poista kansio/t, jos löytyy:
    C:\Program Files\Grisoft\

    Postita tänne seuraavat lokit:
    * Tuore HijackThis loki (Otetaan viimeisenä ennen postitusta)
    * Kaperskyn raportti jos se löyti jotain.
    *
    * Auttoiko ???
    *
     
    kalminen, Oct 8, 2009
    #2
  3. J1N

    J1N Member

    Joined:
    Jan 26, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    Kaspersky jämähtää joka kerta alle 20%...

    Mutta tossa uusi lista:

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 16:35:23, on 10.10.2009
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16876)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
    C:\Program Files\F-Secure\Common\FSMA32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
    C:\Program Files\Java\jre6\bin\jqs.exe
    C:\Program Files\F-Secure\Common\FSMB32.EXE
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
    C:\Program Files\F-Secure\Common\FCH32.EXE
    C:\Program Files\F-Secure\Common\FAMEH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
    C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
    C:\Program Files\F-Secure\Common\FNRB32.EXE
    C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    C:\Program Files\F-Secure\Common\FIH32.EXE
    C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
    C:\WINDOWS\system32\wbem\wmiapsrv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\VDOTool\TBPanel.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\Program Files\D-Tools\daemon.exe
    C:\Program Files\F-Secure\Common\FSM32.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
    C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
    C:\Program Files\F-Secure\FSGUI\fsguidll.exe
    C:\Program Files\Windows Live\Contacts\wlcomm.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Adobe PDF Reader -linkkiavustaja - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
    O2 - BHO: Windows Liven kirjautumisapuohjelma - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
    O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
    O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar.dll
    O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
    O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll
    O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [EPSON Stylus DX4000 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIBEE.EXE /FU "C:\WINDOWS\TEMP\E_S12F.tmp" /EF "HKLM"
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Paikallinen palve')
    O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Verkkopalve')
    O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
    O4 - Startup: MagicDisc.lnk = L:\Asennus\MagicDisc\MagicDisc.exe
    O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
    O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
    O8 - Extra context menu item: &Google Search - res://C:\Program Files\Google\googletoolbar.dll/cmsearch.html
    O8 - Extra context menu item: &Winamp Search - C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
    O8 - Extra context menu item: Backward &Links - res://C:\Program Files\Google\googletoolbar.dll/cmbacklinks.html
    O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\Program Files\Google\googletoolbar.dll/cmcache.html
    O8 - Extra context menu item: Si&milar Pages - res://C:\Program Files\Google\googletoolbar.dll/cmsimilar.html
    O8 - Extra context menu item: Translate into English - res://C:\Program Files\Google\googletoolbar.dll/cmtrans.html
    O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
    O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
    O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
    O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
    O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
    O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

    --
    End of file - 9704 bytes
     
    J1N, Oct 10, 2009
    #3
  4. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Vaihdetaan ohjelmaa !!!

    Tarkista koneesi F-Securen online skannerilla
    * Rastita I have read and accepted the license term ja paina install.

    * Jos käytät firefoxia, sinua pyydetään asentamaan F-securen lisäosa. Asenna se ja valitse
    "Käynnistä selain uudelleen" kun lisäosa on asennettu.
    * Jos käytät Internet Exploreria, sinua pyydetään asentamaan Active X komponentti, asenna se.

    * Paina Start. Sivusto lataa hetken ja F-secure Online Scanner -ikkuna aukeaa.
    * Valitse My scan ja paina sen alla Show option.
    * Valitse Select file types for scanning -kohtaan "all file types" ja rastita myös sen alla oleva "Scan inside compressed files (zip, rar, lzh, ...)" ja paina Ok.
    * Paina Start. Ohjelma lataa tarvittavat tiedostot ja aloittaa skannauksen. Skannauksessa voi kestää jonkin aikaa.
    * Kun skannaus valmis, varmista että Clean the files -kohdan merkki on kohdassa: "Automatically (recommended)" ja paina "Next".
    * Kun puhdistus on suoritettu paina "Full report...". Raportti aukeaa selaimeesi. Mene raportti sivulle ja paina Ctrl ja A maalataksesi koko sivuston tekstin ja paina Ctrl ja C kopioidaksesi maalatun tekstin.

    * Liitä F-securen skannaus raportti seuraavaan viestiisi painamalla Ctrl ja V vastaus kenttään.
    .
     
    kalminen, Oct 10, 2009
    #4
  5. J1N

    J1N Member

    Joined:
    Jan 26, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    No nyt homma toimi...

    Scanning Report
    Tuesday, October 13, 2009 17:42:43 - 19:28:33

    Computer name: YOUR-A27AFDD83E
    Scanning type: Scan system for malware, spyware and rootkits
    Target: C:\ L:\
    4 malware found
    Gen:Trojan.Heur.deW@IXWl0Ak (spyware)

    * System (Disinfected)

    Trojan.Generic.1418789 (spyware)

    * System (Disinfected)

    Gen:Trojan.Heur.GM (spyware)

    * System (Disinfected)

    Gen:Trojan.Heur.deW@IXWl0Ak (virus)

    * C:\Documents and Settings\Fujitsu\Työpöytä\Aquitania 1.23[PCgame][h33t][mrtek2k]\THETA.nfo.exe (Not cleaned)

    Statistics
    Scanned:

    * Files: 187141
    * System: 3465
    * Not scanned: 134

    Actions:

    * Disinfected: 3
    * Renamed: 0
    * Deleted: 0
    * Not cleaned: 1
    * Submitted: 0

    Files not scanned:

    * C:\PAGEFILE.SYS
    * C:\WINDOWS\WINSXS\X86_MICROSOFT.VC90.DEBUGMFC_1FC8B3B9A1E18E3B_9.0.30729.1_X-WW_C94A3A24\MFC90D.DLL
    * C:\WINDOWS\WINSXS\X86_MICROSOFT.VC90.DEBUGMFC_1FC8B3B9A1E18E3B_9.0.30729.1_X-WW_C94A3A24\MFC90UD.DLL
    * C:\WINDOWS\TEMP\PERFLIB_PERFDATA_6F0.DAT
    * C:\WINDOWS\SYSTEM32\MRT.EXE
    * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT
    * C:\WINDOWS\SYSTEM32\CONFIG\DEFAULT.LOG
    * C:\WINDOWS\SYSTEM32\CONFIG\SAM
    * C:\WINDOWS\SYSTEM32\CONFIG\SAM.LOG
    * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY
    * C:\WINDOWS\SYSTEM32\CONFIG\SECURITY.LOG
    * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE.LOG
    * C:\WINDOWS\SYSTEM32\CONFIG\SOFTWARE
    * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM
    * C:\WINDOWS\SYSTEM32\CONFIG\SYSTEM.LOG
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SHFUSION.DLL
    * C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\prcp.nlp
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SOS.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.CONFIGURATION.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DATA.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DATA.ORACLECLIENT.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DATA.SQLXML.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DEPLOYMENT.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DESIGN.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DIRECTORYSERVICES.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DIRECTORYSERVICES.PROTOCOLS.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DRAWING.DESIGN.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.DRAWING.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.ENTERPRISESERVICES.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.ENTERPRISESERVICES.THUNK.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.MANAGEMENT.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.MESSAGING.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.RUNTIME.REMOTING.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.SECURITY.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.RUNTIME.SERIALIZATION.FORMATTERS.SOAP.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.SERVICEPROCESS.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.TRANSACTIONS.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.WEB.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.WEB.MOBILE.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.WEB.SERVICES.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.WINDOWS.FORMS.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\SYSTEM.XML.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\TLBREF.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\VBC.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\VSAVB7RT.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\WEBENGINE.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\_NETWORKINGPERFCOUNTERS.INI
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\ASP.NETWEBADMINFILES\IMAGES\ASPDOTNET_LOGO.JPG
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\1033\ALINKUI.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\1033\CSCOMPUI.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\1033\CVTRESUI.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\1033\VBC7UI.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V2.0.50727\1033\VSAVB7RTUI.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ACCESSIBILITY.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ALINK.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_RC.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_REGIIS.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ASPNET_STATE.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\CASPOL.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\CORPERFMONEXT.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\CSCOMP.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\CSCOMPMGD.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\DIASYMREADER.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\C_G18030.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\EVENTLOGMESSAGES.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\FUSION.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\IEEXEC.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\IIEHOST.DLL
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ILASM.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\INSTALLUTIL.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\JSC.EXE
    * C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V1.1.4322\ISYMWRAPPER.DLL
    * C:\WINDOWS\MICROSOFT.NET\DIRECTX FOR MANAGED CODE\1.0.2903.0\MICROSOFT.DIRECTX.DIRECT3DX.DLL
    * C:\WINDOWS\MICROSOFT.NET\DIRECTX FOR MANAGED CODE\1.0.2902.0\MICROSOFT.DIRECTX.DIRECT3D.DLL
    * C:\WINDOWS\$NTUNINSTALLKB917734_WMP10$\SPUNINST\SPUNINST.INF
    * C:\WINDOWS\$NTUNINSTALLKB917422$\SPUNINST\SPUNINST.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP997\A0084066.DLL
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088014.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088018.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088025.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088036.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088037.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1050\A0088042.EXE
    * C:\SYSTEM VOLUME INFORMATION\_RESTORE{18340257-378F-4DA9-AD9B-84C8A51C540F}\RP1030\A0087463.DLL
    * C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\EZPMUTILS.DLL
    * C:\PROGRAM FILES\SKYPE\PLUGIN MANAGER\SPMSERVICES.DLL
    * C:\PROGRAM FILES\REAL\REALPLAYER\SETUP\SETUP.EXE
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\axdist.inf
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\hlink.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\hlinkprx.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\inloader.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\oleaut32.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\schannel.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\stdole2.tlb
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\urlmon.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\wininet.dll
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\ADVPACK.DLL
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\W95INF32.DLL
    * C:\Program Files\F-Secure\common\custom\custom1\rifs\AXDIST.EXE\W95INF16.DLL
    * C:\PROGRAM FILES\AQUITANIA\UNINSTALL.EXE
    * C:\PROGRAM FILES\ABBYY FINEREADER 6.0 SPRINT\FINEREADER6.SPRINT.DOT
    * C:\NVIDIA\WINXP\182.08\IS\PHYSX_9.09.0203_SYSTEMSOFTWARE.EXE
    * C:\NVIDIA\WINXP\181.22\ENGLISH\PHYSX_9.09.0010_SYSTEMSOFTWARE.EXE
    * C:\MEDIAONE2\IVIASPI.EXE
    * C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\NTUSER.DAT
    * C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\NTUSER.DAT.LOG
    * C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
    * C:\DOCUMENTS AND SETTINGS\NETWORKSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG
    * C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT
    * C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\NTUSER.DAT.LOG
    * C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
    * C:\DOCUMENTS AND SETTINGS\LOCALSERVICE\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\NTUSER.DAT
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\NTUSER.DAT.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\TYÖPÖYTÄ\VENTRILOMIX05(2).EXE
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\TYÖPÖYTÄ\VENTRILOMIX05.EXE
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\TYÖPÖYTÄ\AQUITANIA 1.23[PCGAME][H33T][MRTEK2K]\AQUITANIA.EXE.EXE
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\OMAT TIEDOSTOT\DOWNLOADS\CRADLEOFROME_PATCHED_DJSYS\CRADLEOFROMESETUP.EXE
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\TEMP\ETILQS_JOQQYGGL4V1IDRITW9XJ
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6429BB05-B19D-48E3-826F-45F6D060304D}\DBSTORE\CONTACTS.EDB
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6429BB05-B19D-48E3-826F-45F6D060304D}\DBSTORE\TEMPEDB.EDB
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6429BB05-B19D-48E3-826F-45F6D060304D}\DBSTORE\LOGFILES\EDB.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6429BB05-B19D-48E3-826F-45F6D060304D}\DBSTORE\LOGFILES\EDBTMP.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6048FB0B-E0BC-47B1-94CC-7E8C8EC9FF3A}\DBSTORE\CONTACTS.EDB
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6048FB0B-E0BC-47B1-94CC-7E8C8EC9FF3A}\DBSTORE\TEMPEDB.EDB
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6048FB0B-E0BC-47B1-94CC-7E8C8EC9FF3A}\DBSTORE\LOGFILES\EDB.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS LIVE CONTACTS\{6048FB0B-E0BC-47B1-94CC-7E8C8EC9FF3A}\DBSTORE\LOGFILES\EDBTMP.LOG
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\LOCAL SETTINGS\APPLICATION DATA\MICROSOFT\WINDOWS\USRCLASS.DAT.LOG
    * C:\Documents and Settings\Fujitsu\Local Settings\Application Data\Microsoft\Messenger\larppa80_99@hotmail.com\ObjectStore\CustomEmoticons\QwMUXQeFTbyA3F24d24EBjJl8WY=.id2\2T÷€8×ûµ µ¹ wmf0ðÉ>¨þ�¤`žªƒÞÈø9€ðÊÚrÀ<$º›â´. °d‹%å÷
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\7SIB9JAQ.DEFAULT\PARENT.LOCK
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\APPLICATION DATA\ADOBE\ACROBAT\7.0\UPDATER\ADBERDR810_FI_FI.EXE
    * C:\DOCUMENTS AND SETTINGS\FUJITSU\APPLICATION DATA\ADOBE\ACROBAT\7.0\UPDATER\ADBERDR709_FI_FI.EXE

    Options
    Scanning engines:

    Scanning options:

    * Scan all files
    * Scan inside archives
    * Use advanced heuristics

    Copyright © 1998-2009 Product support | Send virus sample to F-Secure
    F-Secure assumes no responsibility for material created or published by third parties that F-Secure World Wide Web pages have a link to. Unless you have clearly stated otherwise, by submitting material to any of our servers, for example by E-mail or via our F-Secure's CGI E-mail, you agree that the material you make available may be published in the F-Secure World Wide Pages or hard-copy publications. You will reach F-Secure public web site by clicking on underlined links. While doing this, your access will be logged to our private access statistics with your domain name. This information will not be given to any third party. You agree not to take action against us in relation to material that you submit. Unless you have clearly stated otherwise, by submitting material you warrant that F-Secure may incorporate any concepts described in it in the F-Secure products/publications without liability.

     
    J1N, Oct 13, 2009
    #5
  6. kalminen

    kalminen Regular member

    Joined:
    May 4, 2007
    Messages:
    3,915
    Likes Received:
    0
    Trophy Points:
    46
    Suosittelen poistamaan koneelta tämän ohjelman =>

    Aquitania 1.23 (rarria myöten)

    Auttoiko vuosihuolto ???
    .
     
    kalminen, Oct 14, 2009
    #6
  7. J1N

    J1N Member

    Joined:
    Jan 26, 2009
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    11
    Kummasti tuli vauhtia lisää. Kiitos ja kumarrus.
     
    J1N, Oct 14, 2009
    #7

Share This Page