kone siis huomaa kaiken maailman win32 virusjuttuja. latasinjo tuon hijackthis ohjelman ja scannasin ja tallennin lokitiedoston. osaisiko joku autaa minua tämän ongelman kanssa? olisin kiitollinen. elikkäs tässä olisi loki: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:28:58, on 29.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\WINDOWS\BUtilityBar\BisonBar.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: LimeWire On Startup.lnk = C:\Documents and Settings\jesemaan\Desktop\Uusi kansio\LimeWire\LimeWire.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe -- End of file - 9195 bytes
ajas tuosta nortonin poistotyökalu Linkki ota avastille kaveriksi palomuuri ========================== scannaa hjt:llä merkka paina Fix checked O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE ======================== Ohje AVG:n Anti-Spyware 7.5:n käyttöön Huom! Tässä ohjeessa sammutetaan tuo reaaliaikasuojaus (Shield). Näin vältetään tilanteet joissa suojaus estäisi esim HijackThis:n työkalun toimintaa. Tallenna nämä ohjeet tekstitiedostoon tai tulosta nämä, muuten et pääse niihin käsiksi vikasietotilasta Lataa AVG:n Anti-Spyware 7.5:n ja tallenna ohjelma työpöydällesi. o Kun olet ladannut ohjelman, kaksoisklikkaa asennuohjelman pikakuvaketta työpöydälläsi, asennus alkaa. o Asennuksen jälkeen täytyy ohjelma käynnistää ja sen tunnisteet päivittää. o Käynnistä AVG:n Anti-Spyware. o Klikkaa "Update" kuvaketta päävalikossa. Sen jälkeen klikkaa "Update now" painiketta. o Sitten klikkaa "Start Update" kuvaketta jolloin päivitys alkaa. o Kun päivitykset on ladattu, klikkaa "Scanner" kuvaketta ikkunan ylälaidassa. Valitse sitten "Settings" välilehti. o Kun "Settings" valikko on auennut, klikkaa "Recommended actions" ja sitten valitse "Quarantine". o Sitten "Reports" valikon alta: o Laita täppi kohtaan "Automatically generate report after every scan" o Ota täppi pois kohdasta"Only if threats were found" o Sitten klikkaa "Shield" kuvaketta ikkunan ylälaidassa o "Resident shield is", muuta tila active:sta inactive:ksi o Sulje ohjelma, ÄLÄ skannaa vielä. Käynnistä koneesi vikasietotilaan, sammuta ja käynnistä käynnistyksen yhteydessä naputtele F8 valitse nuoli näppäimellä vikasietotila paina enter ja enter HUOM! Älä käytä muita ohjelmia AVG:n skannauksen aikana, tämä saattaa häiritä skannausta. o Kun vikasietotilassa, käynnistä AVG:n Anti-Spyware. o Klikkaa "Scanner" kuvaketta ikkunan ylälaidassa ja valitse "Scan" välilehti. Sitten klikkaa "Complete System Scan". o Ewido aloittaa nyt tietokoneen skannaamisen, ole kärsivällinen sillä skannaus vie aikaa. Kun skannaus on valmis: TÄRKEÄÄ : Älä klikkaa "Save Scan Report" ennen kuin klikkaat "Apply all Actions" o Varmistu, että Set all elements to: näyttää Quarantine (1), jos ei, klikkaa linkkiä ja valitse Quarantine popup-valikosta. o Sinulta kysytään mitä tehdä jos infektioita löytyi, valitse silloin "Apply all actions" o Sitten klikkaa "Reports" kuvaketta ohjelma yläosasta. o Klikkaa "Save report as" painiketta ikkunan vasemmassa alalaidassa ja tallenna raportti työpöydälle. o Sulje ohjelma, käynnistä kone normaalisti ja lähetä AVG:n raportti viestikejuusi. =================== Lataa tuolta http://www.ccleaner.com/download/builds.aspx CCleaner v1.41.544 - Basic, ÄLÄ aseenna Yahoo toolbaria! laita asetukset näin: Valinnat --> Lisäasetukset --> Ota ruksi pois kohdasta Poista vain yli 48 tuntia vanhat tilapäistiedostot. aja Puhdistaja > tutki nappi > aja ccleaner nappi oikea alakulma aja Virheet > etsi rekisteri virheitä nappi > Korjaa rekisteri virheet. nappi
no skannasin koneen nytten tolla ohjelmalla mutta se karanteenijuttu meni pipariksi koska se jäi ruudun ulkopuolelle joten en tajunnut sitä.. joten se sis poisti jo noi kaikki ongelmat sain kyllä raportin aikaseksi mutta en tiedä onko siitä enää hyötyä.. kiitos kuitenkin. --------------------------------------------------------- AVG Anti-Spyware - Scan Report --------------------------------------------------------- + Created at: 16:15:30 29.8.2007 + Scan result: HKLM\SOFTWARE\Purchased Products\AntiVirus -> Adware.AvSystemcare : Cleaned with backup (quarantined). HKU\S-1-5-21-2414951404-3353330726-3796319079-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31615D5C-5126-448A-818A-A7CDFEE85A9B} -> Adware.Generic : Cleaned with backup (quarantined). :mozilla.160:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.161:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.162:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.59:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.2o7 : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@CAH8C7PL.txt -> TrackingCookie.2o7 : Cleaned. :mozilla.66:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.98:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.99:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adbrite : Cleaned. :mozilla.284:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.285:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adjuggler : Cleaned. :mozilla.45:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Adrevolver : Cleaned. :mozilla.182:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.183:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.53:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.54:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Adtech : Cleaned. :mozilla.10:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.11:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.12:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.13:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.14:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.172:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.173:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.174:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.175:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.176:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Advertising : Cleaned. :mozilla.154:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. :mozilla.46:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Atdmt : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@burstnet[2].txt -> TrackingCookie.Burstnet : Cleaned. :mozilla.347:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Casalemedia : Cleaned. :mozilla.16:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.47:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Doubleclick : Cleaned. :mozilla.164:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.165:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.166:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.167:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.168:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.169:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.215:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Fastclick : Cleaned. :mozilla.262:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned. :mozilla.455:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned. :mozilla.456:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Fortunecity : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@ads.gamershell[1].txt -> TrackingCookie.Gamershell : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@gamershell[1].txt -> TrackingCookie.Gamershell : Cleaned. :mozilla.135:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.369:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.56:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.58:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned. :mozilla.194:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.242:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.243:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.297:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.42:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.43:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.444:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.445:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.44:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Hitbox : Cleaned. :mozilla.193:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Hitslink : Cleaned. :mozilla.24:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.264:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.265:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned. :mozilla.461:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Ivwbox : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@search.live[2].txt -> TrackingCookie.Live : Cleaned. :mozilla.148:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Mediaplex : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@ie.search.msn[2].txt -> TrackingCookie.Msn : Cleaned. :mozilla.26:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Netflame : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@ssl-hints.netflame[2].txt -> TrackingCookie.Netflame : Cleaned. :mozilla.163:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Overture : Cleaned. :mozilla.134:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Paypal : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@ppms.popularix[1].txt -> TrackingCookie.Popularix : Cleaned. :mozilla.158:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.159:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Questionmarket : Cleaned. :mozilla.468:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Real : Cleaned. :mozilla.469:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Real : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@realguide.real[1].txt -> TrackingCookie.Real : Cleaned. :mozilla.254:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.388:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Realmedia : Cleaned. :mozilla.222:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.223:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.224:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.225:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.226:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.227:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Serving-sys : Cleaned. :mozilla.253:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.254:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.255:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.256:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Specificclick : Cleaned. :mozilla.174:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.175:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.176:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.177:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.291:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.292:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.293:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Statcounter : Cleaned. :mozilla.8:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned. :mozilla.9:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Statistik-gallup : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@CAYR0XMV.txt -> TrackingCookie.Statistik-gallup : Cleaned. :mozilla.177:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.178:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.179:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.180:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.181:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.62:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.63:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.64:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Tradedoubler : Cleaned. :mozilla.249:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.250:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Trafficmp : Cleaned. :mozilla.216:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. :mozilla.302:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Tribalfusion : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@m.webtrends[1].txt -> TrackingCookie.Webtrends : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@m.webtrends[3].txt -> TrackingCookie.Webtrends : Cleaned. :mozilla.440:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. :mozilla.49:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Webtrendslive : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@yadro[1].txt -> TrackingCookie.Yadro : Cleaned. :mozilla.116:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.117:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.118:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.118:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.119:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.120:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.120:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.121:C:\Documents and Settings\vieras\Application Data\Mozilla\Firefox\Profiles\93jz1aqa.default\cookies.txt -> TrackingCookie.Yieldmanager : Cleaned. C:\Documents and Settings\jesemaan\Cookies\jesemaan@CA8ARTPS.txt -> TrackingCookie.Yieldmanager : Cleaned. :mozilla.127:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.130:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.131:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.132:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. :mozilla.133:C:\Documents and Settings\jesemaan\Application Data\Mozilla\Firefox\Profiles\mmzyq97y.default\cookies.txt -> TrackingCookie.Zedo : Cleaned. ::Report end
ja ad-aware se löytää koko ajan lisää ja lisää turhaa roinaa koneelta.. otin siitäkin login: Ad-Aware SE Build 1.06r1 Logfile Created on:29. elokuuta 2007 16:45:09 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R188 22.08.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):8 total references Tracking Cookie(TAC index:3):2 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 29.8.2007 16:45:09 - Scan started. (Smart mode) Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 472 ThreadCreationTime : 29.8.2007 13:24:51 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 524 ThreadCreationTime : 29.8.2007 13:24:54 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 552 ThreadCreationTime : 29.8.2007 13:25:00 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 596 ThreadCreationTime : 29.8.2007 13:25:03 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 608 ThreadCreationTime : 29.8.2007 13:25:03 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 756 ThreadCreationTime : 29.8.2007 13:25:04 BasePriority : Normal FileVersion : 6.14.10.4138 ProductVersion : 6.14.10.4138 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 768 ThreadCreationTime : 29.8.2007 13:25:04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 852 ThreadCreationTime : 29.8.2007 13:25:05 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 920 ThreadCreationTime : 29.8.2007 13:25:06 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 976 ThreadCreationTime : 29.8.2007 13:25:07 BasePriority : Normal FileVersion : 6.14.10.4138 ProductVersion : 6.14.10.4138 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:11 [smc.exe] FilePath : C:\Program Files\Sygate\SPF\ ProcessID : 1036 ThreadCreationTime : 29.8.2007 13:25:07 BasePriority : Normal FileVersion : 5.6.00.2808 ProductVersion : 5.6.00.2808 ProductName : Sygate® Security Agent and Personal Firewall CompanyName : Sygate Technologies, Inc. FileDescription : Sygate Agent Firewall InternalName : Smc LegalCopyright : Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved. OriginalFilename : Smc.EXE #:12 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1096 ThreadCreationTime : 29.8.2007 13:25:09 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:13 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1132 ThreadCreationTime : 29.8.2007 13:25:11 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:14 [aswupdsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1324 ThreadCreationTime : 29.8.2007 13:25:12 BasePriority : Normal FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! Antivirus updating service InternalName : aswUpdSv.exe LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswUpdSv.exe #:15 [ashserv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1376 ThreadCreationTime : 29.8.2007 13:25:12 BasePriority : High FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! antivirus service InternalName : aswServ LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswServ.exe #:16 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1696 ThreadCreationTime : 29.8.2007 13:25:18 BasePriority : Normal FileVersion : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) ProductVersion : 6.00.2900.3156 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:17 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1936 ThreadCreationTime : 29.8.2007 13:25:25 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:18 [ehtray.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 292 ThreadCreationTime : 29.8.2007 13:25:39 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Tray Applet InternalName : ehtray LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehtray.exe #:19 [ehmsas.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 380 ThreadCreationTime : 29.8.2007 13:25:41 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Media Status Aggregator Service InternalName : eHMSAS LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehMSAS.exe #:20 [memcheck.exe] FilePath : C:\Acer\Empowering Technology\ePerformance\ ProcessID : 700 ThreadCreationTime : 29.8.2007 13:25:44 BasePriority : Normal #:21 [epower_dmc.exe] FilePath : C:\Acer\Empowering Technology\ePower\ ProcessID : 988 ThreadCreationTime : 29.8.2007 13:25:47 BasePriority : Normal FileVersion : 0.22 ProductVersion : 0.22 ProductName : Acer ePower Management FileDescription : Acer ePower Management DMC InternalName : ePower_DMC LegalCopyright : Copyright (C) 2005 Acer Incorporated OriginalFilename : ePower_DMC.exe #:22 [syntpenh.exe] FilePath : C:\Program Files\Synaptics\SynTP\ ProcessID : 1296 ThreadCreationTime : 29.8.2007 13:25:55 BasePriority : Normal FileVersion : 8.2.19 03Mar06 ProductVersion : 8.2.19 03Mar06 ProductName : Synaptics Pointing Device Driver CompanyName : Synaptics, Inc. FileDescription : Synaptics TouchPad Enhancements InternalName : Synaptics Enhancements Application LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2006 OriginalFilename : SynTPEnh.exe #:23 [lmanager.exe] FilePath : C:\PROGRA~1\LAUNCH~1\ ProcessID : 1308 ThreadCreationTime : 29.8.2007 13:25:57 BasePriority : Normal FileVersion : 1, 0, 0, 1118 ProductVersion : 1, 0, 0, 1118 ProductName : Acer Launch Manager CompanyName : Dritek System Inc. FileDescription : Acer Launch Manager Keyboard Application InternalName : Launch Manager LegalCopyright : Copyright (C) 2001-2005 Dritek System Inc. OriginalFilename : LManager.exe #:24 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 1448 ThreadCreationTime : 29.8.2007 13:25:58 BasePriority : Normal #:25 [bisonbar.exe] FilePath : C:\WINDOWS\BUtilityBar\ ProcessID : 1472 ThreadCreationTime : 29.8.2007 13:25:58 BasePriority : Normal FileVersion : 1, 0, 0, 7 ProductVersion : 1, 0, 0, 7 ProductName : BsCom Application FileDescription : BsCom MFC Application InternalName : BsCom LegalCopyright : Copyright (C) 2004 OriginalFilename : BsCom.EXE #:26 [guard.exe] FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ ProcessID : 1748 ThreadCreationTime : 29.8.2007 13:26:09 BasePriority : Normal FileVersion : 7, 5, 1, 22 ProductVersion : 7, 5, 1, 22 ProductName : AVG Anti-Spyware CompanyName : GRISOFT s.r.o. FileDescription : AVG Anti-Spyware guard InternalName : AVG Anti-Spyware guard LegalCopyright : Copyright © 2007 GRISOFT s.r.o. OriginalFilename : guard.exe #:27 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1880 ThreadCreationTime : 29.8.2007 13:26:10 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:28 [btwdins.exe] FilePath : c:\Program Files\WIDCOMM\Bluetooth Software\bin\ ProcessID : 1980 ThreadCreationTime : 29.8.2007 13:26:11 BasePriority : Normal FileVersion : 5.0.1.1500 ProductVersion : 5.0.1.1500 ProductName : Bluetooth Software 5.0.1.1500 CompanyName : Broadcom Corporation. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright 2000-2006, Broadcom Corporation. OriginalFilename : BTWDIns.EXE #:29 [ehrecvr.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 2056 ThreadCreationTime : 29.8.2007 13:26:11 BasePriority : Above Normal FileVersion : 5.1.2715.3011 (xpsp(wmbla).061009-1511) ProductVersion : 5.1.2715.3011 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Receiver Service InternalName : ehRecvr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehRecvr.exe #:30 [eragent.exe] FilePath : C:\Acer\Empowering Technology\eRecovery\ ProcessID : 2068 ThreadCreationTime : 29.8.2007 13:26:12 BasePriority : Normal FileVersion : 1.0.0.16 ProductVersion : 1.0.0.16 ProductName : eRecovery 2.0 CompanyName : Acer Inc. FileDescription : eRecovery agent InternalName : eRAgent.exe LegalCopyright : Acer Inc 2006. All rights reserved. OriginalFilename : eRAgent.exe #:31 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2076 ThreadCreationTime : 29.8.2007 13:26:12 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL.EXE #:32 [jusched.exe] FilePath : C:\Program Files\Java\jre1.6.0_02\bin\ ProcessID : 2100 ThreadCreationTime : 29.8.2007 13:26:13 BasePriority : Normal #:33 [realsched.exe] FilePath : C:\Program Files\Common Files\Real\Update_OB\ ProcessID : 2128 ThreadCreationTime : 29.8.2007 13:26:14 BasePriority : Normal FileVersion : 0.1.0.3725 ProductVersion : 0.1.0.3725 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:34 [ehsched.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 2132 ThreadCreationTime : 29.8.2007 13:26:14 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Scheduler Service InternalName : ehSched LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehSched.exe #:35 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 2240 ThreadCreationTime : 29.8.2007 13:26:15 BasePriority : Normal FileVersion : 7.1.6 ProductVersion : QuickTime 7.1.6 ProductName : QuickTime CompanyName : Apple Inc. FileDescription : QuickTime Task InternalName : QuickTime Task LegalCopyright : Copyright Apple Inc. 1989-2007 OriginalFilename : QTTask.exe #:36 [ashdisp.exe] FilePath : C:\PROGRA~1\ALWILS~1\Avast4\ ProcessID : 2252 ThreadCreationTime : 29.8.2007 13:26:15 BasePriority : Normal FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! service GUI component InternalName : aswDisp LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswDisp.exe #:37 [lssrvc.exe] FilePath : C:\Program Files\Common Files\LightScribe\ ProcessID : 2256 ThreadCreationTime : 29.8.2007 13:26:16 BasePriority : Normal FileVersion : 1.4.74.1 ProductName : LightScribe CompanyName : Hewlett-Packard Company LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, LP OriginalFilename : LSSrvc.exe #:38 [avgas.exe] FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ ProcessID : 2376 ThreadCreationTime : 29.8.2007 13:26:19 BasePriority : Normal FileVersion : 7, 5, 1, 43 ProductVersion : 7, 5, 1, 43 ProductName : AVG Anti-Spyware CompanyName : GRISOFT s.r.o. FileDescription : AVG Anti-Spyware InternalName : AVG Anti-Spyware LegalCopyright : Copyright © 2007 GRISOFT s.r.o. OriginalFilename : avgas.exe #:39 [msnmsgr.exe] FilePath : C:\Program Files\MSN Messenger\ ProcessID : 2448 ThreadCreationTime : 29.8.2007 13:26:22 BasePriority : Normal FileVersion : 8.1.0178.00 ProductVersion : 8.1.0178 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msnmsgr.exe LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved. OriginalFilename : msnmsgr.exe #:40 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2508 ThreadCreationTime : 29.8.2007 13:26:23 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:41 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2532 ThreadCreationTime : 29.8.2007 13:26:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:42 [acer.empowering.framework.launcher.exe] FilePath : C:\Acer\Empowering Technology\ ProcessID : 2780 ThreadCreationTime : 29.8.2007 13:26:29 BasePriority : Normal #:43 [bttray.exe] FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\ ProcessID : 2836 ThreadCreationTime : 29.8.2007 13:26:31 BasePriority : Normal FileVersion : 5.0.1.1500 ProductVersion : 5.0.1.1500 ProductName : Bluetooth Software 5.0.1.1500 CompanyName : Broadcom Corporation. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright 2000-2006, Broadcom Corporation. OriginalFilename : BTTray.exe #:44 [mcrdsvc.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 2848 ThreadCreationTime : 29.8.2007 13:26:32 BasePriority : Normal FileVersion : 4.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 4.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : MCRD Device Service InternalName : McrdSvc.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : McrdSvc.exe #:45 [ashmaisv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 3456 ThreadCreationTime : 29.8.2007 13:26:58 BasePriority : Normal #:46 [ashwebsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 3592 ThreadCreationTime : 29.8.2007 13:26:59 BasePriority : Normal #:47 [wmiapsrv.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 3816 ThreadCreationTime : 29.8.2007 13:27:01 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI Performance Adapter Service InternalName : WmiApSrv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WmiApSrv.exe #:48 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 3864 ThreadCreationTime : 29.8.2007 13:27:02 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:49 [dllhost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3892 ThreadCreationTime : 29.8.2007 13:27:02 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : COM Surrogate InternalName : dllhost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : dllhost.exe #:50 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 4068 ThreadCreationTime : 29.8.2007 13:27:04 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:51 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 1680 ThreadCreationTime : 29.8.2007 13:27:08 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:52 [unsecapp.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 2796 ThreadCreationTime : 29.8.2007 13:27:10 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : unsecapp.dll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : unsecapp.dll #:53 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 2656 ThreadCreationTime : 29.8.2007 13:27:25 BasePriority : Normal #:54 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 2744 ThreadCreationTime : 29.8.2007 13:27:26 BasePriority : Normal #:55 [livecall.exe] FilePath : C:\Program Files\MSN Messenger\ ProcessID : 3180 ThreadCreationTime : 29.8.2007 13:37:45 BasePriority : Normal FileVersion : 1.1.161.0 ProductVersion : 1.1.161.0 ProductName : Windows Live Call CompanyName : Microsoft Corporation FileDescription : Windows Live Call InternalName : livecall LegalCopyright : Copyright © 2006 Microsoft Corporation. All rights reserved. OriginalFilename : livecall.exe #:56 [utorrent.exe] FilePath : C:\Program Files\uTorrent\ ProcessID : 2120 ThreadCreationTime : 29.8.2007 13:38:21 BasePriority : Normal #:57 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3528 ThreadCreationTime : 29.8.2007 13:44:40 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 0 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : jesemaan@atdmt[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:jesemaan@atdmt.com/ Expires : 27.8.2012 3:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : jesemaan@statistik-gallup[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:jesemaan@statistik-gallup.net/ Expires : 1.1.2030 3:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 2 Objects found so far: 2 Deep scanning and examining files... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\WINDOWS »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\WINDOWS\system32 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Disk Scan Result for C:\DOCUME~1\jesemaan\LOCALS~1\Temp\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 2 Scanning Hosts file...... Hosts file location:"C:\WINDOWS\system32\drivers\etc\hosts". »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Hosts file scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» 1 entries scanned. New critical objects:0 Objects found so far: 2 MRU List Object Recognized! Location: : C:\Documents and Settings\jesemaan\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\applets\wordpad\recent file list Description : list of recent files opened using wordpad MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened Performing conditional scans... »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Conditional scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 16:47:34 Scan Complete Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:02:25.407 Objects scanned:106784 Objects identified:2 Objects ignored:0 New critical objects:2
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:09:34, on 29.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\PROGRA~1\LAUNCH~1\LManager.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\BUtilityBar\BisonBar.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\QuickTime\qttask.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\WINDOWS\system32\svchost.exe C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\MSN Messenger\livecall.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing) -- End of file - 8563 bytes
scannaa hjt:llä merkkaa paina Fix checked O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe (file missing) Kopioi / liitä seuraava teksti alapuolella tyhjään muistioFiluun Varmista että tiedoston tyyppi on ”all Files” ja tallenna se Poisto.bat. nimisenä työpöydällesi. @echo off sc stop "Symantec Core LC" sc delete "Symantec Core LC" Tupla-klikkaa Poisto.bat. filua työpöydälläsi , ikkuna avautuu ja Sulkeutuu tämä on normaalia. ============== Poista vikasiedossa C:\Program Files\Common Files\Symantec Shared
nyt on tuo homma tehty.. mutta vielä löytyy kun skannaa ad-awarella niin jotain tracking coocieita.. ? tossa oisi vielä tuo ad-awaren logi.. sillä niitä ihmeellisiä "tracking coocieita" löydänkin. kone tuntuu olevan päivä päivältä vain hitaampi ja niitä löytyy joka päivä.. mitenhän tämän saisi korjattua. kiitoksia jo näistä aikaisemmin annetuista neuvoista, niistä on todella ollut apua Ad-Aware SE Build 1.06r1 Logfile Created on:29. elokuuta 2007 18:56:28 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R188 22.08.2007 »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» References detected during the scan: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» MRU List(TAC index:0):10 total references Tracking Cookie(TAC index:3):2 total references »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 29.8.2007 18:56:28 - Scan started. (Full System Scan) MRU List Object Recognized! Location: : C:\Documents and Settings\jesemaan\recent Description : list of recently opened documents MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct3d MRU List Object Recognized! Location: : software\microsoft\direct3d\mostrecentapplication Description : most recent application to use microsoft direct X MRU List Object Recognized! Location: : software\microsoft\directdraw\mostrecentapplication Description : most recent application to use microsoft directdraw MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\search assistant\acmru Description : list of recent search terms used with the search assistant MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\comdlg32\lastvisitedmru Description : list of recent programs opened MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\comdlg32\opensavemru Description : list of recently saved files, stored according to file extension MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows\currentversion\explorer\recentdocs Description : list of recent documents opened MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\microsoft\windows media\wmsdk\general Description : windows media sdk MRU List Object Recognized! Location: : S-1-5-21-2414951404-3353330726-3796319079-1005\software\winrar\dialogedithistory\extrpath Description : winrar "extract-to" history Listing running processes »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» #:1 [smss.exe] FilePath : \SystemRoot\System32\ ProcessID : 472 ThreadCreationTime : 29.8.2007 15:51:59 BasePriority : Normal #:2 [csrss.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 524 ThreadCreationTime : 29.8.2007 15:52:02 BasePriority : Normal #:3 [winlogon.exe] FilePath : \??\C:\WINDOWS\system32\ ProcessID : 552 ThreadCreationTime : 29.8.2007 15:52:08 BasePriority : High #:4 [services.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 596 ThreadCreationTime : 29.8.2007 15:52:10 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Services and Controller app InternalName : services.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : services.exe #:5 [lsass.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 608 ThreadCreationTime : 29.8.2007 15:52:10 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : LSA Shell (Export Version) InternalName : lsass.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : lsass.exe #:6 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 752 ThreadCreationTime : 29.8.2007 15:52:12 BasePriority : Normal FileVersion : 6.14.10.4138 ProductVersion : 6.14.10.4138 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:7 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 764 ThreadCreationTime : 29.8.2007 15:52:12 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:8 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 840 ThreadCreationTime : 29.8.2007 15:52:13 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:9 [svchost.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 908 ThreadCreationTime : 29.8.2007 15:52:14 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:10 [ati2evxx.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 960 ThreadCreationTime : 29.8.2007 15:52:15 BasePriority : Normal FileVersion : 6.14.10.4138 ProductVersion : 6.14.10.4138 ProductName : ATI External Event Utility for WindowsNT and Windows9X CompanyName : ATI Technologies Inc. FileDescription : ATI External Event Utility EXE Module InternalName : ATI2EVXX.EXE LegalCopyright : Copyright © 1999-2004 ATI Technologies Inc. OriginalFilename : ATI2EVXX.EXE #:11 [smc.exe] FilePath : C:\Program Files\Sygate\SPF\ ProcessID : 1020 ThreadCreationTime : 29.8.2007 15:52:15 BasePriority : Normal FileVersion : 5.6.00.2808 ProductVersion : 5.6.00.2808 ProductName : Sygate® Security Agent and Personal Firewall CompanyName : Sygate Technologies, Inc. FileDescription : Sygate Agent Firewall InternalName : Smc LegalCopyright : Copyright © 1999 - 2004 Sygate Technologies, Inc. All rights reserved. OriginalFilename : Smc.EXE #:12 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1100 ThreadCreationTime : 29.8.2007 15:52:19 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:13 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1132 ThreadCreationTime : 29.8.2007 15:52:19 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:14 [aswupdsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1316 ThreadCreationTime : 29.8.2007 15:52:21 BasePriority : Normal FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! Antivirus updating service InternalName : aswUpdSv.exe LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswUpdSv.exe #:15 [ashserv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 1364 ThreadCreationTime : 29.8.2007 15:52:21 BasePriority : High FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! antivirus service InternalName : aswServ LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswServ.exe #:16 [spoolsv.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1824 ThreadCreationTime : 29.8.2007 15:52:29 BasePriority : Normal FileVersion : 5.1.2600.2696 (xpsp_sp2_gdr.050610-1519) ProductVersion : 5.1.2600.2696 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Spooler SubSystem App InternalName : spoolsv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : spoolsv.exe #:17 [explorer.exe] FilePath : C:\WINDOWS\ ProcessID : 1900 ThreadCreationTime : 29.8.2007 15:52:33 BasePriority : Normal FileVersion : 6.00.2900.3156 (xpsp_sp2_gdr.070613-1234) ProductVersion : 6.00.2900.3156 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Windows Explorer InternalName : explorer LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : EXPLORER.EXE #:18 [memcheck.exe] FilePath : C:\Acer\Empowering Technology\ePerformance\ ProcessID : 224 ThreadCreationTime : 29.8.2007 15:52:41 BasePriority : Normal #:19 [ehtray.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 264 ThreadCreationTime : 29.8.2007 15:52:44 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Tray Applet InternalName : ehtray LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehtray.exe #:20 [ehmsas.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 956 ThreadCreationTime : 29.8.2007 15:52:59 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Media Status Aggregator Service InternalName : eHMSAS LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehMSAS.exe #:21 [guard.exe] FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ ProcessID : 1272 ThreadCreationTime : 29.8.2007 15:53:03 BasePriority : Normal FileVersion : 7, 5, 1, 22 ProductVersion : 7, 5, 1, 22 ProductName : AVG Anti-Spyware CompanyName : GRISOFT s.r.o. FileDescription : AVG Anti-Spyware guard InternalName : AVG Anti-Spyware guard LegalCopyright : Copyright © 2007 GRISOFT s.r.o. OriginalFilename : guard.exe #:22 [epower_dmc.exe] FilePath : C:\Acer\Empowering Technology\ePower\ ProcessID : 1464 ThreadCreationTime : 29.8.2007 15:53:04 BasePriority : Normal FileVersion : 0.22 ProductVersion : 0.22 ProductName : Acer ePower Management FileDescription : Acer ePower Management DMC InternalName : ePower_DMC LegalCopyright : Copyright (C) 2005 Acer Incorporated OriginalFilename : ePower_DMC.exe #:23 [syntpenh.exe] FilePath : C:\Program Files\Synaptics\SynTP\ ProcessID : 1564 ThreadCreationTime : 29.8.2007 15:53:06 BasePriority : Normal FileVersion : 8.2.19 03Mar06 ProductVersion : 8.2.19 03Mar06 ProductName : Synaptics Pointing Device Driver CompanyName : Synaptics, Inc. FileDescription : Synaptics TouchPad Enhancements InternalName : Synaptics Enhancements Application LegalCopyright : Copyright (C) Synaptics, Inc. 1996-2006 OriginalFilename : SynTPEnh.exe #:24 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1540 ThreadCreationTime : 29.8.2007 15:53:07 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:25 [lmanager.exe] FilePath : C:\PROGRA~1\LAUNCH~1\ ProcessID : 1604 ThreadCreationTime : 29.8.2007 15:53:07 BasePriority : Normal FileVersion : 1, 0, 0, 1118 ProductVersion : 1, 0, 0, 1118 ProductName : Acer Launch Manager CompanyName : Dritek System Inc. FileDescription : Acer Launch Manager Keyboard Application InternalName : Launch Manager LegalCopyright : Copyright (C) 2001-2005 Dritek System Inc. OriginalFilename : LManager.exe #:26 [bisonbar.exe] FilePath : C:\WINDOWS\BUtilityBar\ ProcessID : 1708 ThreadCreationTime : 29.8.2007 15:53:08 BasePriority : Normal FileVersion : 1, 0, 0, 7 ProductVersion : 1, 0, 0, 7 ProductName : BsCom Application FileDescription : BsCom MFC Application InternalName : BsCom LegalCopyright : Copyright (C) 2004 OriginalFilename : BsCom.EXE #:27 [btwdins.exe] FilePath : c:\Program Files\WIDCOMM\Bluetooth Software\bin\ ProcessID : 1724 ThreadCreationTime : 29.8.2007 15:53:08 BasePriority : Normal FileVersion : 5.0.1.1500 ProductVersion : 5.0.1.1500 ProductName : Bluetooth Software 5.0.1.1500 CompanyName : Broadcom Corporation. FileDescription : Bluetooth Support Server InternalName : BTWDIns LegalCopyright : Copyright 2000-2006, Broadcom Corporation. OriginalFilename : BTWDIns.EXE #:28 [eragent.exe] FilePath : C:\Acer\Empowering Technology\eRecovery\ ProcessID : 1720 ThreadCreationTime : 29.8.2007 15:53:08 BasePriority : Normal FileVersion : 1.0.0.16 ProductVersion : 1.0.0.16 ProductName : eRecovery 2.0 CompanyName : Acer Inc. FileDescription : eRecovery agent InternalName : eRAgent.exe LegalCopyright : Acer Inc 2006. All rights reserved. OriginalFilename : eRAgent.exe #:29 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 1640 ThreadCreationTime : 29.8.2007 15:53:09 BasePriority : Normal #:30 [rundll32.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 1912 ThreadCreationTime : 29.8.2007 15:53:09 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Run a DLL as an App InternalName : rundll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : RUNDLL.EXE #:31 [ehrecvr.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 1948 ThreadCreationTime : 29.8.2007 15:53:10 BasePriority : Above Normal FileVersion : 5.1.2715.3011 (xpsp(wmbla).061009-1511) ProductVersion : 5.1.2715.3011 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Receiver Service InternalName : ehRecvr LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehRecvr.exe #:32 [jusched.exe] FilePath : C:\Program Files\Java\jre1.6.0_02\bin\ ProcessID : 1956 ThreadCreationTime : 29.8.2007 15:53:12 BasePriority : Normal #:33 [realsched.exe] FilePath : C:\Program Files\Common Files\Real\Update_OB\ ProcessID : 1968 ThreadCreationTime : 29.8.2007 15:53:13 BasePriority : Normal FileVersion : 0.1.0.3725 ProductVersion : 0.1.0.3725 ProductName : RealPlayer (32-bit) CompanyName : RealNetworks, Inc. FileDescription : RealNetworks Scheduler InternalName : schedapp LegalCopyright : Copyright © RealNetworks, Inc. 1995-2004 LegalTrademarks : RealAudio(tm) is a trademark of RealNetworks, Inc. OriginalFilename : realsched.exe #:34 [qttask.exe] FilePath : C:\Program Files\QuickTime\ ProcessID : 2088 ThreadCreationTime : 29.8.2007 15:53:15 BasePriority : Normal FileVersion : 7.1.6 ProductVersion : QuickTime 7.1.6 ProductName : QuickTime CompanyName : Apple Inc. FileDescription : QuickTime Task InternalName : QuickTime Task LegalCopyright : Copyright Apple Inc. 1989-2007 OriginalFilename : QTTask.exe #:35 [ashdisp.exe] FilePath : C:\PROGRA~1\ALWILS~1\Avast4\ ProcessID : 2100 ThreadCreationTime : 29.8.2007 15:53:16 BasePriority : Normal FileVersion : 4, 7, 1029, 0 ProductVersion : 4, 7, 0, 0 ProductName : avast! Antivirus CompanyName : ALWIL Software FileDescription : avast! service GUI component InternalName : aswDisp LegalCopyright : Copyright (c) 2007 ALWIL Software OriginalFilename : aswDisp.exe #:36 [ehsched.exe] FilePath : C:\WINDOWS\eHome\ ProcessID : 2224 ThreadCreationTime : 29.8.2007 15:53:21 BasePriority : Normal FileVersion : 5.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 5.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Media Center Scheduler Service InternalName : ehSched LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ehSched.exe #:37 [avgas.exe] FilePath : C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\ ProcessID : 2232 ThreadCreationTime : 29.8.2007 15:53:21 BasePriority : Normal FileVersion : 7, 5, 1, 43 ProductVersion : 7, 5, 1, 43 ProductName : AVG Anti-Spyware CompanyName : GRISOFT s.r.o. FileDescription : AVG Anti-Spyware InternalName : AVG Anti-Spyware LegalCopyright : Copyright © 2007 GRISOFT s.r.o. OriginalFilename : avgas.exe #:38 [msnmsgr.exe] FilePath : C:\Program Files\MSN Messenger\ ProcessID : 2320 ThreadCreationTime : 29.8.2007 15:53:24 BasePriority : Normal FileVersion : 8.1.0178.00 ProductVersion : 8.1.0178 ProductName : Messenger CompanyName : Microsoft Corporation FileDescription : Messenger InternalName : msnmsgr.exe LegalCopyright : Copyright (c) Microsoft Corporation. All rights reserved. OriginalFilename : msnmsgr.exe #:39 [lssrvc.exe] FilePath : C:\Program Files\Common Files\LightScribe\ ProcessID : 2340 ThreadCreationTime : 29.8.2007 15:53:24 BasePriority : Normal FileVersion : 1.4.74.1 ProductName : LightScribe CompanyName : Hewlett-Packard Company LegalCopyright : © Copyright 2003-2006 Hewlett-Packard Development Company, LP OriginalFilename : LSSrvc.exe #:40 [reader_sl.exe] FilePath : C:\Program Files\Adobe\Acrobat 7.0\Reader\ ProcessID : 2644 ThreadCreationTime : 29.8.2007 15:53:33 BasePriority : Normal FileVersion : 7.0.0.0 ProductVersion : 7.0.0.0 ProductName : Adobe Acrobat CompanyName : Adobe Systems Incorporated FileDescription : Adobe Acrobat SpeedLauncher LegalCopyright : Copyright Adobe Systems Incorporated 2004 OriginalFilename : AcroSpeedLaunch.exe #:41 [acer.empowering.framework.launcher.exe] FilePath : C:\Acer\Empowering Technology\ ProcessID : 2688 ThreadCreationTime : 29.8.2007 15:53:34 BasePriority : Normal #:42 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2760 ThreadCreationTime : 29.8.2007 15:53:36 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:43 [svchost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2804 ThreadCreationTime : 29.8.2007 15:53:38 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Generic Host Process for Win32 Services InternalName : svchost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : svchost.exe #:44 [bttray.exe] FilePath : C:\Program Files\WIDCOMM\Bluetooth Software\ ProcessID : 2912 ThreadCreationTime : 29.8.2007 15:53:41 BasePriority : Normal FileVersion : 5.0.1.1500 ProductVersion : 5.0.1.1500 ProductName : Bluetooth Software 5.0.1.1500 CompanyName : Broadcom Corporation. FileDescription : Bluetooth Tray Application InternalName : BTTray LegalCopyright : Copyright 2000-2006, Broadcom Corporation. OriginalFilename : BTTray.exe #:45 [mcrdsvc.exe] FilePath : C:\WINDOWS\ehome\ ProcessID : 3068 ThreadCreationTime : 29.8.2007 15:53:45 BasePriority : Normal FileVersion : 4.1.2710.2732 (xpsp(wmbla).050805-1239) ProductVersion : 4.1.2710.2732 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : MCRD Device Service InternalName : McrdSvc.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : McrdSvc.exe #:46 [ashmaisv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 3776 ThreadCreationTime : 29.8.2007 15:54:08 BasePriority : Normal #:47 [ashwebsv.exe] FilePath : C:\Program Files\Alwil Software\Avast4\ ProcessID : 4076 ThreadCreationTime : 29.8.2007 15:54:15 BasePriority : Normal #:48 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 1624 ThreadCreationTime : 29.8.2007 15:54:19 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:49 [wmiapsrv.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 2152 ThreadCreationTime : 29.8.2007 15:54:19 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI Performance Adapter Service InternalName : WmiApSrv.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : WmiApSrv.exe #:50 [dllhost.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 2580 ThreadCreationTime : 29.8.2007 15:54:21 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : COM Surrogate InternalName : dllhost.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : dllhost.exe #:51 [wmiprvse.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 3372 ThreadCreationTime : 29.8.2007 15:54:24 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : Wmiprvse.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : Wmiprvse.exe #:52 [alg.exe] FilePath : C:\WINDOWS\System32\ ProcessID : 3384 ThreadCreationTime : 29.8.2007 15:54:25 BasePriority : Normal FileVersion : 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158) ProductVersion : 5.1.2600.2180 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : Application Layer Gateway Service InternalName : ALG.exe LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : ALG.exe #:53 [unsecapp.exe] FilePath : C:\WINDOWS\system32\wbem\ ProcessID : 2720 ThreadCreationTime : 29.8.2007 15:54:34 BasePriority : Normal FileVersion : 5.1.2600.0 (xpclient.010817-1148) ProductVersion : 5.1.2600.0 ProductName : Microsoft® Windows® Operating System CompanyName : Microsoft Corporation FileDescription : WMI InternalName : unsecapp.dll LegalCopyright : © Microsoft Corporation. All rights reserved. OriginalFilename : unsecapp.dll #:54 [wuauclt.exe] FilePath : C:\WINDOWS\system32\ ProcessID : 3988 ThreadCreationTime : 29.8.2007 15:54:46 BasePriority : Normal #:55 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 2484 ThreadCreationTime : 29.8.2007 15:54:52 BasePriority : Normal #:56 [cli.exe] FilePath : C:\Program Files\ATI Technologies\ATI.ACE\ ProcessID : 2676 ThreadCreationTime : 29.8.2007 15:54:52 BasePriority : Normal #:57 [ad-aware.exe] FilePath : C:\Program Files\Lavasoft\Ad-Aware SE Personal\ ProcessID : 3260 ThreadCreationTime : 29.8.2007 15:55:40 BasePriority : Normal FileVersion : 6.2.0.236 ProductVersion : SE 106 ProductName : Lavasoft Ad-Aware SE CompanyName : Lavasoft Sweden FileDescription : Ad-Aware SE Core application InternalName : Ad-Aware.exe LegalCopyright : Copyright © Lavasoft AB Sweden OriginalFilename : Ad-Aware.exe Comments : All Rights Reserved #:58 [avast.setup] FilePath : C:\Program Files\Alwil Software\Avast4\setup\ ProcessID : 2012 ThreadCreationTime : 29.8.2007 15:56:19 BasePriority : Below Normal Memory scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Registry Scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started deep registry scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Deep registry scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 10 Started Tracking Cookie scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Tracking Cookie Object Recognized! Type : IECache Entry Data : jesemaan@atdmt[2].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:jesemaan@atdmt.com/ Expires : 27.8.2012 3:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking Cookie Object Recognized! Type : IECache Entry Data : jesemaan@statistik-gallup[1].txt TAC Rating : 3 Category : Data Miner Comment : Hits:1 Value : Cookie:jesemaan@statistik-gallup.net/ Expires : 1.1.2030 3:00:00 LastSync : Hits:1 UseCount : 0 Hits : 1 Tracking cookie scan result: »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 2 Objects found so far: 12 Deep scanning and examining files (C »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Disk Scan Result for C:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 12 Deep scanning and examining files (D »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» <STOP> Disk Scan Result for D:\ »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» New critical objects: 0 Objects found so far: 12 19:11:05 Scan stopped by user Summary Of This Scan »»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»»» Total scanning time:00:14:36.844 Objects scanned:178285 Objects identified:2 Objects ignored:0 New critical objects:2
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:39:38, on 30.8.2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Sygate\SPF\smc.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Acer\Empowering Technology\ePerformance\MemCheck.exe C:\WINDOWS\Explorer.EXE c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Acer\Empowering Technology\ePower\ePower_DMC.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\WINDOWS\BUtilityBar\BisonBar.exe C:\Acer\Empowering Technology\eRecovery\eRAgent.exe C:\Program Files\ATI Technologies\ATI.ACE\CLI.EXE C:\WINDOWS\system32\rundll32.exe C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe C:\Program Files\Common Files\Real\Update_OB\realsched.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe C:\Program Files\Lavasoft\Ad-Aware SE Personal\Ad-Aware.exe R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [ntiMUI] C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart.exe" O4 - HKLM\..\Run: [BisonBar] C:\WINDOWS\BUtilityBar\BisonBar.exe O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering Technology\eRecovery\eRAgent.exe O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe" O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [SmcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Steam] "c:\program files\steam\steam.exe" -silent O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Acer Empowering Technology.lnk = C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe O4 - Global Startup: BTTray.lnk = ? O8 - Extra context menu item: Lähetä &Bluetooth-laitteeseen... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-UNO1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod-palvelu (iPod Service) - Unknown owner - C:\Program Files\iPod\bin\iPodService.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe -- End of file - 7576 bytes
scannaa hjt:llä merkkaa paina Fix checked R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) ei lokissa muuta näy
suuri kiitos näkemästäsi vaivasta! enää ei löydy mitään troijalaisia koneelta. enää ad-aware löytää vain jotain MRU list juttuja mitä en kovin vakaviksi näe, ja niitä cookiessejä on mutta poistan ne aina vaikka ne kai ei haittaa mitään.
