1. Tämä sivusto käyttää keksejä (cookie). Jatkamalla sivuston käyttämistä hyväksyt keksien käyttämisen. Lue lisää.

eScan löysi viiruksia

Viestiketju Virukset ja haittaohjelmat -osiossa. Ketjun avasi Zaon 10.12.2005.

  1. Zaon

    Zaon Regular member

    Liittynyt:
    14.11.2005
    Viestejä:
    191
    Kiitokset:
    0
    Pisteet:
    26
    Tossa skannasin eScanilla ja löysi 90 virusta..! tossa lukee, että se uudelleennimesi 21 ja poisti 29, mutta mitäs toi Errors sit meinaa? niitä on 56.
    Laitan tähän ton eScanin tulokset:

    File C:\Documents and Settings\Aleksi\Application Data\New Flaw Curb\bufyhzue.0xe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Application Data\New Flaw Curb\SURF START.0XE infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Cookies\aleksi@zedo[2].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Aleksi\Local Settings\Temp\jrxhokzp.0xe infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temp\LTZSTOSV.0XE infected by "Trojan-Downloader.Win32.Swizzor.dc" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\88SY5JS1\YSB_PROMPT[1].0TM infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\BNX3JDGW\a072ad[1].0s infected by "Trojan-Downloader.JS.Small.af" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\CQDFA5I2\sploit[1].anr infected by "Trojan-Downloader.Win32.Ani.c" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\FNPJ7L0W\PROMPT[1].0TM infected by "Trojan-Downloader.JS.IstBar.k" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\FNPJ7L0W\prompt[1].1tm infected by "Trojan-Downloader.JS.IstBar.k" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\FNPJ7L0W\PROMPT[2].0TM infected by "Trojan-Downloader.JS.IstBar.k" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\FNPJ7L0W\prompt[3].0tm infected by "Trojan-Downloader.JS.IstBar.k" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\FNPJ7L0W\PROMPT[4].0TM infected by "Trojan-Downloader.JS.IstBar.k" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\HIJK3MNX\ADV68[1].0TM infected by "Exploit.HTML.Mht" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Aleksi\Local Settings\Temporary Internet Files\Content.IE5\WR332OPD\PROMPT[1].0TM infected by "Trojan-Downloader.JS.IstBar.j" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Helena\Local Settings\Temporary Internet Files\Content.IE5\8TWDU34D\content37885-0[1].htm tagged as not-a-virus:AdWare.Win32.Gator.k. No Action Taken.
    File C:\Documents and Settings\Helena\Local Settings\Temporary Internet Files\Content.IE5\GRFJA8TL\content25360-0[1].htm tagged as not-a-virus:AdWare.Win32.Gator.k. No Action Taken.
    File C:\Documents and Settings\Helena\Local Settings\Temporary Internet Files\Content.IE5\WHYF4HYN\content34938-0[1].htm tagged as not-a-virus:AdWare.Win32.Gator.k. No Action Taken.
    File C:\Documents and Settings\Toni\Application Data\Mozilla\Firefox\Profiles\ijz535ks.Oletuskäyttäjä\Cache\08854ABDd01 tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
    File C:\Documents and Settings\Toni\Application Data\New Flaw Curb\fgewmqvf.exe tagged as not-a-virus:AdWare.Win32.Lop.j. No Action Taken.
    File C:\Documents and Settings\Toni\Application Data\New Flaw Curb\GLOBAL SECOND SUPPORT NOUN.0xe infected by "Trojan-Downloader.Win32.Swizzor.ca" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Application Data\New Flaw Curb\HIDE AXIS MEMO.0XE infected by "Trojan-Downloader.Win32.Swizzor.cb" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Application Data\New Flaw Curb\uconqowo.exe tagged as not-a-virus:AdWare.Win32.Lop.j. No Action Taken.
    File C:\Documents and Settings\Toni\Application Data\Ping Plan\PLAY ATOM.0XE infected by "Trojan-Downloader.Win32.Swizzor.bo" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-3c936701-6df414c2.zip infected by "Trojan-Downloader.Java.OpenStream.t" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[10].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[2].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[3].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[4].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[5].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[6].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[7].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@0[8].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@247realmedia[2].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@2o7[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@a.as-us.falkag[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@adrevolver[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@ads.addynamix[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@ads.pointroll[2].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@ads.uproar[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Cookies\toni ja allu@adtech[1].txt infected by "BkCln.Unknown" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni\Local Settings\Temp\apiznkaq.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\aqtaklam.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\bcgefsdd.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\bdwnjcxf.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\caxcjwzq.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\ceyyeeeh.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\cytontxg.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\daydwtgt.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\ewrelfgd.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\fglzneot.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\fyoublry.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\gsrqvssr.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\ioppglzx.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\iwwqsdxp.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\jvjdttzl.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\kmgpxniw.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\lfvdpwbr.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\LIST218467.0XE infected by "Trojan-Dropper.Win32.Small.rl" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Local Settings\Temp\mcxvarcu.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\mhxgkkyi.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\mssnhhuf.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\nhztypbb.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\nyuyeotr.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\picdypnz.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\qgoqqcng.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\rkeqtdxj.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\roenvkfx.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\sxancvrh.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\tfzylmcu.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\Tilapäinen kansio 1 Grand Theft Auto - San Andreas Rockstar Games crack.zip\FILE.0BS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Local Settings\Temp\Tilapäinen kansio 1 GTA 3 Crack.zip\FILE.0BS infected by "Email-Worm.VBS.Gedza" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni\Local Settings\Temp\trluipok.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\ubjpjdjg.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Local Settings\Temp\uixiddzo.exe tagged as not-a-virus:AdWare.Win32.Lop.m. No Action Taken.
    File C:\Documents and Settings\Toni\Omat tiedostot\BSINSTALL.exe tagged as not-a-virus:AdWare.Win32.SaveNow.z. No Action Taken.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Mozilla\Firefox\Profiles\xpicq3hj.Oletuskäyttäjä\Cache\1B7EC1FAd01 infected by "Trojan-Downloader.Win32.IstBar.ki" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-15599ffc-7645a0ae.class infected by "Trojan.Java.ClassLoader.c" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-44eba5ec-58f5baeb.class infected by "Trojan.Java.ClassLoader.Dummy.d" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-3cfa0102-6ab425cf.class infected by "Exploit.Java.Bytverify" Virus. Action Taken: File Renamed.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\java.jar-bae16f0-722596a1.zip infected by "Trojan-Downloader.Java.OpenConnection.aj" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\javainstaller.jar-5aa0b436-634dbaf9.zip infected by "Trojan-Downloader.Java.OpenStream.w" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\loaderadv661.jar-897c2ff-732bceca.zip infected by "Trojan-Downloader.Java.OpenStream.c" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Local Settings\Temporary Internet Files\Content.IE5\01EZ8X6R\sploit[1].anr infected by "Trojan-Downloader.Win32.Ani.c" Virus. Action Taken: File Deleted.
    File C:\Documents and Settings\Toni ja Allu\Local Settings\Temporary Internet Files\Content.IE5\HLKOYBY7\free[1].anr infected by "Trojan-Downloader.Win32.Ani.c" Virus. Action Taken: File Deleted.
    File C:\Program Files\Adware\f.0xe infected by "Backdoor.Win32.Wootbot.ax" Virus. Action Taken: File Renamed.
    File C:\Program Files\Adware\link.0xe infected by "IM-Worm.Win32.Bropia.n" Virus. Action Taken: File Deleted.
    File G:\Quarantine\B6BB56A1-88D2-4F3C-8FE8-FD7EEB\149EF57F-6DA7-4876-8DD3-05A22F tagged as not-a-virus:AdWare.Win32.Gator.3010. No Action Taken.
    File G:\Quarantine\B6BB56A1-88D2-4F3C-8FE8-FD7EEB\599C08F0-0731-4B5F-882F-46AF16 tagged as not-a-virus:AdWare.Win32.DashBar.a. No Action Taken.

    Tossa kun tarkemmin kattelin, niin siinä on noita Trojan downloadereita aikas paljon.. Ja myös noita spywareita..

    Laitan myös HJT-login tähän jos se auttais..

    Logfile of HijackThis v1.99.1
    Scan saved at 17:04:27, on 10.12.2005
    Platform: Windows XP SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\brsvc01a.exe
    C:\WINDOWS\system32\brss01a.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\PROGRA~1\ELISAT~1\backweb\4476822\Program\SERVIC~1.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\FSGK32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\backweb\4476822\program\fsbwsys.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fssm32.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMB32.EXE
    C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FCH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FAMEH32.EXE
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsqh.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsrw.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsav32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\igfxtray.exe
    C:\WINDOWS\System32\hkcmd.exe
    C:\WINDOWS\SOUNDMAN.EXE
    C:\WINDOWS\AGRSMMSG.exe
    C:\Program Files\A-Link\RoadRunner 11 ADSL\CnxDslTb.exe
    C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE
    C:\WINDOWS\system32\LVCOMSX.EXE
    C:\Program Files\Logitech\Video\LogiTray.exe
    C:\Program Files\QuickTime\qttask.exe
    C:\PROGRA~1\ELISAT~1\ANTI-S~1\fsaw.exe
    C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    C:\Program Files\Brother\ControlCenter2\brctrcen.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\WINDOWS\system32\ctfmon.exe
    G:\Jotai Paskaa\Steam.exe
    C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\fsguidll.exe
    C:\Program Files\Elisa Tietoturvapalvelu\backweb\4476822\Program\fspex.exe
    C:\Program Files\Logitech\Video\FxSvr2.exe
    C:\Program Files\MSN Messenger\msnmsgr.exe
    G:\escan\mwavscan.com
    G:\escan\kavss.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\hjt\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Linkit
    O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
    O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
    O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.4000.1001\fi\msntb.dll
    O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
    O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
    O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\A-Link\RoadRunner 11 ADSL\CnxDslTb.exe"
    O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Elisa Tietoturvapalvelu\Common\FSM32.EXE" /splash
    O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
    O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
    O4 - HKLM\..\Run: [LogitechVideoTray] C:\Program Files\Logitech\Video\LogiTray.exe
    O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Elisa Tietoturvapalvelu\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
    O4 - HKLM\..\Run: [F-Secure Startup Wizard] "C:\Program Files\Elisa Tietoturvapalvelu\FSGUI\FSSW.EXE" /reboot
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
    O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
    O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
    O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [LogitechSoftwareUpdate] "C:\Program Files\Logitech\Video\ManifestEngine.exe" boot
    O4 - HKCU\..\Run: [Steam] "G:\Jotai Paskaa\Steam.exe" -silent
    O4 - Global Startup: F-Secure Anti-Virus 2006.lnk = C:\Program Files\Elisa Tietoturvapalvelu\backweb\4476822\Program\fspex.exe
    O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
    O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
    O8 - Extra context menu item: &Estä tämä kohoikkuna - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\blockpopups.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: IE-suojaus - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra 'Tools' menuitem: IE-suojaus... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Spyware\ieshield.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O14 - IERESET.INF: START_PAGE_URL=http://elisa.net/
    O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab31267.cab
    O16 - DPF: {14B87622-7E19-4EA8-93B3-97215F77A6BC} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab31267.cab
    O16 - DPF: {2917297F-F02B-4B9D-81DF-494B6333150B} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab31267.cab
    O16 - DPF: {8B6193F1-837F-11D4-89E6-0050DA666184} (Sol2axctl Class) - http://download.solitaire.com/download/solitaire.cab
    O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
    O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (ZoneIntro Class) - http://messenger.zone.msn.com/binary/ZIntro.cab31267.cab
    O16 - DPF: {BD393C14-72AD-4790-A095-76522973D6B8} (CBreakshotControl Class) - http://messenger.zone.msn.com/binary/Bankshot.cab31267.cab
    O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab31267.cab
    O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab
    O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
    O20 - AppInit_DLLs: MsgPlusLoader.dll
    O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
    O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\ELISAT~1\backweb\4476822\Program\SERVIC~1.EXE
    O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
    O23 - Service: CA License Client (CA_LIC_CLNT) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
    O23 - Service: CA License Server (CA_LIC_SRVR) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmtd.exe
    O23 - Service: F-Secure Gatekeeper Handler Starter - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Anti-Virus\fsgk32st.exe
    O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\Elisa Tietoturvapalvelu\backweb\4476822\program\fsbwsys.exe
    O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\FWES\Program\fsdfwd.exe
    O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Elisa Tietoturvapalvelu\Common\FSMA32.EXE
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
     
  2.  
  3. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    HjT-loki on ok.

    Laita piilotiedostot näkyviin, ohje ->http://keskustelu.afterdawn.com/thread_view.cfm/248944

    Käynnistä vikasietotilaan (F8 käynnistyksen yhteydessä)

    Tyhjennä IE:n väliaikaistiedostot ja
    nämä hakemistot(siis poista kaikki tiedostot, älä ko.hakemistoja):

    C:\Documents and Settings\Toni\Local Settings\Temp\
    G:\Quarantine

    Poista nämä hakemistot:

    C:\Documents and Settings\Toni\Application Data\==>New Flaw Curb<==
    C:\Documents and Settings\Toni\Application Data\==>Ping Plan<==
     
  4. Zaon

    Zaon Regular member

    Liittynyt:
    14.11.2005
    Viestejä:
    191
    Kiitokset:
    0
    Pisteet:
    26
    Poistin nuo.. Lähtikö noi tuolla pois..?
     
  5. -kemisti-

    -kemisti- Active member

    Liittynyt:
    06.06.2005
    Viestejä:
    6,305
    Kiitokset:
    0
    Pisteet:
    96
    Kyllä, ainakin ne, mitkä oli "no action taken". Joku noista "file renamed"-filuista saattoi jäädä, mutta se ei ole niin vakavaa. Suuri osa niistä(yhtä lukuunottamatta) oli nimittäin bugeja (evästeitä).
     
  6. Zaon

    Zaon Regular member

    Liittynyt:
    14.11.2005
    Viestejä:
    191
    Kiitokset:
    0
    Pisteet:
    26
    ok..kiitoksia..
     
  7. aaxxeell

    aaxxeell Regular member

    Liittynyt:
    28.07.2005
    Viestejä:
    2,145
    Kiitokset:
    0
    Pisteet:
    46
    Tuohon evästeiden ja rekisteri virheiden poistoon suosittelen
    Ccleaner -> http://www.ccleaner.com/download126.asp
    Poista kaikki turhat tiedostot ja ajaa virheet läpi rekisteristä ja poistaa turhat. Muista merkata rastit joka kohtaa ellei toisin halua.
     

Jaa tämä sivu